Share your ideas to help improve the HydroGeoSphere user experience. Your feedback plays an important role in guiding future development— whether it’s new commands, workflow enhancements, or usability improvements that support more efficient integrated hydrologic modelling.

The HydroGeoSphere May 2026 release is now available for download.

This month’s update focuses on improving evapotranspiration stability, runtime performance, and boundary condition flexibility, while also adding several useful new commands for segment selection and Tecplot visualization. Together, these updates improve reliability, speed up preprocessing and post-processing workflows, and provide more control when working with surface boundary conditions in HydroGeoSphere (HGS).

New boundary condition commands (see hydrosphere_ref.pdf)

• bound time-file table

• bound time-file table to surface elevation offset

These commands allow users to cap head values defined in a time-file table when applying head or pressure head boundary conditions.

New segment selection command
The new command choose segments polyline no diagonals works similarly to choose segments polyline but restricts selected segments to mesh edges only, avoiding diagonal connections.

New Tecplot export command
The new command chosen segments to tecplot exports the current segment selection directly to a Tecplot ASCII file, simplifying visualization and debugging of selected segment sets.

Performance improvements

• Improved the performance of computing output times in hgs2vtu when processing binary output files.

• Improved the performance of the regional model command when reading porous medium mesh files.

• Improved grok I/O performance through the use of buffered I/O.

Improved Linux compatibility for verification layouts
Fixed broken layout files in the verification folder and updated them to be more Linux friendly.

Improved snowmelt boundary condition error checking
Added validation to ensure that the snowmelt boundary condition can only be specified once within a model setup.

Updated reporting of simulation times
Refined reporting of target times and output times in the .eco file so that nonzero initial simulation times are handled correctly.

Fix for ET subsurface wetness factor computation
Resolved a bug in the evapotranspiration calculation that caused a division by zero when the minimum evaporation limiting saturation was equal to the maximum evaporation limiting saturation. This improves stability when working with customized ET parameter definitions.

As business leaders from across the province gathered for the 2026 Ontario Chamber of Commerce (OCC) AGM and Convention under the theme “Ontario Connected: Business Without Barriers,” a clear message emerged: the recent expansion of U.S. Section 232 tariffs is putting jobs, investment, and integrated supply chains at risk in Ontario, and across the binational Great Lakes region.

The recent expansion of U.S. duties to the entire value of steel, aluminum, copper and derivative products – not just the metal content – poses an immediate risk to 15,000 jobs in southwestern Ontario alone, and thousands more in manufacturing supply chains across the province and in U.S. states.

“After a year in which tariffs devastated manufacturing in both Canada and the U.S., this new measure throws another wrench in the engine of the North American economy,” said Daniel Tisch, President and CEO of the Ontario Chamber of Commerce. “These tariffs are not well-understood, and that’s why Ontario businesses are sounding the alarm. Without swift relief, orders will vanish, investments will be shelved, and good jobs will be lost.”

For many businesses, the strain is already visible. Companies report absorbing sudden cost increases, losing long-standing U.S. customers, and delaying or cancelling expansion plans. Some are scaling back production or pausing hiring decisions.

“Businesses need two things from governments right now: relief and resolution,” Tisch added. “In the short term, that means reinstating remissions and providing targeted cash-flow support. But we also need a durable fix, one that’s negotiated between the two nations. If we get this wrong, we’re not just hurting Ontario, we’re undermining North America’s competitive edge.”

As Canada and the United States prepare for the upcoming CUSMA review, Ontario’s business community is united in its message: protect what works, fix what doesn’t, and remove barriers that put jobs and communities at risk.

“Our Chamber supports the call from the federal and provincial governments to support business sectors that are being impacted unfairly targeted by Trump’s ridiculous tariffs. Support is needed now to help these sectors and their businesses get through this period of crisis before the CUSMA negotiations start. We cannot wait for the US midterm elections or a return to sanity in the White House. Action is required now, and we have full confidence that Canada and Ontario will step up again.”

— Ian McLean, President and CEO, The Greater KW Chamber of Commerce

The post Businesses Call for Urgent Action on Expanded U.S. Tariffs at Ontario Chamber AGM appeared first on Greater KW Chamber of Commerce.

May 4th, 2026

Minister Harris,

We noted your recent letter related to the Region of Waterloo’s water crisis and agree immediate action is needed.

The business and investment community continues to be deeply concerned about the holding provisions on approved development applications, as well as the freeze on processing new applications. This uncertainty is effectively freezing investment decisions, resulting in capital and labour shifting to other jurisdictions.

At its core, businesses need certainty. They need to know when Waterloo Region will once again be “open for business.” As of today, it is not.

There is no question that this issue must be addressed, and we recognize that the Region has approved a range of immediate and medium-term infrastructure projects related to water. However, there is no immediate risk that justifies the complete shutdown currently in place.

The Region’s own timelines indicate that infrastructure renewal efforts will take 12 to 24 months to restore full development capacity. This timeline is unacceptable.

The following questions are on the top of mind of many in the Region:

– What is the timeline for lifting holding provisions on approved applications?
– When will new development applications be received and processed without delay?

The clarity to these critical questions cannot come months from now. Rather they must be made clear in a matter of weeks. Investment, financing, and skilled labour depend on confidence that Waterloo Region is a place for business and growth.

Once again, we agree the time is now for all of the relevant ministries and the Region to bring clarity and a clear timeline, so the Region is open for business.

Respectfully,

Ian McLean
President & CEO
Greater Kitchener Waterloo Chamber of Commerce

Greg Durocher
President & CEO
Cambridge Chamber of Commerce

The post Time for Action: Business Leaders Warn of Investment Freeze in Waterloo Region appeared first on Greater KW Chamber of Commerce.

♦It's been a bit chaotic here at home, which has kept me away from this blog, but I do want to thank Miss Liz for a fantastic podcast "teatime" back on April 23rd at 7 p.m. wherein we talked about The Night Girl, my development as a writer, the perks and challenges of storywriting, and about the benefits of fan fiction in building yourself as a writer. You can check out the stream on YouTube here, and the episode is also available on Spotify. Thanks again, Miss Liz, for a wonderful teatime!

After a particularly lengthy and harsh winter, spring has finally sprung. Good news: we now have green after what seems like forever. Bad news: this means it's allergy season. Oh, well.

I have to admit that I feel like I've been struggling creatively at the moment. Intellectually, I would like to work on finishing my latest draft of The Cloud Riders, but practice has not matched the theory. My creativity has instead focused a lot on my Transit Toronto videos (see one of my favourites here). This is frustrating to me, as I'd hoped to have a draft of The Cloud Riders done by July of last year, and I'm still only about two-thirds done.

But I can't deny that my video work on Transit Toronto hasn't been a creative outlet. It's just a different medium and a different subject. I've produced things ranging from five-minute art pieces filled with timelapse shots around Union Station to an edit of vintage footage of streetcars on Kingston Road in east Toronto in 1969, to a ride-along featuring a lengthy commentary on the history of commuter rail in Montreal. For the past six months, I've been helping my team shift our YouTube operations onto a new channel that's more stable and prepped for succession, and I've been downloading, updating and uploading hundreds of older videos onto the new channel, in the hopes of getting the new one monetized as quickly as possible.

This has taken up a lot of my creative energy but also provided a lot of creative satisfaction. Except it's happening at the expense of my writing, and I'm starting to feel the withdrawal.

The Bible quote goes "No one can serve two masters. Either you will hate the one and love the other, or you will be devoted to the one and despite the other." (Matthew 6:24). But there aren't just two masters here. There's three; possibly more.

I write because I love to write. In this economy, this has to be the primary reason most writers write. I am very fortunate to be able to write for my dayjob, but that's separate from what I like to write. I can write press releases, business proposals, technical reports, or educational books for kids, but my passion is in young adult writing, science fiction and fantasy. And in transit history and videos therein.

You see my problem: I have a day job. And I have a passion. And my passion is divided, which divides everything about my passions.

As a science fiction/fantasy/young adult writer, my passion brings me in contact with a community of people who are also passionate about science fiction/fantasy, young adult literature and writing. And as a rail and transit fan, my passion here brings me in contact with a community of people who are also passionate about rail and transit and who create content based on that. There is rarely any crossover between the two communities (though I know of one or two individuals who cross the boundaries with me).

I'm forced to wonder whether having my passions divided makes me less able to commit to each one individually. I have two passionate communities to engage with, but possibly not as deeply as if I only had one. Right now, I've been pumping out a lot of transit-related content and contributing a lot to the Transit Toronto YouTube channel, but will that last? Or will I end up stepping back and letting others take up the slack and, if so, am I letting those people down?

On the other hand, I have said that having two book projects on the go is a good way to avoid writers' block. If you encounter frustrations with one project, you can move onto the other in order to maintain momentum, while you work on your first project's issues at the back of your mind. The best chefs are able to use their back burners to great effect, though I think this might end up being stressful if one project was under a deadline, and the second project was calling to you.

I don't see an easy solution other than to keep pursuing my passions in whatever direction they take me, and to try to nudge progress forward on The Cloud Riders as best I can, in the hopes that something snags my interest again. And, maybe by saying this out loud, I'll reach others who are experiencing similar issues. This is not an issue to fix, but it is an issue that is easier to handle when you know you're not alone, as I suspect I'm not.

The Waterloo Region real estate market continued to show signs of stabilization in April 2026 as we moved further into the spring market. While overall activity remains steady, the pace of the market has changed. Buyers are still active, but they are being more selective, taking more time to compare options, and placing a stronger focus on value.

This is not a slow market. It is a more selective one.

For homeowners thinking about selling in Kitchener, Waterloo, Cambridge, or the surrounding area, the key takeaway is simple: the opportunity is still there, but strategy matters more than ever.

April brought a modest shift in overall market activity. Sales were down 7.6% year-over-year, while new listings remained relatively flat, down just 0.9%. Inventory also decreased 5.0% compared to April 2025, leaving the market with 3.6 months of supply.

While 3.6 months of inventory is in line with this time last year, it is still higher than what we have historically seen in more competitive seller’s markets. This means buyers have more choice than they did during the high-pressure markets of previous years, but demand has not disappeared.

From a pricing perspective, values remain modestly lower year-over-year, but there are signs of improved stability month-over-month. Prices have shown modest gains across several property types as the spring market has progressed, including single-family homes, townhomes, and condos.

Across Kitchener-Waterloo and Cambridge, prices remain down approximately 4% to 7% year-over-year, but the month-over-month improvement suggests the market is continuing to find its footing.

In April 2026, Waterloo Region saw:

• 561 homes sold, down 7.6% year-over-year
• Average sale price of $754,877, down 3.8% year-over-year
• 1,386 new listings, down 0.9% year-over-year
• 3.6 months of inventory, in line with last year
• Average days on market of 25 days, up 4.2%

These numbers point to a more balanced real estate market in Waterloo Region. Homes are still selling, but buyers are no longer rushing into offers with the same level of urgency we saw in previous years.

Source: Cornerstone Association of REALTORS®

While the year-over-year numbers still reflect softer pricing and slightly longer selling times, the more important takeaway is how the market is functioning today.

Inventory levels have improved, which gives buyers more options. Buyers remain active, but they are taking more time to compare homes, review pricing, and make decisions. Well-priced homes are still selling, but the market is more measured and price-sensitive.

We are also continuing to see strong showing activity and buyer engagement across Waterloo Region. However, offers are becoming more value-driven. Buyers are doing their homework, watching comparable sales closely, and responding more cautiously to homes they feel are overpriced.
This means pricing is playing a major role in how a home performs.

A home that is priced accurately from the beginning can still attract strong interest. A home that is priced too high may sit longer, require a price adjustment, or lose momentum during its most important first few weeks on the market.

Source: Cornerstone Association of REALTORS®

One of the clearest trends in the April 2026 Waterloo Region housing market is the difference between property types.

Single-family homes have remained relatively stable, with sales holding flat month-over-month and only moderate price adjustments. Detached homes in strong neighbourhoods continue to attract serious buyer interest, especially when they are well-prepared, well-marketed, and priced in line with current market conditions.

Townhomes and condos, however, are experiencing softer demand. Sales in this segment are down 18.7% year-over-year, with longer days on market and higher inventory levels.

This divide matters.

While the overall Waterloo Region market remains active, not every property type is performing the same way. Condo and townhome sellers may need to be more strategic with pricing and presentation, especially as buyers compare more options and take longer to make decisions.

Homes are taking slightly longer to sell overall, particularly in the condo segment, but timelines remain reasonable when properties are positioned properly.

For sellers, the April 2026 market is not a “list it and wait for multiple offers” environment. The market has shifted, and buyers have become more careful.

That does not mean sellers are out of luck. It means the right strategy is essential.

Buyers are more informed. They are comparing neighbourhoods, property condition, recent sales, and asking prices before making a move. Overpriced homes are sitting longer, while well-prepared and well-positioned homes are still attracting strong interest.

With more inventory available, sellers are facing more competition. That makes pricing, presentation, and exposure more important than ever.
Before listing your home, it is important to understand:

• How your property compares to similar active listings
• What has recently sold in your neighbourhood
• How buyers are responding to your price point
• Whether your home is positioned properly for current demand
• How your marketing will help your property stand out

In this type of market, success comes down to more than simply putting a sign on the lawn. Sellers need a clear pricing strategy, strong listing preparation, professional marketing, and an understanding of how buyers are behaving right now.

Waterloo Region is in a more balanced spring real estate market.

This is not the high-pressure, multiple-offer market of past years, but it is still an active market where the right homes are selling. Buyers are out there, but they are more selective, more cautious, and more focused on value.

For sellers, that means the homes getting the strongest results are the ones that are priced accurately, presented well, and marketed strategically from day 1.

The opportunity is still there, but the margin for error is smaller.

Broader housing trends across Ontario and Canada continue to influence buyer behaviour in Waterloo Region.

The Bank of Canada has held its overnight rate steady at 2.25%, which has helped create a more stable borrowing environment for buyers. At the same time, elevated bond yields continue to place upward pressure on fixed mortgage rates. This is influencing how buyers approach affordability, monthly payments, and timing.

Affordability has improved slightly compared to last year, which is helping support ongoing buyer activity. However, buyers are still being careful. Many are watching rates, comparing options, and waiting for the right home at the right price.

Despite broader market uncertainty, Waterloo Region continues to show relative stability. The region remains supported by consistent demand, strong local employment, respected post-secondary institutions, and long-term buyer interest in communities such as Kitchener, Waterloo, and Cambridge.

Compared to many surrounding markets, Waterloo Region continues to perform steadily.

Buyers now have more choice and more negotiating power, but the market remains active, especially for well-priced homes in strong neighbourhoods. The biggest difference from previous years is buyer urgency.

Instead of rushing into offers, buyers are moving more thoughtfully. They are looking for value, reviewing comparable sales, and taking time to make confident decisions.

For sellers, this means your pricing and marketing strategy need to reflect the market we are in today, not the market we saw 2 or 3 years ago.

The Waterloo Region real estate market is continuing to find its footing as we move through the spring season. Conditions have become more balanced, and there are clear differences in how various property types are performing.

Single-family homes remain relatively steady, while condos and townhomes are facing more pressure from softer demand, longer timelines, and increased competition.

Buyers remain active, but they are approaching decisions more thoughtfully. They are focused on value, options, and whether a home is priced appropriately for today’s market.

The key takeaway is this: in today’s Waterloo Region real estate market, success comes down to a tailored approach. Understanding the competition, reading buyer behaviour in real time, and positioning your home strategically can directly impact your result.

If you are considering making a move this year, we would be happy to walk you through what these numbers mean for your home, your goals, and your specific situation.

The post Waterloo Region Real Estate Market Update: May 2026 appeared first on Kitchener Waterloo Real Estate Agent - The Deutschmann Team.

♦

Recently dropped was the list of Canada’s 100 Best restaurants and best bars. It’s a sparkling annual compilation that has appeared for about a decade, and the selections from across Canada are presented with an informative and engaging elan — plus it’s really fun just to dip in and, vicariously, “explore” some excellent restaurants from coast to coast.

Previous to the new May list being announced, I wrote a short introduction to Antheia, on Somerset West in Ottawa, for the C100B magazine: that story is here (available for purchase).

Otherwise, Pearl Morrisette, in Jordan Station, is numero uno on the list, while the inimitable Langdon Hall (which I recently very happily visited) checked in at 18: both are simply superb.

After only a few month open, and after quite a significant time as a work-in-progress for chef-owner Briana Kim, Antheia took its spot as C100B #76. Congrats to the staff and best wishes with what is probably one of Canada’s most unique venues.

And … it was terrific to also see a couple of other Ottawa restaurants make the list: Atelier (on my list to visit) registered #54, while Arlo Wine Bar — an absolute favourite spot of mine — took #77.

Photo/Jamie Kronick

Check out my latest post Ottawa and Canada’s 100 Best Restaurants from AndrewCoppolino.com.

The 2026 Ontario Provincial Budget introduces a series of measures aimed at supporting business investment and improving competitiveness, with a particular focus on small and medium-sized enterprises. The most notable change is a reduction in the small business corporate income tax rate, alongside additional incentives intended to encourage capital investment and business growth.

The central feature of the budget is a reduction in Ontario’s small business corporate income tax rate, which will fall from 3.2% to 2.2% beginning July 1, 2026. This change applies to Canadian-controlled private corporations (CCPCs) on the first $500,000 of active business income.

For many small businesses, this change is expected to result in annual savings of several thousand dollars, depending on income levels and business structure. The intent of this measure is to improve after-tax profitability, strengthen cash flow, and support reinvestment within the small business sector.

The government estimates that a significant number of businesses across the province will benefit from the lower tax rate. Taken together with other business-related tax measures, the budget outlines multi-billion-dollar levels of total tax relief over the coming years. Overall, the direction of the policy reflects a continued effort to enhance Ontario’s competitiveness and support businesses operating in a high-cost and high-pressure economic environment.

The reduced tax rate applies specifically to Canadian-controlled private corporations earning active business income. The lower rate applies only to income up to $500,000 annually, with standard corporate tax rates continuing to apply beyond that threshold. As a result, the benefit is primarily concentrated among small and mid-sized businesses, while larger or rapidly growing firms will see the benefit taper as income increases beyond the eligibility limit.

In addition to the corporate tax reduction, the budget includes measures intended to support business investment and productivity. These include enhanced provisions that allow businesses to deduct eligible capital investments more quickly, including equipment, machinery, and technology-related assets. This change is intended to improve near-term cash flow by accelerating tax deductions.

The budget also strengthens support for manufacturing and industrial investment through an enhanced investment tax credit for qualifying capital expenditures. These measures are particularly relevant for capital-intensive sectors where reinvestment and modernization are key drivers of growth.

Important Trade-Offs and Longer-Term Considerations

While the budget introduces measures that reduce corporate tax liability, business owners should also consider the broader tax environment when planning. The benefit of the reduced corporate tax rate is limited to retained earnings within the business and applies only up to the specified income threshold. Federal corporate tax rates remain unchanged, meaning overall corporate taxation continues to be a combination of federal and provincial components.

In addition, as with any tax policy change, the overall impact for individual businesses will vary depending on their structure, income levels, and how profits are allocated between reinvestment and owner compensation.

What This Means for Business Owners

For many businesses, the most immediate impact will be improved cash flow at the corporate level and increased retained earnings. This may provide additional capacity for reinvestment in operations, staffing, and capital upgrades.

Businesses that prioritize growth and reinvestment are likely to benefit most directly from the combination of lower tax rates and enhanced capital investment incentives.

At the same time, owner-operated businesses should ensure they consider the full tax picture when planning compensation strategies, as corporate-level savings do not automatically translate into lower personal tax liability.

Overall, the 2026 Ontario Budget introduces a targeted reduction in small business taxation alongside measures intended to support investment and business growth. The reduction in the small business tax rate from 3.2% to 2.2% represents the most significant direct change for eligible businesses, improving after-tax cash flow and supporting reinvestment capacity.

The full impact of these changes will vary by business type and structure, making proactive financial and tax planning an important consideration as businesses assess how best to respond to the evolving policy environment.

The Greater Kitchener Waterloo Chamber of Commerce will continue to support our members through advocacy with all levels of government to assist Waterloo Region employers in maintaining and expanding their operations amidst our current economic uncertainties. We will ensure that relevant information is provided when available.

The post Ontario Provincial Budget 2026: What Small Businesses Need to Know appeared first on Greater KW Chamber of Commerce.

Justice Parry through his recent, courageous and forward seeking decision to put 48 female whiners and complainers in their place can only be given the due he deserves. With full knowledge that all the lefties, some righties, men and women of all shapes and colours would find fault with his independent, long thought out and incredibly humourous exaggerations that he used in order to calm the ever complaining masses. This award has of course been named after another giant of jurisprudence, Robert Reilly, who pioneered the advanced technique of dismissing witness credibility based upon zero evidence presented on the matter. Now of course Robert Reilly was a mere piker compared to Justice Craig Parry but innovators sometimes have to begin small. Both gentlemen have surmounted the tightly constrained and impeded bounds of logic, fact and reason with their obviously male talent of foresight, psychic vision and mind reading capabilities far in advance of their peers, their critics, and humanity in general.

This award known as the RR DUMBASS could easily have been mistaken for the name of their joint pleasure yacht the SS DUMBASS but for the foresight of  Mr. Reilly's parents' naming abilities. It is rumoured that they too were giants in their fields as well. Clearly the apple does not fall far from the tree and Mr. Reilly's legal exploits are as equally balanced as his bicycle riding we are advised. Further praise and public recognition may be forthcoming for both gentlemen at the planned festivities outside the Elmira Waste Water Treatment Plant this Saturday at 11 am.  All are welcome although sore losers and complainers will be met with Waterloo Region's finest batons and pepper spray.

Register: Online at our KWality Talk Page, the attendance link will be included in an email the day of the event.

Location: Online. Please ensure that your onscreen name matches your registration name.

Time: The meeting starts between 11:55 am and 12:00 pm, a waiting room might be enabled if you arrive prior to this time. Meeting ends at approximately 1:00 pm.

Speaker: Tina Fletcher

Topic:

When I started my career twenty years ago, software quality basically meant “no bugs,” and testing meant executing a finite set of cases. Since then, I’ve watched the concept evolve alongside significant shifts in technology and industry practices. Because these changes have been largely additive, we face an ever-expanding horizon of what “good” software looks like.

In this talk, I offer a definition of modern software quality that incorporates the many expectations accumulated from technological and process trends such as Agile, automated testing, cloud hosting, DevOps, and AI. Drawing on my own painful experiences with neglecting or misunderstanding the evolving dimensions of quality, I’ll share examples of what I’ve learned from them and what effective practices can look like.

To help organize and categorize this laundry list of quality-related things to be responsible for, we will break them down into four key pillars:

• User Value: Building the Right Thing (strategic alignment, risk assessment, measurable impact)
• Product Health: Testing the Things We Can Predict (enabling and executing solid testing strategies)
• Operational Health: Dealing with the Unexpected (observability, recovery, non-derministic behaviour)
• Sustainability: Holistic Stewardship (security, cost, performance, accessibility, maintainability)

We’ll cover a series of questions to help you explore and audit your team’s practices in each area, followed by a set of prompts to help you determine where the next quality evolution is likely to come from in your context.

While the field may have been simpler when I began, the constant transformation is what has kept it exciting. Fortunately, today it’s easier than ever to learn a new skill that can bring more value to your users and your business. As a final thought, I hope to leave you with the realization that the most important software quality strategy is the willingness to adapt, evolve, and stay curious in an ever-changing landscape.

Bio: 

Tina Fletcher is an Engineering leader who brings a software quality-focused mindset to the teams and projects she leads. She’s also a Director on the KWSQA Board, an occasional conference speaker, and a bit obsessed with her vegetable garden. Find her online at tinafletcher.ca.

• ♦ 0b7f62e

  Should be using smart case insensitive searching

Dear Friend,

This spring, we’re sharing a difficult truth. For many children and youth who have experienced abuse or crime, the impact doesn’t end when the harm stops.

It can live on in anxiety, in fear, in sleepless nights and overwhelming thoughts.

Children like Jenna.* When Jenna first came to us, she was quiet and withdrawn. She stayed close to her caregiver, unsure who she could trust.

But with the right support, something powerful can begin to change.

At Child Witness Centre, children and youth are met with compassionate, trauma-informed care that helps them begin to feel safe again.

• They begin to understand what they’ve experienced.
• They learn ways to cope with difficult thoughts and emotions.
• They rebuild confidence, connection, and a sense of control.

Right now, your gift will be matched – doubling your impact. All donations will be matched up to $5,000, thanks to Badge of Hope.

That means twice the support, twice the care, and twice the opportunity for a child like Jenna to begin healing.

Warmest regards,
Robin Heald | Executive Director

*Name changed to respect confidentiality. This child’s story reflects countless clients we support on a regular basis.

Giving options include: on our website, by phone (519-744-0904) with your credit card, by e-transfer, or by mailing/delivering a cheque payable to Child Witness Centre to our office (111 Duke St E, Kitchener, ON N2H 1A4). Thank you!

The post Spring Appeal: Make a Powerful Difference for Local Kids first appeared on Child Witness Centre.

♦

KITCHENER - The Kitchener Panthers are proud to announce the signing of outfielder Mateo Zeppieri.

The 23-year-old hit .289 with the Panthers last season, primarily slotted in as the lead off hitter.

He had 24 hits, including 11 for extra bases. Six of those were home runs.

He is coming off his final year at Richmond, where he saw limited action.

Previously, he was with Mount St. Mary's University (NCAA D1), where he hit .231 in spring 2025. He had 12 home runs and 40 RBI in 48 games with the Mountaineers.

"I'm excited to have Mateo start the season with us this year," said general manager Shanif Hirani.

"As soon as he joined our team midway through last season, he flashed his elite power, but also helped solidify our outfield defence. His all around game complements our lineup really well."

============

MATEO ZEPPIERI

• Bats/Pitches: L/R
• Hometown: Newcastle, ON
• Birthdate: April 8, 2003
• Pronunciation: muh-TAY-oh ZEP-ee-AIR-ee

You’re invited to a Health and Wellness Fair at KW Habilitation, a free, fun, and inclusive event focused on promoting well-being for everyone in our community!

Location: 99 Ottawa Street South, Kitchener
Date & Time: June 4, 2026 from 6:00 PM – 7:30 PM
Cost: Free!
Who’s Welcome: Everyone!
RAFFLE PRIZES TOO!

This event brings together a wide range of local vendors and wellness activities designed to support your mind, body, and community connections. Whether you’re looking to explore new wellness services, learn about community resources, or just enjoy a relaxing evening, there’s something here for you.

Vendor Highlights Include:

• Medical Device and Supply Providers: Westmount Place Pharmacy, Silver Cross, Adaptive Clothing
• Community Activities and Groups: Special Olympics, Sports for Special Athletes, Red Line Fitness
• Health and Aging: Arnold Hearing Centre, Hospice Waterloo Region, St. Mary’s Health @ Home

Crescendo Choir Performance
6:00 PM – 6:20 PM in the Parking Lot
Enjoy a live performance from Crescendo Choir, WRDSBs Special Education Choir that will lift your spirits and celebrate our community’s talent.

Tae Kwon Do Demonstration
6:30 PM – 7:00 PM in the Parking Lot
Be inspired by a high-energy martial arts demo showcasing strength, focus, and discipline.

Please note: There is no parking available at 99 Ottawa Street South.
Free parking is available nearby at:

• 124 Sydney Street
• 85 Ottawa Street South

Come connect with local organizations, learn about healthy living options, and enjoy activities that focus on wellness in all forms. We can’t wait to see you there!

The post KW Habilitation Health and Wellness Fair appeared first on KW Habilitation.

Why our brains keep choosing aesthetics over logic — and how it’s quietly shaping the future of work.

There’s an invisible variable shaping more of our lives than most of us are comfortable admitting. It doesn’t show up on resumes, no recruiter will ever say it out loud, and yet it quietly influences who gets attention first, who gets trusted faster, and who gets remembered longer. The more I pay attention to it, the more it feels less like a personal trait and more like a background system, something always running, rarely questioned, but constantly affecting outcomes.

We call it pretty privilege. And honestly, the name still feels too soft for how much impact it actually has.

I didn’t arrive at this idea through theory. It came from small, forgettable moments that started stacking up into a pattern I could no longer ignore. Try to remember your last Zoom meeting. Not the agenda or the metrics, but the screen itself. Those small rectangles lined up in silence, each one waiting for its turn to speak. Someone leans slightly closer to the camera, inhales like they’re about to contribute something important, and then it happens. Another voice cuts in. A different square lights up. The first microphone flickers on, then off again. No one calls it out, but everyone notices.

Same meeting. Same topic. Same level of competence.

Different gravity.

At some point, I stopped asking who was better. I started asking something more uncomfortable. Why does it feel like the room has already decided before the conversation even begins?

We’ve spent years swallowing the promise of meritocracy. Work hard, be competent, and things will align. I used to believe that almost by default because it offers a clean narrative and a sense of control. But the more you observe how people respond to each other in real situations, the harder it becomes to ignore the cracks. Put two equally capable people in the same room and something shifts before either of them completes their first sentence. One is read as confident almost instantly, while the other has to earn that label slowly, sometimes painfully. Same idea. Same delivery. Different starting line.

Psychology calls it the halo effect, but that term feels too polite for what’s actually happening. If I’m being honest, it feels more like Automatic Rendering. The brain upgrades the visuals before it processes the substance. When someone attractive speaks, their ideas seem sharper, more structured, more convincing, as if you’re watching them in high resolution with perfect lighting. Someone else might be delivering something equally valuable, but it lands flatter, like the connection isn’t quite stable.

And here’s the part that stays with me.

We don’t feel like we’re being unfair when it happens. We call it intuition. We trust it. But in reality, it’s often just the brain taking a shortcut, choosing efficiency over accuracy, and disguising that shortcut as insight.

Blaming modern culture alone feels too easy. This didn’t start with social media. Evolution doesn’t care about your meritocracy; it cares about efficiency. Our brains are still running legacy software from a time when quick visual judgment meant survival. There’s a biological layer behind it that’s hard to ignore. When we see symmetry or conventionally attractive features, the brain triggers small dopaminergic rewards, subtle signals that say, this feels right. That reaction happens before logic even has a chance to load.

It’s a survival shortcut that simply hasn’t been updated, running legacy code in a high-speed digital world.

Before the internet, these biases had physical limits; they were confined to offices, classrooms, and small social circles, which made them easier to overlook because their impact felt localized. But the moment the feed replaced the room, those boundaries disappeared. First impressions are no longer handshakes, they are scrolls, repeated hundreds of times a day, turning something once situational into something constant.

Algorithms don’t care about fairness. They care about eyeballs.

An attractive face functions like a perfectly optimized thumbnail. It buys you a second of attention, just enough to interrupt someone’s scrolling pattern. That second becomes a pause, the pause becomes engagement, and the system quietly amplifies it. More reach leads to more visibility, and more visibility starts to look like credibility. Over time, the line between perception and merit begins to blur, until the advantage feels earned, even when it wasn’t neutral to begin with.

The more I observe platforms like LinkedIn, the harder it is to ignore how subtle this has become. A well-lit photo, a clean aesthetic, a face that fits a certain mold, and suddenly the exact same idea feels sharper, more trustworthy. Nothing about the substance changes. Only the packaging does.

This becomes even more layered when you look at women in tech.

I’ve seen a female software engineer spend hours solving a deeply complex production issue, breaking it down into something clear and accessible, and sharing it publicly. It’s the kind of content that should trigger thoughtful discussion, maybe even admiration for the technical depth behind it. But look at the comment section, and you’ll see the halo effect mutate into something more subtle and more frustrating. While she’s presenting a masterclass in debugging, the feedback loop drifts toward her lipstick shade, her headphones, or the aesthetic of her workspace.

The 200 lines of elegant, complex logic become a footnote to her appearance. We aren’t auditing her technical depth; we’re auditing how she looks while explaining it.

Another developer builds credibility slowly through consistent, thoughtful contributions. Real effort, real substance. Then something shifts. People start questioning whether her visibility is entirely earned, hinting that appearance might be part of the equation. It’s rarely said directly, but it lingers in tone and implication. And what’s striking is how unevenly that suspicion is distributed.

For a while, I thought this might just be my own pattern recognition going too far. Maybe I’m overthinking this. Maybe I was projecting meaning onto something neutral. But the more I looked into it, the harder it became to dismiss.

This isn’t just a subjective observation; it’s a quantified bias. Researchers from have found that we instinctively assign a Competence Premium to individuals we perceive as attractive, rating them higher even when their qualifications are identical to others. Experiments from push this further, showing that this bias doesn’t stop at first impressions. It influences salary expectations, shapes hiring decisions, and quietly determines who we see as leadership material before they’ve even had the chance to lead.

So this isn’t just perception. It translates into measurable outcomes.

I keep seeing conversations about pretty privilege collapse into two extremes. One side insists everything is purely merit-based, as if perception plays no role at all. The other treats appearance as the main explanation for success, reducing everything to aesthetics. From what I’ve seen, both positions miss something important.

Attractiveness doesn’t guarantee success. But it shifts the starting point in ways that are easy to overlook and hard to measure in isolation. It smooths first interactions, reduces friction, and builds trust faster than it logically should. Those small advantages compound over time.

You start noticing it in subtle ways. Someone gets interrupted less. Someone’s rough idea is treated as promising, while someone else’s polished explanation is met with skepticism. Someone gets described as naturally confident, while another is asked to prove it repeatedly. None of these moments seem significant on their own, but together they form a pattern that’s difficult to ignore.

Zoom out far enough, and that pattern becomes structural. Certain types of faces appear more frequently in visible positions. Not always intentionally. Not always consciously. But consistently enough to shape expectation. Over time, people begin associating specific appearances with competence, even if they would never openly admit it.

That’s the point where this stops being about individuals and starts influencing who gets seen, who gets heard, and who gets opportunities in the first place.

“Awareness doesn’t uninstall the system. It just exposes it.”

And knowing all of this doesn’t magically fix anything. I’ll probably still catch myself trusting a well-lit profile picture faster than I should tomorrow.

But now, there’s something new in the loop. A moment of hesitation that didn’t exist before. And in that split second, we find something small, but real.

A choice.

Maybe this awareness won’t fix the system tomorrow morning. But the next time your finger pauses on a post, or you’re about to cut someone off in a meeting, stop for a second.

Ask yourself something uncomfortable.

Is this really about the quality of the work?

Or are you just reacting to how good it looks?

Because in a world driven by perception, admitting that you can be fooled might be the only way to start seeing honestly.

Why Your Brain Keeps Choosing Good Looks Over Good Logic was originally published in Code Like A Girl on Medium, where people are continuing the conversation by highlighting and responding to this story.

Instead of delaying her announcement that she wasn't running and hence possibly being viewed as a "lame duck" mayor by both her Woolwich and regional colleagues; she has announced already that she is not running for Woolwich Mayor again this October. Hallelujah albeit the damage is done and the last ditch chance to reverse Woolwich Township's disgraceful "water crisis" legacy is now well past. The Township rolled over early and joined the Uniroyal Chemical fellow travellors' cheerleading group. After the new CPAC (2011-2015) changed the channel and set the new direction however it was Sandy Shantz who re-embraced Uniroyal/Chemtura, kicked out CPAC and went back to the status quo of much talk and little action or cleanup.  

Uniroyal and their corporate successors have made a laughing stock of local democracy and of the provincial Ministry of Environment (MECP). Clearly our provincial environmental laws are absolutely no match for multi billion dollar, multi national corporations with large legal budgets and tiny ethics and decency. No effort was ever spared by the polluters to minimize their cleanup costs and enhance their soiled reputations. And our local councils aided and abetted that over decades to their everlasting shame. 

To date I believe that councillor Eric Schwindt has thrown his hat into the ring.  I guess I'm not terribly surprised nor alarmed although I will admit my knowledge of him is limited. What I have seen over the last four years has been positive in a number of areas . I do not know if there will be other contenders or not although it seems likely. You know I can live with a mayor with a different background than myself but dear God at least let them have an open mind regarding our public water supply and they must put the public interest first in all matters. They must not be beholden to developers, builders, industrialists or our local big shots or for that matter any other self-serving groups especially including regional and provincial governments.   

Industrial Cybersecurity Best Practices

• Assessing Your Industrial Cyber Security Posture
• Boundary Defence: The First Layer of Industrial Cyber Security
• Identity and Credentials: The New Air Gap
• Halting Lateral Movement in Operational Technology
• System Hardening: Fortifying Industrial Infrastructure
• Visibility and Detection: Illuminating the Industrial Network
• A Pragmatic Blueprint for Industrial Cyber Security

Welcome to the sixth post in our series on industrial cyber security best practices. We have covered the preventative controls: boundaries, identity, lateral movement, and system hardening. Today, we address the reality that preventative controls can, and eventually will, fail. This brings us to the fifth orthogonal dimension: Visibility and Detection.

You cannot protect what you cannot see. In many operational technology environments, the network is a black box. If an adversary bypasses the perimeter and begins communicating with a programmable logic controller using native industrial protocols, the business is completely blind. Visibility and detection represent the crucial ability to identify a breach in its early stages, allowing for rapid response before a cyber event becomes a physical disaster.

The foundation of visibility is an accurate asset inventory. You cannot detect an anomalous device if you do not know what devices are supposed to be there. In industrial environments, rogue laptops, undocumented cellular modems, and forgotten test equipment frequently blur the network topology.

Continuous, passive asset discovery is required to illuminate the environment. By listening to network traffic, you can automatically build a dynamic inventory of every device, its firmware version, and its communication patterns. This is the baseline upon which all detection capabilities are built.

Traditional Information Technology monitoring focuses on corporate web traffic and email. Operational Technology monitoring must understand industrial protocols like Modbus, DNP3, and Ethernet/IP. An attacker altering the setpoint of a safety valve will not trigger a standard corporate intrusion detection system; it simply looks like standard network traffic.

Deploying network security monitoring specifically designed for industrial environments is essential. These systems parse deep packet inspection to identify malicious commands, firmware uploads, or abnormal reads and writes to process controllers. This deep visibility is the only way to detect threat actors living off the land within the industrial control system.

When investigating an incident, piecing together logs from disparate firewalls, Windows servers, and identity providers is a painstakingly slow process. In a crisis, time is the enemy. If logs are stored locally on individual machines, an attacker can simply delete them to cover their tracks.

Centralised log aggregation solves this by securely forwarding all security events to a unified platform. This allows security analysts to correlate events across the five dimensions. For example, a failed login attempt on the perimeter followed by a configuration change on an internal workstation provides a clear picture of an unfolding attack.

Alert fatigue is a massive issue in cyber security. If a system generates thousands of low-level warnings a day, the critical alerts will be ignored. Detection mechanisms must be tuned to identify genuine anomalies, not just routine operational noise.

By establishing a baseline of normal communication patterns, anomaly detection engines can highlight deviations. If an engineering workstation that typically communicates with three specific programmable logic controllers suddenly attempts to scan the entire subnet, this is a high-fidelity alert indicative of lateral movement.

Detection is useless without a coordinated response. When an alert fires indicating a potential compromise of a safety instrumented system, the operations team and the security team must know exactly what to do.

Visibility mechanisms must integrate directly into the incident response plan. This means defining clear escalation paths, establishing out-of-band communication channels, and practicing tabletop exercises. The goal of visibility is to compress the mean-time-to-repair, allowing operators to isolate the threat and restore normal operations swiftly.

Visibility ensures that when the first four layers of defence are tested, you are not caught off guard. Take our Cyber Security Assessment to evaluate your detection capabilities, and download the best practices guide. In our final post, we will wrap up the series and bring all five dimensions together.

Industrial Cybersecurity Best Practices

• Assessing Your Industrial Cyber Security Posture
• Boundary Defence: The First Layer of Industrial Cyber Security
• Identity and Credentials: The New Air Gap
• Halting Lateral Movement in Operational Technology
• System Hardening: Fortifying Industrial Infrastructure
• Visibility and Detection: Illuminating the Industrial Network
• A Pragmatic Blueprint for Industrial Cyber Security

HydroSphereAI’s machine learning-driven forecasting system.

Between April 15 and April 22, 2026, watersheds across Greater Sudbury experienced a significant spring flood event driven by rapid snowmelt and sustained rainfall. A Flood Warning issued by Conservation Sudbury highlighted elevated inflows across the region, including the Vermilion River system near Val Caron.

While the Vermilion River is not a regulated hydropower system, Water Survey of Canada Station 02CF011 (Vermilion River near Val Caron) provides a comparable watershed area for understanding naturalized inflow dynamics relevant to hydroelectric operations across northern Ontario.

This case study demonstrates how HydroSphereAI (HSAI) captured the timing and magnitude of peak flows during a complex spring freshet event, and how similar forecasting capability can support hydropower decision-making.

Vermilion River Ontario. Vermilion River near Val Caron (Station 02CF011).

Why This Event Matters for Hydropower
Spring freshet events represent one of the most operationally challenging periods for hydroelectric utilities. Even in unregulated basins like the Vermilion River, the hydrologic behaviour observed is directly transferable to regulated systems. During this event rapid snowmelt combined with rainfall generated sustained high inflows. Peak discharge of 104 m^3/s occurred on April 19, following several days of rising flow, with flows exceeding 83 m^3/s (a 1 in 20 year flow rate) for 4 consecutive days from 2am on April 18th until 11pm on April 21st. Flood warnings were issued by Conservation Sudbury on April 15th and April 17th, highlighting Val Caron and surrounding areas as high-risk zones.

For hydropower operators, similar inflow conditions can translate to reservoir level exceedance risk, spillway activation and flood routing decisions, reduced flexibility in generation scheduling and increased downstream flood liability.

Comparable Watershed for Regulated Systems
The Vermilion River basin upstream of station 02CF011 exhibits characteristics common to many hydroelectric operational locations in Ontario, including a mixed storage response (lakes and wetlands) , snowmelt-dominated hydrology, sensitivity to rain-on-snow events and multi-day hydrograph peaks rather than flash responses. Although no dam is present at this site, the observed inflow dynamics closely resemble naturalized inflows to hydroelectric reservoirs, making it an ideal test case for forecasting performance.

Forecasting Challenge for Hydropower Operations
Spring inflow forecasting is particularly complex due to uncertainty in snow water equivalent and melt rates and nonlinear runoff generation during rain-on-snow events. The temperature-driven variability in timing of peak inflows and prolonged inflow periods often require multi-day operational planning.  For hydroelectric facilities, the key challenge is not just predicting that inflows will rise, but accurately forecasting when peak inflow will occur, what maximum flow rates to expect, and how long elevated inflows will persist.

HydroSphereAI Performance Overview
HydroSphereAI demonstrated strong predictive capability at station 02CF011 (Vermilion River near Val Caron) throughout the event:

• April 11 (8-day lead time):
  Early forecasts identified a developing inflow event, providing advance notice of potential operational stress. The model was already tracking the timing and magnitude of peak inflow with high accuracy, enabling early planning.

• April 15–22 (Flood Warning period):
  Forecasts remained stable as inflows increased, aligning closely with observed hydrograph trends. Short-range forecasts (1–3 day lead time) performed particularly well between April 17 and April 20, closely matching both the rate of rise and sustained peak conditions, further reinforcing confidence during critical operational decision-making periods.

• Peak Capture (April 19):
  HydroSphereAI accurately predicted the timing of peak inflow, maintaining consistency throughout.

• Forecast Convergence:
  As lead time decreased, uncertainty narrowed, supporting higher-confidence operational decisions.

Operational Value for Hydropower
HydroSphereAI’s performance in this event highlights several direct applications for hydroelectric operators:

1. Advanced Inflow Forecasting
   Early detection (up to 10 days ahead) enables pre-emptive reservoir drawdown and optimization of storage capacity ahead of peak inflow.

2. Surplus Flow and Flood Management
   Accurate peak timing supports controlled spillway operations and reduced downstream flood risk.

3. Generation Optimization
   Reliable inflow forecasts allow operators to maximize generation during high inflow periods and avoid reactive or suboptimal dispatch decisions.

4. Risk Reduction
   Improved foresight can improve emergency operational responses and reduces infrastructure stress during peak events.

Conclusion

The April 2026 spring freshet event across the Sudbury region illustrates the type of inflow dynamics that hydroelectric operators must manage each year. Even in an unregulated system like the Vermilion River, the observed hydrologic response, driven by snowmelt, rainfall, and basin storage, closely mirrors conditions experienced at hydroelectric reservoirs.

HydroSphereAI’s ability to detect early inflow signals , accurately forecast peak timing and maintain consistency across a multi-day event demonstrates its value as a decision-support tool for hydropower operations. As climate variability increases the uncertainty and intensity of spring inflows across Canada, AI-driven forecasting platforms like HydroSphereAI provide utilities with the actionable intelligence needed to improve reservoir management, optimize generation, and enhance flood resilience.

In this episode of The Cordial Catholic, I'm joined once again by my friend and world renown researched and bibliophile Gary Michuta to talk about the Old Testament prophecies fulfilled by Christ. 

Geared towards defending our Catholic Christian faith, Gary's new work, diving deep into the prophecies fulfilled by Jesus, is meant to equip the reader (and listener) with some incredible knowledge about exactly what the Jewish people thought about Jesus, the plan for salvation that God had from the start, and how the entire Bible centres so richly on Christ. 

It's an amazing conversation. You'll learn so much!

For more from Gary visit his website where you can buy his fantastic books on this topic. 

You can get Messiah: Old Testament Prophecies Fulfilled in Christ from the St. Paul Center.

Also check out his fantastic YouTube channel.

Send your feedback to cordialcatholic@gmail.com.

Sign up for our newsletter for my reflections on  episodes, behind-the-scenes content, and exclusive contests.

To watch this and other episodes please visit (and subscribe to!) our YouTube channel.

Please consider financially supporting this show!

For more information visit the Patreon page.  All patrons receive access to exclusive content and if you can give $5/mo or more you'll also be entered into monthly draws for fantastic books hand-picked by me.

If you'd like to give a one-time donation to The Cordial Catholic, you can visit the PayPal page.

Thank you to those already supporting the show!

A very special thanks to our Patreon co-producers who make this show possible: Amanda, Elli and Tom, Fr. Larry, Gina, Heather, James, Jorg, Michelle, Noah, Robert, Shelby, Susanne and Victor, and William.

Listen on: Apple Podcasts   Spotify

Support the show

Find and follow The Cordial Catholic on social media:

Instagram: @cordialcatholic
Twitter: @cordialcatholic
YouTube: /thecordialcatholic
Facebook: The Cordial Catholic
TikTok: @cordialcatholic

Should performance be important? Absolutely yes.
Should it be your starting point? Not really.

I recently ran a poll on LinkedIn where 71% of engineers said they prioritize performance over readability. That instinct isn’t surprising. Performance feels tangible. Faster systems, lower latency, better benchmarks — it’s measurable, visible, and often celebrated.

But here’s the catch: most engineering work doesn’t fail because the code was too slow. It fails because the code was too hard to understand.

Early in your career, this distinction is easy to miss.

You’re drawn to writing clever code. Optimized logic. Compact solutions. It feels like real engineering. But over time, you start realizing that code is not written for machines — it’s written for people who have to read, debug, extend, and trust it.

That’s where readability quietly becomes a force multiplier.

Readable code reduces the time spent deciphering intent. It makes debugging less of a guessing game and more of a structured process. It allows teams to collaborate without constantly reinterpreting each other’s work. And perhaps most importantly, it ages well. Systems evolve, teams change, and requirements shift—but readable code adapts without breaking under its own complexity.

It also has practical advantages that are easy to underestimate. Clean, understandable code lowers onboarding time for new engineers. It reduces the chances of introducing subtle bugs. It makes testing more straightforward. Over time, this directly translates into lower maintenance costs and less technical debt.

That said, performance is not optional — it’s contextual.

There are systems where performance is the product. Real-time gaming, high-frequency trading, large-scale data processing — these domains demand precision and efficiency. In such cases, optimizing code is not premature; it’s essential.

Performance can also unlock real business value. Faster systems can handle more users, reduce infrastructure costs, and provide better user experiences. In competitive environments, these gains matter.

But here’s the nuance most engineers miss: performance should be intentional, not instinctive.

You don’t start with optimization. You start with clarity. You build something correct, understandable, and measurable. Then you identify bottlenecks. Then you optimize—with purpose.

This is what Donald Knuth was pointing to when he said, “Premature optimization is the root of all evil.”
Not that optimization is bad—but that optimizing without context leads to unnecessary complexity with little payoff.

The real skill is not choosing readability over performance or vice versa. It’s knowing when each matters more.

Early in your career, bias toward readability. It will teach you how systems work, how teams collaborate, and how to write code that survives beyond your immediate use case. As you grow, you’ll develop the judgment to selectively optimize where it actually counts.

Because in the end, performance might give you a thrill — the satisfaction of efficiency, speed, and precision.

But readability gives you something far more enduring: stability, clarity, and trust in the systems you build.

And in most real-world systems, that’s what scales.

Readability vs. Performance: What Should You Optimize First? was originally published in Code Like A Girl on Medium, where people are continuing the conversation by highlighting and responding to this story.

I didn’t notice the shift while it was happening.

It only became clear when I looked back at how I worked a year ago compared to now.

The tools changed, but more than that, the nature of what I spend my time on changed, in a way that’s hard to reverse once you see it.

A year ago, a large part of my week was operational.

Cleaning data, writing SQL and Python, producing ad-hoc analyses, building dashboards that stakeholders would inevitably come back to and ask me to update.

A lot of repetition, much of it necessary to make sure the final output actually fit their use case.

That layer has started to shift. For me, the change wasn’t from “using AI as a helper” to “using AI more”, it was from using AI as a tool to building agentic skills, MCP servers, LLM applications, as part of my job.

The fundamentals of my role haven’t changed, but the shape of it has. I’ve gone from a builder of dashboards to a curator of domain context and a builder of AI systems.

• Codex and Claude Code for generating code, refactoring, and code review. Most of the time it’s faster than writing it myself. Sometimes it’s not, I’ll come back to that. 👀
• Claude / ChatGPT for first-pass analyses. I feed in a previous analysis and ask it to draft a new one for a similar problem. I still rewrite most of it, but starting from a draft is much easier than starting from a blank page.
• Agent and skill building for the parts of my work that repeat. Here I’m not the writer of the analysis, I’m the conductor, making sure the AI’s logic aligns with business goals.

The bigger change wasn’t speed. It was scope.

A few weeks ago, a UX researcher reached out asking me to help understand a product behavior pattern. The analysis involved building a logistic regression to understand what drives users to return (for a product I don’t own).

A year ago, that kind of cross-functional ask would have required real setup: scoping the work, routing it to a data scientist to do the analysis, even for a proof of concept.

Now, stepping into an adjacent problem is much easier, because execution isn’t the limiting factor anymore. Judgement is.

Our team is also building an LLM-powered internal tool right now, even though none of us are full-stack web developers. The gap between “what I know” and “what I can build” has narrowed, not because we suddenly became experts, but because the execution layer is no longer where the time goes.

And this isn’t unique to data roles. I see engineers building tools outside their main stack, designers prototyping with code, PMs running their own analyses.

The shape of what someone can do at work is changing across the entire workforce.

Less coding. More everything else.

More time talking to PMs and stakeholders to understand what they need to move faster.

More time on the deep analyses where the pattern looks fine on the surface and only gets interesting when you push on the assumption underneath.

More time deciding what’s even worth building in the first place.

AI is fast at implementation, but it’s not yet reliable at knowing what’s meaningful to pursue. It tends to over-engineer when the context isn’t constrained, so part of my job is now framing the problem tightly enough that the output stays grounded. Strong references in, useful output out.

Even with all this, there are parts of my work I still do myself.

I talk to PMs and stakeholders directly to understand what they actually need before any code gets written. I sanity-check data across sources manually, that’s the kind of work where being wrong is expensive and AI shortcuts haven’t earned my trust yet.

I design the experiments and write the recommendation at the end of an analysis, because AI lacks the domain knowledge to decide which metrics are worth tracking and which trade-offs are worth accepting.

There are also moments where writing the code myself is just faster than waiting for AI to generate and review it. I’ve stopped forcing it.

The point isn’t to use AI for everything, it’s to use it where it actually helps. For small code updates and edits, I let it handle the work. For framing, judgment, and decisions, that part stays mine.

When writing code becomes easy, deciding what to build becomes the real bottleneck.

A year ago, you could still get by as a primarily execution-focused data scientist, someone who writes the SQL and python codes, builds the dashboard, answers the request. I don’t think that’s enough anymore.

The value is shifting toward understanding the business, the KPIs, the system behind the product. Toward being the person who uses AI as an execution layer, rather than being the execution layer.

I’ve stopped thinking about it as replacement and started thinking about it as positioning.

That’s the part of the year that actually changed me.

Xoxo,

Kessie 🧚

How I Use AI as a Product Data Scientist (A Year In) was originally published in Code Like A Girl on Medium, where people are continuing the conversation by highlighting and responding to this story.

Cybersecurity, intrestingly, didn’t start as the complex, high-stakes battlefield you know it today to be. It evolved quietly at first, and then, rapidly.

As technology became deeply braided into every aspect of human life. What began as basic system protection transformed into a continuous, intelligent fight against highly adaptive adversaries.

In the 1970s and 1980s, cybersecurity wasn’t a defined field. Computers were isolated systems, used mainly by governments, research institutions, and large corporations. The primary concern wasn’t external attacks , it was system functionality.

One of the earliest known cybersecurity incidents, the Creeper Virus, was more of an experiment than a threat. It displayed a simple message and spread across ARPANET. Shortly after, the Reaper Program was created to remove it , marking the birth of defensive security.
At this stage, security was minimal, and at large, experimental.

The 1990s changed everything. With the rise of the internet, systems became interconnected — and vulnerable.
Malware evolved from harmless experiments into destructive tools. Attacks like the ILOVEYOU Virus and the Melissa Virus demonstrated how quickly threats could spread globally, causing billions in damage.
This era introduced:

• Antivirus software as a standard defense.
• Firewalls to control network traffic.
• Intrusion Detection Systems (IDS).

However, defenses were still largely signature-based; meaning they could only detect known threats. Attackers quickly learned to stay one step ahead.

As organizations digitized operations, cyberattacks became more targeted, strategic, and financially motivated and personal.
The emergence of Advanced Persistent Threats (APTs) marked a turning point. These weren’t random attacks — they were carefully planned campaigns designed to infiltrate, remain undetected, and extract value over time.
Incidents like Stuxnet showed that cyber warfare had entered the geopolitical stage. Meanwhile, ransomware attacks such as WannaCry disrupted healthcare systems, businesses, and governments worldwide.
Key advancements during this period included:

• Security Information and Event management (SIEM) systems.
• Endpoint Detection and Response (EDR).
• Cloud security frameworks.
• Zero Trust architecture.

Cybersecurity was no longer just IT’s responsibility — it became a business-critical function.

Artificial Intelligence is now redefining cybersecurity on both sides of the battlefield.

AI enables:

• Threat detection at scale through behavioral analysis.
• Anomaly detection beyond known signatures.
• Automated response systems that act in real time.
• Predictive intelligence to anticipate attacks before they occur.
• Machine learning models can analyze massive datasets far faster than any human team, identifying subtle patterns that signal compromise.

At the same time, attackers are leveraging AI to:

• Automate phishing campaigns with personalized content.
• Develop polymorphic malware that constantly changes form.
• Bypass traditional detection systems.
• Generate deepfakes for social engineering attacks.

Cybersecurity today is moving toward proactive and intelligence-driven defense. Some of the most impactful advancements include:

• Zero Trust Security: Never trust, always verify — every access request is continuously validated.
• Extended Detection and Response (XDR): Unified visibility across endpoints, networks, and cloud.
• Cloud-Native Security: Protecting dynamic, scalable environments.
• Threat Intelligence Platforms: Real-time global insights into emerging threats.
• Security Automation (SOAR): Reducing response time and human error.

Organizations are shifting from “defend the perimeter” to “assume breach and minimize impact.”

Cybersecurity is no longer a static solution — it is a continuous, evolving strategy.
The future will likely be defined by fully autonomous security systems, AI-driven cyber defense ecosystems, Increased regulation and global cooperation and a stronger focus on human factors and insider risk.

One thing is clear: cybersecurity is no longer about preventing attacks entirely — that’s unrealistic. It’s about resilience, speed, and adaptability in the face of constant threats.

Final Thoughts

The evolution of cybersecurity reflects a simple realistic truth: as technology advances, so do the risks that come with it.

The journey has been defined by continuous adaptation. Organizations that succeed are not those with the most tools — but those with the ability to evolve as fast as the threats they face.

Enjoyed the article? Give it a clap and share your thoughts in the comments.
Have a different perspective? I’d genuinely like to hear it.
Until then, stay safe and stay secure.😁

The Evolution of Cybersecurity: From Simple Defenses to Intelligent Warfare. was originally published in Code Like A Girl on Medium, where people are continuing the conversation by highlighting and responding to this story.

I wanted bugs filed in Jira to turn into draft pull requests on GitHub without anyone needing to shepherd them through the middle.

That’s the one-line version. The actual version took about two weeks and ended up with four moving parts:

1. A Lambda that takes a Jira webhook, classifies the ticket, mirrors it as a GitHub issue, and copies attachments to S3.
2. A triage workflow that generates a repo map and decides, for every freshly opened GitHub issue, whether to assign Copilot coding agent or just post a diagnosis comment.
3. A log analyser in dev-scripts/ for the heavier path, where attached logs need to be turned into a structured root-cause analysis first.
4. Copilot coding agent itself, which opens the draft PR.

None of the pieces were especially hard on their own. Each one was some Python, some Terraform, and some agent instructions. The time went into the joins: Jira’s idea of valid JSON, webhook retries, Copilot’s token rules, S3 log links, and a model that decided to ask for more information instead of checking the repo.

So this is the long version. The small annoying bits are most of the story.

The Lambda is the boring bit you only notice when it gets something wrong.

When a Jira ticket is created or updated, it receives the webhook, decides whether the ticket is actionable, and opens or updates the matching GitHub issue. It also carries over attachments or S3 links so the GitHub side has enough context to do something useful.

The classifier itself is mostly regexes and form fields. Not glamorous. The parts that slowed me down were the places where Jira, AWS, and GitHub all had slightly different ideas of what “simple webhook” meant.

Jira’s automation rules let you POST a custom JSON body to a URL. You write the body as a template and Jira fills in the values from the ticket. In theory, simple. In practice, the validator that decides whether your template is “valid JSON” is brittle in ways nobody documents.

Things I had to discover the slow way:

• Some smart-values aren’t supported on every tenant. The literal {{issue.url}} text was being left in the body on mine, breaking the JSON.
• Array-valued smart-values have to come last in their object, or the validator fails before you can even save.
• Free-text fields like description blew the body up whenever a user pasted text with control characters or unescaped quotes.

I ended up bisecting the body field by field, saving the rule each time, until I found which smart-value was breaking it. The validator’s error message is basically the same regardless of which line is wrong.

What I now do by default: send the smallest possible payload — usually just the ticket key — and have the Lambda fetch everything else via the Jira API. One extra call per webhook is free. Debugging the validator is not.

Webhooks have at-least-once delivery. The Lambda can see the same event twice, see an update while a previous run is still in flight, or trigger itself by editing the same ticket. None of those should create duplicate GitHub issues or comments.

Three mechanisms, roughly:

• A hash of the classification result, written back to the ticket. If the new hash matches the stored one, skip everything.
• A sentinel label that says “the classifier just touched this.” The Jira rule excludes that label so the Lambda’s own writes don’t loop.
• Reading the existing GitHub-issue mapping on every event, not just on updates.

By the time I reached the GitHub-issue side, the Lambda was mirroring tickets reliably enough that the next question was obvious: can Copilot do anything useful with them?

The naive plan was: assign Copilot coding agent to every issue the Lambda creates, let Copilot figure it out.

That plan falls over as soon as the first vague ticket arrives. Copilot coding agent is not a triage tool.

When you assign Copilot to an issue, it:

1. Reads the issue body and existing comments at the moment of assignment.
2. Researches the repo in its own GitHub Actions VM.
3. Drafts a plan.
4. Opens a draft PR — success or otherwise.
5. Requests review.

What it does not do:

• Post “I need more info before I try”
• Decide the issue isn’t fixable and abstain
• Use your domain-specific tooling
• Read comments added after assignment

If the issue is vague, you get a low-quality draft PR you’ll close. If the issue is a duplicate, you get a draft PR. If it’s a “the docs don’t make sense” question, you get a draft PR for that too.

Useful tool. Wrong contract for “triage every opened issue.”

What I actually needed before Copilot ran was a small decision point:

ClassificationActionauto_fixableAssign Copilot, let it open a draft PRneeds_infoComment listing what's missing, don't assigndiagnosis_onlyComment with root cause + workaround, don't assign

Copilot only fires when there is a real fix to make and enough information to make it. Everything else gets a comment and stops there.

The triage model is Claude Sonnet 4.6 routed through the Copilot SDK: same billing surface as the coding agent, but chat completions instead of the cloud agent. In practice the pipeline uses two different shapes of agent. Claude does the messy issue reasoning. Copilot coding agent does the repo-aware code edit.

This is the part I would shortcut hardest if I started over.

Copilot SDK has its own auth contract, separate from regular GitHub auth. The SDK does not accept:

• GITHUB_TOKEN (the built-in Actions token)
• ghp_* classic PATs
• ghs_* GitHub App installation tokens

It accepts:

• gho_* OAuth user tokens
• ghu_* GitHub App user tokens
• github_pat_* fine-grained PATs with Copilot Requests: Read

The fine-grained PAT path looks easy until you discover that org-owned fine-grained PATs don’t expose the Copilot Requests permission. There’s an open GitHub issue about it. If your repo is in an org, that path is blocked.

The OAuth route works but requires running a device flow, which is annoying when what you want is “give CI a secret and move on”. After two days of permission spelunking, I found the shortcut: the ghu_* token already exists on any machine signed into Copilot. It's sitting in ~/.config/github-copilot/apps.json. Pull it out, drop it into a secret, done.

That’s the SDK token. Then there’s the assignment token.

The Copilot coding agent assignment goes through a separate GraphQL call (replaceActorsForAssignable), and that one needs a PAT that can see Copilot in suggestedActors. The Actions GITHUB_TOKEN cannot — GitHub explicitly filters Copilot out of suggested actors for the Actions identity. This is by design: the same loop-prevention rule that stops Actions from triggering other Actions.

So I tried to consolidate. Use GITHUB_TOKEN for assignment, simpler workflow, fewer secrets. The error was crisp:

Copilot is not in suggestedActors — coding agent is not enabled
for this repository, or the token lacks the scope to see it.

Coding agent was enabled. The token just couldn’t see it.

Final shape: three tokens.

SecretWhat it doesToken typeCOPILOT_SDK_TOKENTriage + log analysis (Copilot SDK inference)ghu_* from local CopilotCOPILOT_ASSIGN_TOKENAssign coding agent to issueFine-grained PAT, repo-scopedGITHUB_TOKENComments, labels, gist fetchesBuilt-in Actions token

Three tokens for three different jobs. Annoying, but at least explicit.

Once auth was out of the way, the workflow branched on a label:

TriggerPathissues.opened (no label)Generate repo map → Claude triage → comment → maybe assignlabeled: analyze-logsDownload log → run log_analyze.py → log-triage comment → maybe assign

Path A is cheap. The repo map gives the model project layout, Claude classifies the issue, and assignment is gated on confidence >= 0.7.

Path B is heavy. The Lambda renders log attachments as markdown links to S3 pre-signed URLs. When the analyze-logs label gets added, the workflow downloads the log and runs the multi-agent log analyser from stage 3. That already produces root_cause, possible_fixes, and code references, so there is no point asking a smaller triage prompt to rediscover the same thing.

Most issues take Path A. The expensive path only runs when there is a log worth spending time on.

The fix was not a smarter model. It was making the procedure less optional.

I’d already given the triage agent the same search_repo and read_repo_file tools that log_analyze.py uses. Tools alone weren't enough. The model treated them as optional. So the prompt got a numbered procedure:

1. Extract every identifier from the issue body
2. search_repo each one
3. Follow the path-chain: registry → template → implementation
4. read_repo_file to confirm the leaf
5. Only then classify

I also added a small set of owner-to-file routing rules that I had internalised but the model had not. Things like “templates owned by namespace A live in config X, namespace B lives in config Y”. Encoding those cut a whole class of “model guessed the wrong file” misses.

Then citation discipline. diagnosis and copilot_instructions must include file:line references with before/after values, not vague paths. Vague paths gave Copilot a worse starting position than no instructions at all.

And one carve-out. The original needs_info rubric was too bug-report-shaped: repro steps, expected vs actual, environment. That is right for a crash, but wrong for a change request like "bump version to 7" or "rename flag X to Y". Those have no repro steps because they do not need any. The model was pattern-matching on missing bug fields and refusing to classify obvious edits as fixable. The carve-out is simple: when the body names an explicit target value, do not demand a repro before considering auto_fixable.

After all four edits, the same issue went auto_fixable → assign Copilot → draft PR. Copilot still does the work. The triage layer just stops getting in its way.

I wrote about this gap before, in Computer Says No. It applies here too.

A vanilla LLM call on the issue body would have classified needs_info and stayed there forever: no tools, no grounding, no way to verify. The orchestrated version reads actual files, traces actual chains, and only then decides. Same model. Different shape.

The annoying part is that Copilot coding agent already does this internally. It researches the repo before drafting. That’s why assigning it directly worked on some issues my own triage was bouncing. The triage layer needed the same kind of grounding before deciding whether to hand off. Otherwise it was just a worse version of Copilot gating a better version of itself.

Once I made the triage agent use its tools the way Copilot uses its own, the pipeline started behaving the way I wanted: most issues either get a useful comment or a draft PR within minutes of opening.

Stage 3 is the heavy path the triage layer hands off to. I built it before the triage layer existed, because the bugs that mattered were arriving as megabyte-sized application logs and reading them by hand was killing my afternoons. By the time I needed a triage agent, this tool was already doing useful work.

The shape:

The line I kept coming back to was: deterministic where it can be, model-driven where it has to be. If you can compute something from the log without judgement, compute it. If it needs judgement, give it to a model with grounded tools. Try not to blur the two.

What that meant in practice:

• Actor detection. Logs contain both the orchestrator side and the worker side, sometimes on the same machine, both logging under the same [orchestrator] tag. A regex over thread-name patterns determines which actors are present and which one to prioritise (worker-side first, because that's where root causes live). No model involved.
• Window selection. Logs are 50–100 MB. Models can’t usefully read the whole thing. The deterministic layer offers anchors such as last_task, last_abort, and last_traceback, then slices the relevant ~500 lines. The model never sees the rest unless it asks for more.
• Evidence ranking. Within the window, traceback frames beat worker-side exceptions beat protocol-level exceptions beat task-abort summaries beat generic warnings. This priority is hard-coded; the model can override it only with explicit reasoning. Without this, models default to “the first ERROR line is the cause” and you get diagnoses that point at the wrapper.
• File reference extraction. If the log mentions sdk/foo/bar.py:247, the deterministic layer captures that and pre-loads the file as context. The model doesn't have to figure out it's relevant.

By the time the scout agent runs, it is looking at a couple hundred lines of high-signal log plus pre-resolved file references. Not the raw log. Not a generic instruction to “find the bug.”

The analyser uses three separate Copilot SDK sessions, with a different model for each role:

RoleModelWhyScoutgpt-5-miniCheap. Plans which files/searches matter. Doesn't need to reason deeply.Analystclaude-opus-4.6Strong. Does the actual root-cause reasoning with grounded repo tools.Reviewergpt-5.4Strong, different family. Challenges the analyst. Up to three rounds of disagreement.

The reviewer loop is the part I am most attached to. Without it, the analyst picks an answer and you take it. With it, the reviewer either accepts or sends a structured “no, here’s why I disagree” back to the analyst, which reruns with that as additional context. After three rounds, whatever they converge on is the answer. If they still disagree, an optional orchestrator model reconciles.

This is more expensive than a single-model call. It is also much better on the awkward 15–20% of investigations where the first-pass answer is plausible but wrong.

The agents don’t get “use search_repo” as a hint. They get actual SDK-defined tools backed by Python implementations:

search_tool = define_tool(
    "search_repo",
    description=(
        "Search the monorepo for lines matching regex patterns. "
        "Use this to find relevant code when the supplied evidence is "
        "insufficient to diagnose the issue."
    ),
    handler=_handle_search_repo,
    params_type=SearchRepoParams,
    skip_permission=True,
)

_handle_search_repo does a real ripgrep-style scan over the checked-out repo, returns hits with path, line, text. read_repo_file reads bounded snippets (default 40 lines of context) from a file the model names. Path resolution allows relative paths or unique-filename suffixes — the model can ask for dataframe.py and the tool finds sdk/data/sources/dataframe.py if it's the only match.

The bound repo_root matters. The tool can't escape the checkout (path traversal blocked at the resolver layer), can't read absolute paths, can't see ignored directories. Read-only by construction. The agent has every relevant lookup it needs and zero ability to do anything destructive.

This is what makes the analyst’s diagnoses grounded. Every file path it cites came from a real read_repo_file result. Every code reference was a real search_repo hit. The output is still model-synthesised, but the raw material is real.

Domain rules about how to read these specific logs aren’t in code; they live in log_analyze_instructions.md, loaded automatically and appended to every agent's system prompt. The file is short, opinionated, and mostly negative — it tells the models what not to do:

• “Treat GenericAbortError as a wrapper unless deeper evidence is missing."
• “Do not report wrapper messages as the root cause if the selected window contains earlier causal evidence.”
• “Prefer multiple small targeted investigations over one large unfocused pass.”
• “If the model owner is not internal, bias toward the model input path, not opaque model internals.”

These were learnt the expensive way. The first version of the analyser kept reporting “GenericAbortError” as the root cause for every failure. Technically true, completely useless. The wrapper-error rule fixed that. The third-party model rule came after watching the analyst speculate about model internals it could not read, when the actual bug was in the data pipeline feeding the model.

The rule I took from this: domain knowledge belongs in instructions, not code. Encode the rule once in markdown and every agent in the stack inherits it. The --agent-instruction and --agent-instruction-file flags let me steer per-run without editing the repo.

Each SDK call has a timeout: 180s for scout, 420s for analysis/review. They also use streaming events. Streaming matters for two reasons: progress logs appear in stderr while the model is still thinking, and if a turn times out before completing, the partial content can often be salvaged instead of throwing the whole investigation away.

The fallback chain when a turn times out:

1. Did we get a final assistant message before timeout? Use it.
2. Did we accumulate any streamed parts? Concatenate and use them.
3. Can we read the latest assistant message from session history? Use that.
4. None of the above? Raise — the run is genuinely lost.

I built this after the third time a seven-minute analysis call basically succeeded but threw on the timeout boundary. The work was done; the SDK just had not formally closed the turn. The fallbacks recover that work.

log_analyze.py taught me most of what the triage agent in stage 2 needed:

• Tools beat prompts. Give the model real search_repo and read_repo_file, not a description.
• Deterministic preprocessing wins. Don’t make the model read 50 MB; pre-rank evidence and slice the window.
• Domain rules go in instructions, not code.
• Multi-agent isn’t just “more is better” — it’s specifically scout-cheap, analyst-strong, reviewer-different-family.
• Defensive parsing is part of the contract.
• Streaming + timeout-fallback turns flaky into robust.

The triage layer reuses build_repo_tools() directly. It shares the same search_repo / read_repo_file implementations as the analyst. It gets the same grounding for free. That code reuse is why the triage prompt can stay fairly short: the heavy lifting is in tools the analyser already proved out.

If you made it here, thank you. This is actually the easy part.

Once an issue is deemed auto_fixable, the workflow assigns Copilot coding agent. It analyses the request in the cloud agent environment and opens a draft PR.

The thing I like is that there is still a human review point, just later. The workflow does not merge code. It only spends Copilot/GitHub minutes when the triage layer thinks there is a real edit to make.

Why not use an off-the-shelf tool? The simple answer is that I didn’t want to. I had fun building this, and I learnt more by sitting in the annoying bits myself.

Could something like n8n have done this instead? Yes and no. It could have saved me time on the boring routing parts, and would have been a great choice if the pipeline was “Jira event in, GitHub issue out, maybe a Slack ping”. I still would have had to do my own work for the AWS infrastructure, the agent grounding needs custom code, and the Copilot auth dance still needs extra hip movement. I preferred the learning curve to be focused on building blocks rather than tools.

Why Jira? It is the workflow tool my company already uses. I wanted to minimise friction for non-engineer colleagues.

Why GitHub Copilot instead of OpenAI or Anthropic directly? Our code already lives in GitHub and we already have Copilot enabled, so it felt natural to try that route first.

Why do the S3 dance for logs? The bug reports already arrive with S3 links pointing to the relevant logs. Whatever orchestration tool I picked, I still had to get the logs out of S3 and into the analysis path.

The end-state is a pipeline that, on every Jira bug:

• Mirrors the ticket to a GitHub issue with the right team’s repo
• Mirrors any attachments to S3 with pre-signed URLs in the GitHub issue body
• Generates a repo map for grounding
• Routes the GitHub issue through Claude triage (cheap path) or log_analyze.py (heavy path)
• Posts a structured diagnosis comment
• Conditionally assigns Copilot coding agent when the issue is auto-fixable with high confidence
• Marks the issue auto-triaged to prevent double-handling
• Re-classifies and cross-repo-moves cleanly when the team label changes
• No-ops idempotently when nothing’s changed

Two LLMs, three tokens, two paths, one Lambda, one workflow. Most of the value isn’t in the model calls — it’s in the gates between them.

If you’re doing something similar: don’t try to make Copilot coding agent a triage tool. It’s a fix tool. Build the triage layer separately, and let it decide whether to hand off.

And if you’re plumbing webhooks into AWS and wondering why your auth isn’t working — curl it directly, layer by layer. The error code you see in the audit log is rarely from the layer you think it is.

Have you wired Copilot agents into a custom workflow? I’d love to hear what auth maze you got stuck in — and whether your triage layer is gating better than mine.

From Jira Bug to Draft PR was originally published in Code Like A Girl on Medium, where people are continuing the conversation by highlighting and responding to this story.

My website was technically done. So I thought: let’s just add one more thing.

Dark mode.

Developers love that right? I didn’t even use that many colors — it should be quick to swap them around.

And yet, it turned into a full-system refactor: it was typography, code highlighting, images and rendering behavior.

The problem showed up immediately: the few colors I used were hardcoded everywhere. A heading had one hex value, and a paragraph had another. Changing the theme meant updating each instance manually. No, thank you.

So I introduced CSS variables and defined colors by their roles.

• --text-primary
• --text-secondary
• --background-primary
• --border

With this, a heading wasn’t “black” anymore. It was text-primary. A background wasn’t “white”. It was background-primary.

This sounds like a small change but it fundamentally changed how I approached styling. I stopped thinking in terms of individual colors across themes and focused instead on the role and intention of each element, with color as just an implementation detail.

At this point, I thought I was mostly done. I wasn’t even close.

With a color system in place, the next step seemed obvious and trivial: invert it. Just change black to white and white to black.

Except it looked terrible. Who would’ve thought that having white text on black would feel so… bright? It was harsh and fatiguing. Everything started blending together — almost like I had suddenly developed astigmatism.

Turns out dark mode isn’t black and white. Maximum contrast does not make text readable.

Shades of grey.

Instead of pure white, I switched to light grey and text was miraculously legible again. For secondary text, an even softer grey.

Good dark mode was about tuning contrast, making it proportionate and layered.

And that’s all my problems solved, said no one ever.

Even after fixing colors, the UI was still inconsistent. Different parts of the website broke in different ways

I was using Tailwind’s typography plugin (prose) for my writing pages. It worked well in light mode. But once I introduced my own variables, things started conflicting. Headings, links, and inline elements were all pulling from Tailwind’s internal color definitions instead of mine.

Some styles updated, others didn’t. Fixing one element would break another. The abstraction broke down, and the complexity I’d tried to hide came rushing back.

I explicitly mapped Tailwind’s typography variables to my own. Instead of relying on defaults, I treated typography as part of my system.

Once everything pointed back to the same set of variables, things became predictable again.

I use a lot of code snippets, especially in my JavaScript event loop article series. Dark mode introduced a new inconsistency with code syntax highlighting:

• Github light theme was unreadable in dark mode
• Github dark theme didn’t look great in light mode

Who would’ve thought?

For a while, I assumed I had to pick one.

Use both and switch dynamically based on the mode. It sounds pretty obvious now, but at the time, I genuinely thought I had to choose.

Images introduced a different kind of problem. Some worked fine. Others didn’t translate at all.

My hero image is of a sunrise. From the start, I imagined using a sunset version for dark mode. Did I create dark mode just so that I can use this image? Maybe.

Thankfully, this was easily implemented by including both images and switching between them based on the mode.

But my SVG diagrams were harder. I tried making their colors dynamic using CSS variables but it didn’t work reliably.

Instead of forcing everything to be dynamic, I created two versions of each diagram, one for each mode. It felt less elegant at first, but it worked better. Not everything should be dynamically styled.

After fixing all that, I refreshed the page for my moment of victory. A flash of light mode appeared before it switched to dark. It was subtle, but definitely there. And yes, the temptation to pretend that didn’t happen was definitely there too.

The browser was rendering before the correct theme was applied. By the time JavaScript the correct theme was set, the browser had already painted the wrong one.

The theme needed to be determined before rendering. Moving the theme logic earlier removed the flash entirely. It was a small change technically, but it had a big impact on how the site felt.

I thought I was adding a feature: a toggle button and a visual enhancement that sits on top of everything else.

But dark mode didn’t sit on top of my UI. It ran through it and every part of the system had to agree. None of the above was individually difficult. But together, they revealed that dark mode was a system and one that needs to be designed intentionally.

A few things I wish I knew earlier:

• Define colors by role, not value
• Avoid extreme contrast
• Treat typography as part of your system
• Don’t force everything to be dynamic
• Handle theme selection before render

If you’re curious, the full implementation and visuals are on my site. This article was also originally published there.

I Thought Dark Mode Was Just a Toggle. It Turned Into a Full-System Refactor was originally published in Code Like A Girl on Medium, where people are continuing the conversation by highlighting and responding to this story.

On the first Tuesday of every month, we’ll announce a new Fearless Female, including a video interview of them sharing their business story. Want to be featured as a Fearless Female?

Contact Memberships for more details. The Fearless Female Program would not be possible without our Title Sponsor, Scotiabank.

To learn a little more about the Scotiabank Women Initiative, and why they’ve chosen to sponsor this program, see the video below.

♦

The Fearless Female we’re featuring for the month of May is Dorothy Zubel, Co-Founder, Chief Executive Officer of The Finance Group.

Dorothy Zubel is the Co-Founder and CEO of The Finance Group, where she leads the vision to redefine the future of finance through an insights-driven, technology-enabled model.

With over 15 years of experience across accounting, finance, and systems implementation, Dorothy has held senior finance roles at small, mid-sized, and large organizations. Today, her focus has evolved from client advisory to building a modern finance firm that leverages technology, including AI, to reduce reliance on manual processes and elevate the role of finance professionals.

Dorothy is passionate about transforming finance from a reactive, compliance-driven function into a proactive, insight-led discipline that delivers clarity, confidence, and peace of mind to business leaders. She is equally committed to breaking the glass ceiling for women in finance, creating opportunities for the next generation of leaders to thrive in a more innovative and inclusive industry.

As CEO, Dorothy is focused on scaling a values-driven organization that combines people, process, and technology to deliver meaningful impact — both for clients and within the profession itself.

Outside of work, she enjoys spending time with her family, traveling, and exploring new parts of the world.

To learn more about Dorothy journey as a Fearless Female, watch the interview below (or read the written format).

Tell us more about The Finance Group and your role at the company.

The Finance Group is a fractional finance firm. We’ve been around for about four years, but I’ve been working in the fractional finance world for about 12 years.

I came from corporate finance, and when I entered the fractional finance world, I noticed it was transactional in nature. A lot of people were just posting entries and spitting out financials to business owners, and business owners really weren’t getting the insights they needed into their finances. And so, I started delivering services in the fractional finance world the way I did in corporate finance, which was finding efficiencies, cost savings, teaching leadership how to read financial statements, and that really resonated and made a difference to the business owners that I was working with.

I subsequently met my business partner, Donna Gleha, and we wanted to bring that vision of fractional finance to a larger audience, and so we launched The Finance Group four years ago.

What inspired you to pursue the finance field?

Originally, I started working really young. So, I started my working career in retail and became a manager of a retail store and realized I enjoyed business but didn’t see a future in retail. It was grueling hours. So, I went back to university, and I did my Bachelor of Commerce at the University of Toronto, which led me to accounting and finance. After graduating from university, I started working with Enterprise Rent-A-Car because I loved their promote from within culture, as well as their leadership development program.

And so, keeping with that, within about seven months of working there, I was hired into their accounting department, and that’s where my real accounting journey began, really learning the ropes, so starting from the ground up, and was able to kind of move and develop through that role as well, and ultimately loved the fact that they taught their branch leaders and branch managers the financials to each branch and how it operated and their profitability. And that allowed those branch managers to effectively manage the branches and to really drive profitability of each individual branch.

And that kind of style I loved. I thought every owner should know how they’re doing, and so that’s what ultimately served me throughout my career, is making sure there was a deep understanding of the financials for most business owners.

How did your experience at University of Toronto prepare you for a leadership role?

Yeah, so a couple things. I mean, after university and after joining Enterprise, I did do my CPA. I was fortunate enough to do my CPA when it was the CMA, and they had a rigorous two-year, like, case program where you would analyze companies and how they were doing. I found that work fascinating.

And, you know, even coming up in my career through Enterprise, I was overseeing people as I kind of grew up, grew in roles there, and then ultimately started working in other small, medium businesses where I had a team reporting to myself, and that allowed me to develop some of my leadership style. Further to that, I think everything is about learning and growth, so I also work closely with a leadership coach where I continue to foster my leadership skills and my ability to be a successful CEO.

What are some of your accomplishments so far?

First off, I think I’m proud of the path I took in terms of taking a step back from regular corporate finance into fractional finance 12 years ago. I received a lot of discouragement from that strategy, and for me it was an extremely successful journey and an extremely empowering journey. And then, you know, obviously a huge milestone for me four years ago with my business partner Donna Gleha, launching the finance group and, you know, us able, being able to grow the business today with over 40 employees and continuing to grow is a huge milestone for us, and we’re extremely proud of it.

What are some of the challenges that you have faced so far?

So, as you’re scaling a business, there’s always challenges that you encounter. You know, we’ve had challenges from not always hiring the right people, from having cash compression issues, as well as not having the correct systems processes in place, you know, as we’re scaling the business. So over the four years, you know, when those opportunities have happened, I call them opportunities, you know, we’ve worked on not dwelling on the mistakes we’ve made, but instead recognizing how that mistake was made and taking corrective action to avoid it going into the future so that we can hit the bumps in the road, not have a car crash, but keep moving and looking at those in the rear view.

If you could go back in time, would you do anything differently?

I don’t think life is about regrets. I think life is about learning and growing from the decisions that you make. And I truly think that, you know, where I am today is where I am because of the path I took.

And so, if I were wanting to change something, it would take me on a different path. And who knows where that would lead?

What are some of the tools you used to grow as a leader?

You know, in part of my journey, even early on in my career, I sat as treasurer of my daughter’s co-op school, in which case for four years, I sat there and we relocated a school, applied for funding and moved to school. So, I don’t take anything half-heartedly.

So that community involvement really helped to keep that school going. So, it’s still open today because of those efforts, because based on their financial positioning, they wouldn’t have been able to sustain that.

I’m part of a peer group through Tech Canada. That team has been fantastic in terms of helping navigate challenges and to bounce ideas from, you know, it can be lonely at the top, so having that peer group. My leadership coach has been huge. And I would say two other things.

One is I have very great partnerships in my life, and that’s not just in my business, but also with my husband, who I’ve been married to for over 25 years, and my business partner, Donna Gleha, who, you know, we very much complement each other, have a lot of respect for each other, and more importantly, we’re also friends. So, I think all those things combined helped to get us to where we are today and get me to where I am today.

How do you define success?

I define success very differently than I would have said in the beginning of my career. You know, I think when you’re young, I think you’re pursuing the financial aspects of success. I’ve realized as I’ve gotten further along in my career and in launching the finance group, I get more satisfaction or view success through the lens of how we’re impacting the businesses we serve. I love to see the growth in the individuals who work on our teams and seeing them step into those leadership positions themselves, as well as I love alignment with my family and my work. Those are the things I really see as driving success now.

What are some of the core values that you have integrated into your business?

So, the core values that drive me are the same ones we have in our business, which are trust, integrity, accountability, curiosity, and being self-directed. You know, trust being the foundation to anything. You can’t start a relationship, you can’t work in finance, as well as in any relationship without that basis of trust. Those are businesses that are entrusting you with their financial position, and so we take that very seriously. Integrity and accountability kind of go hand in hand.

You know, you have to deliver on what you’re promising to deliver on, and you must stay true to, you know, the core self and to the business values. But what I find that really drives me is curiosity. That need to constantly learn and grow as a person and those around me, so I’m constantly the sharer of information, and that’s a value that I find has served me, and I continue to see it serve me throughout my career.

What are some of the strategies that you use to recruit talent and build teams?

The same way we approach fractional finance in terms of, you know, really making it feel like a shared services or an extension of our client’s team, we take the same approach in finance. Many finance people have been lonely throughout their career because they’re usually the last ones at the top of the food chain in accounting, and people come to them for answers, and the buck stops there. So, when they join the finance group, what they get is camaraderie and collaboration, something that they’ve been hungry for in the past.

So, we do really drive change through that. We work hard to build our teams. We invest in our teams and their growth.

We spend a lot of times having people understand what drives them, what makes them tick by using Colby and EQI as metrics and training through those. So that’s how we really build a strong team environment internally, and especially as a remote team, we must put an even higher focus on that.

I’ve been blessed that my business partner, Donna Gleha, was an expert in this sector. She sat in finance recruiting for many, many years, and so she has the unique talent of going and attracting that talent and finding the talent. And then for every 70 people we might interview, it’s only one person who’s really getting hired just because of how rigorous our process is to make sure that we’re equipping our clients with the highest caliber of individuals out there.

What are some of the benefits of establishing your business in Waterloo Region?

So, I would say the benefit of the Waterloo Region is obviously there’s a high concentration of our ICP, our ideal customer profile, right? There’s a lot of small and mid-sized businesses here, and the ones that I’ve worked with are really interested in growth, really interested in reaching that national stage.

And so, I’m always excited to work with, and so is my team, to work with business owners who are really looking to grow and expand and looking for that real financial basis to do that.

What inspires you?

It’s just making a difference. It’s making a difference in the companies that we serve our people. People are huge for me. I want to make sure we’re serving our people well. You would notice if you went to our website, we’re probably about a 25% to 75% split men to women, so we have predominantly women.

Part of what we do is really breaking that glass ceiling for women in finance as well. So, a lot of our leadership training, that’s kind of been one-size-fit-all in the past for people. We make sure that that’s going to resonate with both groups and that they’re able to lead effectively going forward and have the training that actually suits their style.

Did you see any differences as a women climbing the corporate ladder?

Absolutely. When you’re a woman coming up in the ranks in finance and accounting, there was a glass ceiling that you push up against. When you’re having children, there’s always that limiting talk around executives.

And so, I’ve seen lots of women who’ve been overlooked, not because they’re not capable or not because they don’t have the same skill sets, but maybe they’re not as loud or as vocal about their accomplishments as their male counterparts, which has held them back. So, this isn’t just a journey about saying, you know, women being held back. It’s also, you know, how do we help women and empower them to show up in the way that they need to, to be recognized for the skill sets that they have.

What advice would you give to other aspiring female entrepreneurs?

There was an interesting, and I’ll bring in a book. Malcolm Gladwell’s book, Revenge of the Tipping Point, talks about the 25% representation that must be in any group for voices to be heard. What we still see is a big disparity of females on executive teams, still not even close to that 25% voice.

So even as we break through the glass ceiling and those women get invited to the table, we’re still, it’s going to take time to build up to the 25%, you know, ratio to have your voice heard. So, what I would say to women is it’s not about being like a man. I would say if you can lead through curiosity and you can have, bring those difficult questions to the table that have the leadership to thinking in different ways, then you will be able to provide change and value to those organizations that you’re serving.

You don’t have to be the loudest, you don’t have to, but you can do it through curiosity and gain the same results.

What are some of the goals that you have for the future?

Yeah, we’d like to become one of the best-known fractional finance teams out there. That’s ultimately, you know, our goal to grow this business.

We’ve grown by 50% year over year, and we intend to keep growing at that rate. But more importantly, we want to make sure we’re keeping within our purpose of bringing that insights-based finance and that real rigor and structure and using technology and being, you know, on the forefront of finance to the businesses that we’re serving. We just started launching webinars, so we’re doing webinars for people to attend.

So, you know, check us out on LinkedIn and you’ll see links to those webinars there or reach out to me. I’ll have my contact info. And also, you know, as you’ll see over the next three to four years, AI is going to be transformational in finance, and the finance group is dedicated to making sure that they’re on top of those changes in technology.

And so, if you are looking to streamline or fix your finance department or make it more scalable, I encourage you to reach out to us to see how we might be able to support you.

What financial advice would you give to other business owners?

The challenge that I see for business owners is, that they are scared digging into or know much about their financial statements then get held back from getting funding from banks because they can’t tell the story of their business through their financial reporting. And so, having a strong financial reporting is key and one that really reflects their business. It should be a decision-making report they are receiving and if it’s not what they are getting, they probably need to explore how they can get what they need.

Where can viewers find out more about your business?

Go to our website or email me directly at: Dorothy.zubel@thefinancegroup-global.com

The post Fearless Female (May): Dorothy Zubel appeared first on Greater KW Chamber of Commerce.

Barrie, ON – Following our announcement in 2023, Ball Construction is thrilled to provide an update on the landmark Barrie YMCA project, as construction progresses and the vision for this community-centered facility takes shape at the corner of Bayfield and Hanmer Streets.

Since breaking ground, our teams have worked diligently to transform the site into a 21st-century hub for wellness and connection, reaching a major milestone with the completion of the steel superstructure, revealing the facility’s scale and modern form.

The transition from architectural renderings to physical structure marks a significant achievement, with the steel framework reflecting the precision and coordination required, while recent site progress shows advancement into interior development despite seasonal challenges, including ongoing work on metal decking and integrated floor systems supporting aquatic and athletic zones.

• Aquatics Centre: Swimming lessons, fitness, and family activities.
• Fitness Facility & Group Studios: Spaces for individual training and classes.
• Full-Scale Gymnasium: Multi-sport and community event area.
• Indoor Walking Track: Year-round climate-controlled activity space.
• Indoor Playground: Safe and engaging play area for children.
• Meeting Rooms: Flexible spaces for community gatherings.

Ball Construction continues its commitment to building infrastructure that supports thriving communities, with upcoming phases focusing on enclosure and detailed development of the Aquatics Centre, leading toward completion of a facility designed to promote long-term health, connection, and community value.

For more information on Ball Construction’s ongoing projects, visit our Project Gallery.

♦

♦

The post Building for a Healthier Future: Progress Update on the New Barrie YMCA appeared first on Ball Construction.

All around the world economic growth continues to be the alleged panacea of all our ills. Which is complete nonsense even on the face of it. Yes it would be nice to have enough food, water, shelter, health care etc. for everyone on the planet but it is an impossible task getting worse everyday. Why is that you ask? Well there are more and more people on the same size planet everyday. There is however not an automatic and corresponding increase in those life sustaining items everyday as the population continues to grow.  Combined with that is the fact that economic growth at least partially depends on population growth. In other words it's a case of having an ever expanding market for your goods be they foodstuffs, clothing or automobiles.

Population growth leads to some awful environmental problems from basic dumping and overflows from sewage treatment plants into our lakes and rivers as well as forest removal in order to grow more food for more people. Then of course we have climate change which certainly is attributed to more petroleum uses whether for heating our homes or running cars and trucks delivering more products to more people. Climate change including rising ocean levels as ice caps melt is causing havoc with flooding of coastal towns and cities. Greater heat worldwide is causing massive increases in both the numbers and magnitude of violent weather events resulting in more hurricanes and tornados destroying property and lives. Both droughts and floods are increasing in numbers and both affect food production which is already under stress.

Water shortages used to be an issue in third world countries. Now countries are looking for water sources outside their own borders. Water, whether groundwater or surface water, is in greater demand even as our industries continue to ignore pollution laws with little or no public recourse against them. Here in Elmira the now responsible chemical company are bragging about their fine "cleanup" work even as the Ministry of Environment rewrites the Control Order (1991) that was supposed to restore our local aquifers destroyed by Uniroyal Chemical. The deadline is 2028 and it won't happen although desperation may cause attempts to reopen parts of the aquifer to drinking water pumping while pretending to isolate other more contaminated parts. 

This is all our futures unless growth is more seriously limited and supervised. 

Who gave them advice exactly? CEAC gave them good advice for years. The Region of Waterloo as well until they walked away unhappy with being ignored. Various bodies from the initially independent albeit stacked with Uniroyal supporters UPAC followed by CPAC (Crompton/Chemtura) followed by RAC/TAG and then TRAC all gave some good advice but other than the 2011-early 2015 CPAC none of the others ever stood up to the company and the Ministry (MOE/MECP) and demanded honest discussions, action and good faith from them. Chemtura were just like their predecessors incapable of doing any of that. 

Woolwich Township have always been far too sympathetic and deferential to the chemical company with the Oct. 2010 to Oct. 2014 council of Todd Cowan at least trying to support greater honesty at CPAC although even then Todd Cowan personally was a problem. Eventually as we all know he self destructed albeit with a little help. The GRCA can best be described as a joke which speaks volumes as to my lack of response to Doug Ford's clipping their wings. 

The advice given was based upon various reports and experts advising what needed to be done including the MOE from time to time, in between polishing Uniroyal's apple and kissing their feet . Advice included Source Removal including DNAPLS, pumping to both the on-site and off-site Target Rates determined by their own consultants,  removing dioxins, DDT and more in the downstream Canagagigue Creek and so much more. Off-site there were poorly managed DNAPLS (chlorobenzene) whether from Uniroyal or a now decades later admission to a second (unnamed) industrial source. There was also advice given to clean up their air emissions which literally took them years to get around to meanwhile harming local residents' (adults & children) health. 

The company's and the Ministry's (MOE) early on sweetheart deal (Oct. & Nov. 1991) set the tone for the company's continuing to be in charge of the "cleanup" from start to finish. The "cleanup" unsurprisingly has failed just like the company and Ministry have failed Elmira, Woolwich and downstream residents. 

Well the chief architect of the Elmira cleanup failure over the last twelve years by the time the October elections roll around is running for the hills. She also bears some responsibility at the regional level for the water crisis throughout all of Waterloo Region. How many other regional as well as local councillors do you think will join the exodus? I would expect the mayors with more than one term as mayors and regional councillors might be thinking that this is a good time to hit the road. Is that only Barry Vrbanovic or is one of the other big city mayors a repeat culprit?

I expect that up here in Dogpatch (Woolwich) that there might be some small exodus of councillors although actually other than Bonnie Bryant, the others are all first term councillors. Hard to fault them horribly from one term's experience in which a quadruple term Sandy Shantz was leading the pack. She also spent a term as a councillor before her three terms as mayor. A small peccadillo derailed her for one term between her term as councillor and her three terms as mayor.  

I have spent years trying to figure out if she basically is a naive fool, easily swayed and manipulated by the likes of Dave Brenneman, Mark Bauman, Chemtura/Lanxess and other local big shot companies and individuals. Or has she with full knowledge ploughed ahead wrecking havoc on our environment and health by prioritizing growth and business at all costs?  Uniroyal and successors is not the only industrial dump  in Woolwich Township. Breslube, prior to Safety-Kleen, damaged our environments's air and water for extensive distances throughout the 70s, 80s and 90s. Safety-Kleen were always welcomed with open arms and glad handing by earlier Woolwich mayors including Bill Strauss who personally owned multiple contaminated sites related to the fuel industry. 

Perhaps we the citizens deserve both the environment and the mayors that we've had. Sebastian (TRAC) has very lately sent an excellent treatise on to some local environmentalists and unfortunately to a couple of wanna bees that may bite him. That could be unfortunate or it could turn out to be a blessing in disguise as he spends less time with those he refers to as deferential.  

Industrial Cybersecurity Best Practices

• Assessing Your Industrial Cyber Security Posture
• Boundary Defence: The First Layer of Industrial Cyber Security
• Identity and Credentials: The New Air Gap
• Halting Lateral Movement in Operational Technology
• System Hardening: Fortifying Industrial Infrastructure
• Visibility and Detection: Illuminating the Industrial Network
• A Pragmatic Blueprint for Industrial Cyber Security

Welcome to the fifth post in our series exploring the dimensions of industrial cyber security. We have built strong boundaries, secured identities, and restricted lateral movement. Now, we must look at the assets themselves. This is the fourth orthogonal dimension: System Hardening.

In operational technology, patching is notoriously difficult. Systems run constantly, maintenance windows are rare, and legacy software often relies on outdated operating systems. However, leaving systems in their default, vulnerable state is a massive risk. System hardening is the process of reducing the attack surface of individual devices, ensuring that even if an attacker reaches them, exploiting them is exceptionally difficult.

It is a harsh reality that many industrial control devices ship with hardcoded, publicly documented default passwords. Worse, these devices are often commissioned and placed into production without these credentials ever being changed. An attacker scanning the network only needs to consult a vendor manual to gain administrative access to a critical process controller.

Eradicating default credentials is a non-negotiable first step in system hardening. Every device must be configured with a unique, complex password before it is connected to the operational network. This simple act removes the lowest-hanging fruit for threat actors and forces them to use more complex, detectable methods.

Every running service, open port, and enabled feature is a potential vulnerability. Industrial devices often come with secondary web interfaces, file transfer protocols, and legacy management services enabled by default, even if the operator never uses them.

System hardening requires a ruthless audit of device configurations. If a service is not strictly required for the operational function of the asset, it must be disabled. By aggressively trimming the attack surface, you reduce the number of avenues an attacker can exploit, significantly increasing the resilience of the individual component.

Traditional antivirus software relies on identifying known bad files, a strategy that is increasingly ineffective against novel malware and custom ransomware. In a static operational technology environment, where servers and human-machine interfaces run the exact same software every day, we must invert this paradigm.

Application allowlisting ensures that only explicitly approved executables are permitted to run. If an attacker manages to drop a malicious payload onto a hardened system, the operating system simply refuses to execute it. This is a highly effective control in industrial environments, locking down systems and preventing unauthorised code execution.

Configuration drift is a silent killer in industrial security. Over time, temporary firewall rules become permanent, test accounts are forgotten, and security settings are inadvertently downgraded during troubleshooting. Without a baseline, you cannot know if a system is hardened.

Implementing secure configuration management involves defining a strict security baseline for all asset classes and continuously monitoring against it. When a device deviates from the baseline, it must trigger an immediate alert. This ensures that the hardened posture you establish on day one is maintained throughout the lifecycle of the equipment.

While patching programmable logic controllers may require scheduled downtime, the Windows-based servers and engineering workstations that manage them are frequent targets and must be kept up to date. Relying on an air gap as an excuse not to patch is a recipe for disaster.

A pragmatic patch management strategy acknowledges the operational constraints while aggressively addressing critical vulnerabilities. This means triaging patches based on actual risk, testing them in a representative environment, and deploying them systematically. Where patching is impossible, compensating controls like micro-segmentation must be enforced.

System hardening ensures that your foundational assets are resilient. To see where your vulnerabilities lie, complete our Cyber Security Assessment and review our Industrial Cyber Security Best Practices guide. In our next post, we will explore the final dimension: Visibility and Detection.

Industrial Cybersecurity Best Practices

• Assessing Your Industrial Cyber Security Posture
• Boundary Defence: The First Layer of Industrial Cyber Security
• Identity and Credentials: The New Air Gap
• Halting Lateral Movement in Operational Technology
• System Hardening: Fortifying Industrial Infrastructure
• Visibility and Detection: Illuminating the Industrial Network
• A Pragmatic Blueprint for Industrial Cyber Security

The agent that grows with you

Python 138k Updated May 8

Memory library for building stateful agents

Python 3.3k 1 issue needs help Updated May 7