Skip to content

Posts from the ‘Cloud Computing’ Category

Jul 26

1 Comment

Top 10 IoT Startups Of 2019 According To IoT Analytics

  • IoT startups have received $3.6B in funding this year alone, according to IoT Analytics’ estimates.
  • Manufacturing is attracting the highest percentage of vertically-focused IoT startups at 30%.
  • 43% of all IoT startups are founded in North America, the leading region globally of startup activity.
  • 7 of the top 10 IoT startups primarily focus on AI, Analytics, and Data Science.
  • 46% of all IoT startups tracked by IoT Analytics primarily focus on AI, Analytics, and Data Science.

These and many other fascinating insights are from IoT Analytics’ recently published IoT Startups Report & Database 2019.  IoT Analytics found that there approximately 1,018 startups creating Internet of Things (IoT) products or services today. They have defined one of the most thorough methodologies in IoT research to identify the top 10 IoT analytics startups worldwide. To qualify, startups have to be older than 6 years and fit the definition of the Internet of Things, and methodology and criterion explained at the end of this post.

“The hot IoT startups today have a strong focus on data analytics and AI and are increasingly targeting industrial and manufacturing clients. It remains to be seen how much of the analytics technology that today’s startups are building will be scalable across IoT use cases and industries. For now, most of the IoT startups are adding value in specific industries or for specific use cases,” said Knud Lasse Lueth, Managing Director of IoT Analytics.

The following are the top 10 IoT Startups Of 2019 from IoT Analytics:

  1. Arundo Analytics (IoT Middleware & Software Infrastructure)

Arundo Analytics is a hot IoT Startup that provides analytics software for industrial and energy companies. The company has formed several strategic alliances, e.g., with Dell Technologies and WorleyParsons. Arundo has also formed a joint venture with DNV GL to provide stream data analytics for maritime companies. The board of directors includes Tore Myrholt, Senior Partner at McKinsey and Thomas Malone, the founding director of the MIT Center for Collective Intelligence. Recently, Arundo launched several applications incl. machine monitoring and fuel efficiency.

  1. Bright Machines (IoT Middleware & Software Infrastructure)

Bright Machines is currently the fastest growing IoT Startup, has grown from virtually zero at the beginning of 2018 to almost 200 employees a year later (April 2019). The firm focuses on “micro-factories” made up of its software and robot cells as well as new software tools that make manufacturing more efficient. The leadership team is filled with former executives from Autodesk, Flextronics, and Amazon including Amar Hanspal (CEO), Brian Mathews (CTO), Tzahi Rodrig (COO) and Nick Ciubotariu (SVP, Software Engineering). The company recently entered into a strategic partnership with BMW i Ventures.

  1. Dragos (IoT Middleware & Software Infrastructure)

Dragos is a cybersecurity startup that offers a software-defined security platform for manufacturers. The company has seen a 300%+ growth in headcount the last two years and collaborates with GE, Deloitte, OSIsoft, ThreatConnect, Crowdstrike, and several other companies. The company recently acquired Atlanta-based NexDefense and collaborates with Waterfall Solution for a joint solution.

  1. Element (IoT Middleware & Software Infrastructure)

Element (also known as Element Analytics) is a fascinating IoT Startup that focuses on industrial analytics software such as Digital Twins, particularly in heavy industries. The company counts an impressive list of investors, including Kleiner Perkins, GE, Honeywell, and ABB. Element partners with Microsoft, Uptake, OSIsoft, and Radix (consulting).

  1. FogHorn (IoT Middleware & Software Infrastructure)

In recent years, US-based startup FogHorn has gained an excellent reputation with leading manufacturers and oil and gas organizations around the world for its real-time edge computing and analytics software. The company has seen an 89% employee growth in the past two years and has secured partnerships with 50+ industrial solution providers, OEMs, gateway providers, and consultants/SIs, including AWS, Google Cloud, Microsoft, Cisco, HP, NTT Data, and more. FogHorn is also a member of LF Edge, an umbrella organization to drive an open, interoperable framework for edge computing to accelerate deployment among the growing number of edge devices. Investors in FogHorn include The Hive, Bosch, Dell, GE, Honeywell, Intel, Saudi Aramco, and Yokogawa.

  1. Iguazio (IoT Middleware & Software Infrastructure)

Iguazio is a hot startup that provides a state-of-the-art data science platform for various verticals, including Industrial IoT, Smart Mobility, and Telecommunications. The company recently entered into collaborations with NVIDIA, Microsoft, and Google. Iguazio markets its Nuclio platform product as a “serverless” framework for multi-cloud environments and is thus well-positioned for the next wave of cloud computing.

  1. IoTium (IoT Connectivity)

IoTium is a quickly upcoming IoT startup from the Silicon Valley area that focuses on software-defined network infrastructure in manufacturing and related verticals. The company has seen a 100%+ growth in headcount over the last two years and now counts John Chambers, former Cisco CEO, as an investor along with other well-known corporate investors incl. Juniper, Qualcomm, SafeNet, and Wind River. The company is also very active in the EdgeX Foundry and recently joined the Siemens’ MindSphere partner program as a gold member.

  1. Preferred Networks (IoT Middleware & Software Infrastructure)

Preferred Networks is one of Japan’s IoT hotshots, focused on applying real-time machine-learning technologies to new Internet of Things applications. The company has seen a 100%+ employee growth in the last two years and now collaborates with world-leading organizations incl. Toyota Motor Corporation, Fanuc, and the National Cancer Center. The company is also very active in developing the deep-learning framework Chainer™ together with IBM, Intel, Microsoft, Nvidia.

  1. READY Robotics (IoT Hardware)

READY Robotics is a rare robotics startup that is looking to benefit from the increasing automation and flexibility of manufacturing processes around the world. The company emerged from the cutting-edge robotics research at Johns Hopkins University to develop its industrial robotic software called Forge.  The company has seen a 150%+ growth in headcount in the last two years and is now producing roughly 15 robot systems per month.

  1. SparkCognition (IoT Middleware & Software Infrastructure)

SparkCognition excels in AI-powered analytics, particularly in manufacturing and related verticals. SparkCognition has seen a 100%+ growth in headcount over the last two years. The company has launched Skygrid, a joint venture with Boeing and it has partnered with Siemens as part of its Mindsphere program. The company is also a Google Cloud Technology Partner and works with IBM as a trusted partner.

The full 62-page report (+ 1,018 line-item database) titled “IoT Startups Report & Database 2019” is available for purchase here.

Jul 22

1 Comment

Why AI Is The Future Of Cybersecurity

These and many other insights are from Capgemini’s Reinventing Cybersecurity with Artificial Intelligence Report published this week. You can download the report here (28 pp., PDF, free, no opt-in). Capgemini Research Institute surveyed 850 senior executives from seven industries, including consumer products, retail, banking, insurance, automotive, utilities, and telecom. 20% of the executive respondents are CIOs, and 10% are CISOs. Enterprises headquartered in France, Germany, the UK, the US, Australia, the Netherlands, India, Italy, Spain, and Sweden are included in the report. Please see page 21 of the report for a description of the methodology.

Capgemini found that as digital businesses grow, their risk of cyberattacks exponentially increases. 21% said their organization experienced a cybersecurity breach leading to unauthorized access in 2018. Enterprises are paying a heavy price for cybersecurity breaches: 20% report losses of more than $50 million. Centrify’s most recent survey, Privileged Access Management in the Modern Threatscape, found that 74% of all breaches involved access to a privileged account. Privileged access credentials are hackers’ most popular technique for initiating a breach to exfiltrate valuable data from enterprise systems and sell it on the Dark Web.

Key insights include the following:

  • 69% of enterprises believe AI will be necessary to respond to cyberattacks. The majority of telecom companies (80%) say they are counting on AI to help identify threats and thwart attacks. Capgemini found the telecom industry has the highest reported incidence of losses exceeding $50M, making AI a priority for thwarting costly breaches in that industry. It’s understandable by Consumer Products (78%), and Banking (75%) are 2nd and 3rd given each of these industry’s growing reliance on digitally-based business models. U.S.-based enterprises are placing the highest priority on AI-based cybersecurity applications and platforms, 15% higher than the global average when measured on a country basis.

  • 73% of enterprises are testing use cases for AI for cybersecurity across their organizations today with network security leading all categories. Endpoint security the 3rd-highest priority for investing in AI-based cybersecurity solutions given the proliferation of endpoint devices, which are expected to increase to over 25B by 2021. Internet of Things (IoT) and Industrial Internet of Things (IIoT) sensors and systems they enable are exponentially increasing the number of endpoints and threat surfaces an enterprise needs to protect. The old “trust but verify” approach to enterprise security can’t keep up with the pace and scale of threatscape growth today. Identities are the new security perimeter, and they require a Zero Trust Security framework to be secure. Be sure to follow Chase Cunningham of Forrester, Principal Analyst, and the leading authority on Zero Trust Security to keep current on this rapidly changing area. You can find his blog here.

  • 51% of executives are making extensive AI for cyber threat detection, outpacing prediction, and response by a wide margin. Enterprise executives are concentrating their budgets and time on detecting cyber threats using AI above predicting and responding. As enterprises mature in their use and adoption of AI as part of their cybersecurity efforts, prediction and response will correspondingly increase. “AI tools are also getting better at drawing on data sets of wildly different types, allowing the “bigger picture” to be put together from, say, static configuration data, historic local logs, global threat landscapes, and contemporaneous event streams,” said Nicko van Someren, Chief Technology Officer at Absolute Software.

  • 64% say that AI lowers the cost to detect and respond to breaches and reduces the overall time taken to detect threats and breaches up to 12%. The reduction in cost for a majority of enterprises ranges from 1% – 15% (with an average of 12%). With AI, the overall time taken to detect threats and breaches is reduced by up to 12%. Dwell time – the amount of time threat actors remain undetected – drops by 11% with the use of AI. This time reduction is achieved by continuously scanning for known or unknown anomalies that show threat patterns. PetSmart, a US-based specialty retailer, was able to save up to $12M by using AI in fraud detection from Kount. By partnering with Kount, PetSmart was able to implement an AI/Machine Learning technology that aggregates millions of transactions and their outcomes. The technology determines the legitimacy of each transaction by comparing it against all other transactions received. As fraudulent orders were identified, they were canceled, saving the company money and avoiding damage to the brand. The top 9 ways Artificial Intelligence prevents fraud provides insights into how Kount’s approach to unsupervised and supervised machine learning stops fraud.

  • Fraud detection, malware detection, intrusion detection, scoring risk in a network, and user/machine behavioral analysis are the five highest AI use cases for improving cybersecurity. Capgemini analyzed 20 use cases across information technology (IT), operational technology (OT) and the Internet of Things (IoT) and ranked them according to their implementation complexity and resultant benefits (in terms of time reduction). Based on their analysis, we recommend a shortlist of five high-potential use cases that have low complexity and high benefits. 54% of enterprises have already implemented five high impact cases. The following graphic compares the recommended use cases by the level of benefit and relative complexity.

  • 56% of senior execs say their cybersecurity analysts are overwhelmed and close to a quarter (23%) are not able to successfully investigate all identified incidents. Capgemini found that hacking organizations are successfully using algorithms to send ‘spear phishing’ tweets (personalized tweets sent to targeted users to trick them into sharing sensitive information). AI can send the tweets six times faster than a human and with twice the success. “It’s no surprise that Capgemini’s data shows that security analysts are overwhelmed. The cybersecurity skills shortage has been growing for some time, and so have the number and complexity of attacks; using machine learning to augment the few available skilled people can help ease this. What’s exciting about the state of the industry right now is that recent advances in Machine Learning methods are poised to make their way into deployable products,” said Nicko van Someren, Chief Technology Officer at Absolute Software.

Conclusion

AI and machine learning are redefining every aspect of cybersecurity today. From improving organizations’ ability to anticipate and thwart breaches, protecting the proliferating number of threat surfaces with Zero Trust Security frameworks to making passwords obsolete, AI and machine learning are essential to securing the perimeters of any business.  One of the most vulnerable and fastest-growing threat surfaces are mobile phones. The two recent research reports from MobileIronSay Goodbye to Passwords (4 pp., PDF, opt-in) in collaboration with IDG, and Passwordless Authentication: Bridging the Gap Between High-Security and Low-Friction Identity Management (34 pp., PDF, opt-in) by Enterprise Management Associates (EMA) provide fascinating insights into the passwordless future. They reflect and quantify how ready enterprises are to abandon passwords for more proven authentication techniques including biometrics and mobile-centric Zero Trust Security platform.

Jul 21

Passwords Are The Weakest Defense In A Zero Trust World

  • 90% of security professionals have witnessed security incidents stemming from the theft of credentials, according to a recent MobileIron study conducted by IDG.
  • 86% of CIO, CISO and Security VPs would abandon password authentication if they could.
  • Another survey by EMA found that mobile devices secured by biometric authentication methods present the best option for replacing passwords.
  • There is a direct correlation between the number of times a user authenticates and the number of user access problems that need to be addressed.

These and many other fascinating insights make it clear that passwords are now the weakest defense anyone can rely on in a Zero Trust world. Two recent research studies quantify just how weak and incomplete an IT security strategy based on passwords is, especially when the need to access mobile apps is proliferating. Combined, these two MobileIron reports pack a one-two punch at passwords, and how they’re not strong enough alone to protect mobile devices, the fastest proliferating threat surface in a Zero Trust world.

The first, Say Goodbye to Passwords (4 pp., PDF, opt-in) by IDG, is based on interviews with 200 IT security leaders in the US, UK, Australia, and New Zealand working in a range of industries at companies with at least 500 employees. The survey’s goal is to uncover and quantify the major authentication pain points facing enterprises.  The second, Passwordless Authentication: Bridging the Gap Between High-Security and Low-Friction Identity Management (34 pp., PDF, opt-in) by Enterprise Management Associates (EMA), is based on interviews with 200 North American-based IT professionals who are knowledgeable about their organization’s use of identity and access management services. Please see page 4 of the study for additional details regarding the methodology.

The two studies provide insights into the perils of passwords and the merits of mobile when it comes to enterprise security, user experiences, and workforce productivity:

  • 90% of respondents to the EMA survey have experienced significant password policy violations in just the last year. The most frequently reported was that identical passwords are being used to support multiple accounts (39.06%). The following graphic from the EMA study reflects password management worst practices that put an organization at a high risk of a breach. A recent survey by Centrify found that 74% of all breaches involved access to a privileged account. Hackers aren’t breaking into systems; they’re obtaining privileged access credentials and walking in the front door as the graphic below shows.

  • 88% of global security leaders believe that mobile devices will soon serve as a digital ID for accessing enterprise apps and data. In the US, the percentage rises to 91%. With cyberattacks on the rise and the disadvantages of passwords and Multi-Factor Authentication (MFA) apparent to security leaders—from both a user and a security standpoint— it’s clear that new authentication methods are needed. Hardware tokens, seen by many security leaders as a more secure option for authentication than passwords, take a hit on user-friendliness compared to biometrics on a mobile device according to the survey’s results. Among the security leaders, 72% see biometrics as more user-friendly than passwords, versus just 58% favoring tokens over passwords for ease of use.

  • Four of the top five authentication technologies IT leaders prefer over passwords are biometrics-based. What’s encouraging from the EMA study is that the majority of IT departments are actively evaluating biometrics with 82% of respondents identifying at least one of the four basic biometric approaches as a passwordless solution.

  • 87% of enterprises anticipate an increase in users needing business app access over the next 24 months. 85% of respondents reported seeing an increase in the number of users who need to access business apps from a mobile device over the past 12 months. Mobile apps dominate enterprises’ internal software development efforts according to 91% of respondents to the IDG study.

  • Eliminating passwords reduces the friction or hassles required to gain access to apps and resources while improving organization-wide security. The paradox of how to improve productivity and increase security is solved when passwords go away. Low-friction identity management approaches improve user experiences while simultaneously enhancing security and reducing management efforts as the graphic below shows:

Conclusion

Hackers would instead find ingenious ways to steal passwords and privileged access credentials than spend time attempting to hack into an organization’s systems. Mobile devices and the apps they use are the fastest growing and most unprotected threat surface there is for businesses today, making them a high priority for hackers. Relying on passwords alone to protect mobile devices makes them the weakest defense in a Zero Trust World. Eliminating passwords for more effective authentication and security approaches that are more consistent with Zero Trust is needed now.

Jul 14

10 Charts That Will Change Your Perspective Of AI In Marketing

 

  • Top-performing companies are more than twice as likely to be using AI for marketing (28% vs. 12%) according to Adobe’s latest Digital Intelligence Briefing.
  • Retailers are investing $5.9B this year in AI-based marketing and customer service solutions to improve shoppers’ buying experiences according to IDC.
  • Financial Services marketers lead all other industries in AI application adoption, with 37% currently using them today.
  • Sales and Marketing teams most often collaborate using Configure-Price-Quote (CPQ) and Marketing Automation AI-based applications, with sales leaders predicting AI adoption will increase 155% across sales teams in two years.

Artificial Intelligence enables marketers to understand sales cycles better, correlating their strategies and spending to sales results. AI-driven insights are also helping to break down data silos so marketing and sales can collaborate more on deals. Marketing is more analytics and quant-driven than ever before with the best CMOs knowing which metrics and KPIs to track and why they fluctuate.

The bottom line is that machine learning and AI are the technologies CMOs and their teams need to excel today. The best CMOs balance the quant-intensive nature of running marketing with qualitative factors that make a company’s brand and customer experience unique. With greater insight into how prospects make decisions when, where, and how to buy, CMOs are bringing a new level of intensity into driving outcomes. An example of this can be seen from the recent Forbes Insights and Quantcast research, Lessons of 21st-Century Brands Modern Brands & AI Report (17 pp., PDF, free, opt-in). The study found that AI enables marketers to increase sales (52%), increase in customer retention (51%), and succeed at new product launches (49%). AI is making solid contributions to improving lead quality, persona development, segmentation, pricing, and service.

The following ten charts provide insights into how AI is transforming marketing:

  • 21% of sales leaders rely on AI-based applications today, with the majority collaborating with marketing teams sharing these applications. Sales leaders predict that their use of AI will increase 155% in the next two years. Sales leaders predict AI will reach critical mass by 2020 when 54% expect to be using these technologies. Marketing and sales are relying on AI-based marketing automation, configure-price-quote (CPQ), and intelligent selling systems to increase revenue and profit growth significantly in the next two years. Source: Salesforce Research, State of Sales, 3rd edition. (58 pp., PDF, free, opt-in).

  • AI sees the most significant adoption by marketers working in $500M to $1B companies, with conversational AI for customer service is the most dominant. Businesses with between $500M to $1B lead all other revenue categories in the number and depth of AI adoption use cases. Just over 52% of small businesses with sales of $25M or less are using AI for predictive analytics for customer insights. It’s interesting to note that small companies are the leaders in AI spending, at 38.1%, to improve marketing ROI by optimizing marketing content and timing. Source: The CMO Survey: Highlights and Insights Report, February 2019. Duke University, Deloitte and American Marketing Association. (71 pp., PDF, free, no opt-in).

  • 22% of marketers currently are using AI-based applications with an additional 57% planning to use in the next two years. There are nine dominant use cases marketers are concentrating on today, ranging from personalized channel experiences to programmatic advertising and media buying to predictive customer journeys and real-time next best offers. Source: Salesforce’s State of Marketing Study, 5th edition

  • Content personalization and predictive analytics from customer insights are the two areas CMOs most prioritize AI spending today. The CMO study found that B2B service companies are the top user of AI for content personalization (62.2%) and B2B product companies use AI for augmented and virtual reality, facial recognition and visual search more than any other business types. Source: CMOs’ Top Uses For AI: Personalization and Predictive Analytics. Marketing Charts. March 14, 2019

  • Personalizing the overall customer journey and driving next-best offers in real-time are the two most common ways marketing leaders are using AI today, according to Salesforce. Improving customer segmentation, improving advertising and media buying, and personalizing channel experiences are the next fastest-growing areas of AI adoption in marketing today. Source: Salesforce’s State of Marketing Study, 5th edition

  • 81% of marketers are either planning to or are using AI in audience targeting this year. 80% are currently using or planning to use AI for audience segmentation. EConsultancy’s study found marketers are enthusiastic about AI’s potential to increase marketing effectiveness and track progress. 88% of marketers interviewed say AI will enable them t be more effective in getting to their goals. Source: Dream vs. Reality: The State of Consumer First and Omnichannel Marketing. EConsultancy (36 pp., PDF, free, no opt-in).

  • Over 41% of marketers say AI is enabling them to generate higher revenues from e-mail marketing. They also see an over 13% improvement in click-thru rates and 7.64% improvement in open rates. Source: 4 Positive Effects of AI Use in Email Marketing, Statista (infographic), March 1, 2019.

Additional data sources on AI’s use in Marketing:

15 examples of artificial intelligence in marketing, eConsultancy, February 28, 2019

4 Positive Effects of AI Use in Email Marketing, Statista, March 1, 2019

4 Ways Artificial Intelligence Can Improve Your Marketing (Plus 10 Provider Suggestions), Forbes, Kate Harrison, January 20, 2019

AI: The Next Generation Of Marketing Driving Competitive Advantage Throughout The Customer Life Cycle, Forrester Consulting. February 2017 (10 pp., PDF, free, no opt-in).

Artificial Intelligence for Marketing (complete book) (361 pp., PDF, free, no opt-in)

Artificial Intelligence Roundup, eMarketer, May 2018 (15 pp., PDF, free, no opt-in)

Digital Intelligence Briefing, Adobe, 2018 (43 pp., PDF, free, no opt-in).

How 28 Brands Are Using AI to Enhance Their Marketing [Infographic], Impact Blog

How AI Is Changing Sales, Harvard Business Review, July 30, 2018

How Top Marketers Use Artificial Intelligence On-Demand Webinar with Vala Afshar, Chief Digital Evangelist, Salesforce and Meghann York, Director, Product Marketing, Salesforce

How To Win Tomorrow’s Car Buyers – Artificial Intelligence in Marketing & Sales, McKinsey Center for Future Mobility, McKinsey & Company. February 2019. (44 pp., PDF, free, no opt-in)

IDC MarketScape: Worldwide Artificial Intelligence in Enterprise Marketing Clouds 2017 Vendor Assessment, (11 pp., PDF, free, no opt-in.)

In-depth: Artificial Intelligence 2019, Statista Digital Market Outlook, February 2019 (client access reqd).

Leading reasons to use artificial intelligence (AI) for marketing personalization according to industry professionals worldwide in 2018, Statista.

Lessons of 21st-Century Brands Modern Brands & AI Report, Forbes Insights and Quantcast Study (17 pp., PDF, free, opt-in),

Powerful pricing: The next frontier in apparel and fashion advanced analytics, McKinsey & Company, December 2018

Share of marketing and agency professionals who are comfortable with AI-enabled technology automated handling of their campaigns in the United States as of June 2018, Statista.  

The CMO Survey: Highlights and Insights Report, February 2019. Duke University, Deloitte and American Marketing Association. (71 pp., PDF, free, no opt-in).

Visualizing the uses and potential impact of AI and other analytics, McKinsey Global Institute, April 2018.  Interactive page based on Tableau data set can be found here.

What really matters in B2B dynamic pricing, McKinsey & Company, October 2018

Winning tomorrow’s car buyers using artificial intelligence in marketing and sales, McKinsey & Company, February 2019

Worldwide Spending on Artificial Intelligence Systems Will Grow to Nearly $35.8 Billion in 2019, According to New IDC Spending Guide, IDC; March 11, 2019

Jul 10

What’s Next For You? How AI Is Transforming Talent Management

Bottom Line: Taking on the talent crisis with greater intelligence and insight, delivering a consistently excellent candidate experience, and making diversity and inclusion a part of their DNA differentiates growing businesses who are attracting and retaining employees. The book What’s Next For You? by Ashutosh Garg, CEO and Co-Founder and Kamal Ahluwalia, President of eightfold.ai provide valuable insights and a data-driven roadmap of how AI is helping to solve the talent crisis for any business.

The Talent Crisis Is Real

  • 78% of CEOs and Chief Human Resource Officers (CHROs) say talent programs are important, with 56% say their current programs are ineffective.
  • 83% of employees want a new job yet only 53% want to leave for a new company.
  • 57% of employees say diversity and inclusion initiatives aren’t working, and 40% say their companies lack qualified diverse talent.
  • Nearly 50% of an organizations’ top talent will leave their jobs in the first two years of being hired.
  • 28% of open positions today won’t be filled in the next 12 months.

The above findings are just a sample of the depth of data-driven content and roadmap the book What’s Next For You? delivers. Co-authors Ashutosh Garg’s and Kamal Ahluwalia’s expertise in applying AI and machine learning to talent management problems with a strong data-first mindset is evident throughout the book. What makes the book noteworthy is how the authors write from the heart first with empathy for applicants and hiring managers, supporting key points with data. The empathetic, data-driven tone of the book makes the talent crisis relatable while also illustrating how AI can help any business make better talent management decisions.

“Businesses are having to adapt to technology changes and changes in customer expectations roughly every 10 years – a timeframe that is continuing to shrink. As a result, business leaders need to really focus on rethinking their business strategy and the associated talent strategy, so they have the organizational capability to transform and capitalize on the inevitable technology shifts,” writes John Thompson, Venture Partner, Lightspeed Venture Partners and Chairman of the Board at Microsoft in the forward.

The book cites talent management researchers and experts who say “our current knowledge base has a half-life of about two years, and the speed of technology is outperforming us as humans because of what it can do quickly and effectively“ (p.64). John Thompson’s observations in the forward that the time available for adapting to change is shrinking is a unifying thread that ties this book together. One of the most convincing is the fact that using today’s Applicant Tracking Systems (ATS) and hiring processes prone to biases, there’s a 30% chance a new hire will not make it through their first year. If the new hire is a cloud computing professional, this equates to a median salary of $146,350 and taking best-case 46 days to find their replacement. The cost and time loss of losing just one recruited cloud computing professional can derail a project for months. It will cost at least $219,000 or more to replace just that one engineer. Any manager who has lost a new hire within a year can relate to how real the talent crisis is and how urgent it is to solve it.

The Half-Life Of Skills Is Shrinking Fast

The most compelling chapter of the book illustrates how today’s talent crisis can be solved by taking an AI-enabled approach to every aspect of talent management. Chapter 4, The Half-Life Of Skills Is Shrinking Fast, delves into how AI can find candidates who can unlearn old concepts, and quickly master new ones. The book calls out this attribute of any potential new hire as being essential for them to adapt.  Using higher quality data than is available in traditional ATS systems, the authors illustrate how AI-based systems can be used for evaluating both the potential and experiences of applicants to match them with positions they will excel in. The authors make a convincing argument that AI can increase the probability of new candidate success. They cite a well-known Leadership IQ statistic of 46% of all new employee hires failing to adapt within 18 months, and the Harvard Business Review study finding between 40% to 60% of new upper management hires fail within 18 months. The authors contend that even Leonardo Da Vinci, one of the primary architects of the Renaissance, would have trouble finding work using a traditional resume entered into an ATS system today because his exceptional capabilities and potential would have never been discovered. When our existing process of recruiting is based on practices over 500 years old, as this copy of Leonardo Da Vinci’s resume illustrates, it’s time to put AI to work matching peoples’ potential with unique position requirements.

When Employees Achieve Their Potential, Companies Do Too   

Attracting the highest potential employees possible and retaining them is the cornerstone of any digital business’ growth strategy today and in the future. The book addresses the roadblocks companies face in attaining that goal, with bias being one of the strongest. “For example, McKinsey & Co., a top consulting agency, studied over 1,000 companies across 12 countries and found that firms in the top quartile of gender diversity were a fifth more likely to have above-average profits than those in the bottom quartile,” (p. 105). Further, “diverse executive boards generate better financial returns, and gender-diverse teams are more creative, more productive and more confident.” (p. 105).

In conclusion, consider this book a roadmap of how hiring and talent management can change for the better based on AI. The authors successfully illustrate how combining talent, personalization at scale, and machine learning can help employees achieve their potential, enabling companies to achieve theirs in the process.

Jul 9

Indeed’s 10 Most Popular AI & Machine Learning Jobs This Year

Indeed's 10 Most Popular AI & Machine Learning Jobs This Year

  • AI and Machine Learning job postings on Indeed rose 29.10% over the last year between May 2018 and May 2019.
  • Machine Learning and Deep Learning Engineers are the most popular jobs posted on Indeed between 2018 and 2019.
  • Machine Learning Engineers are earning an average salary of $142,858.57 in 2019 based on an analysis of all open positions on Indeed.
  • Indeed is seeing a leveling off of candidate-initiated searches for AI & Machine Learning (ML) jobs, dropping 14.5% between May 2018 and May 2019

These and many other insights are from Indeed’s recent report of the top 10 AI Jobs, and Salaries. Indeed’s analytics team completed an analysis of AI and machine learning hiring trends in 2019 to discover the top positions, highest salaries, and where the best opportunities are. The following are key insights from their latest study of AI and machine learning recruiting and hiring trends:

  • Machine Learning Engineers earn an average salary of $142,858.57 in 2019 based on an analysis of all open positions on Indeed. The Indeed analytics team found that the average annual salary for Machine Learning Engineers has grown by $8,409 in just a year, increasing 5.8%. Algorithm engineer’s average annual salary rose to $109,313 this year, an increase of $5,201, or 5%. Both salary bumps are likely a result of organizations’ spending more to attract talent to these crucial roles in a competitive AI job market

Indeed's 10 Most Popular AI & Machine Learning Jobs This Year

  • Machine Learning and Deep Learning Engineers are the most sought-after, popular jobs posted on Indeed between 2018 and 2019.  The Indeed analytics team identified the top 10 positions with the highest percentage of job descriptions that include the keywords “artificial intelligence” or “machine learning.” New jobs appearing on the list for the first time include Senior Data Scientist, Junior Data Scientist, Developer Consultant, Director of Data Science, and Lead Data Scientist. The inclusion of five new titles and the mix of skills shown in the table below reflects organizations’ growing expertise using AI, deep learning, and machine learning to drive business outcomes.

Indeed's 10 Most Popular AI & Machine Learning Jobs This Year

  • AI and Machine Learning job postings on Indeed rose 29.10% over the last year between May 2018 and May 2019.  Indeed found the increase is significantly less than it was for the previous two years. During the same period, May 2017 to May 2018 AI job postings on Indeed rose 57.91%, and a whopping 136.29% between May 2016 and May 2017.
  • Indeed is seeing a leveling off of candidate-initiated searches for AI & Machine Learning (ML) jobs, dropping 14.5% between May 2018 and May 2019. In comparison, searches increased 32% between May 2017 and May 2018 and 49.1% between May 2016 and May 2017. There are demand-and supply-side explanations for the 14.5% drop. From the demand side, the effects of AI and machine learning reaching broader adoption and maturing in organizations is leading to a greater variety of skills being recruited for. The 14.5% reduction reflects the broadening base of skills enterprises need to get the most out of AI and machine learning. From a supply side, potential job candidates are seeing the broadening base of skills they need to get hired, which are quickly making job descriptions from two years ago or longer obsolete. Finding candidates who have capabilities and potential to excel in AI and machine learning positions needs to get beyond just relying on job descriptions. Eightfold is doing just that by relying on machine learning algorithms to match candidates who have the optimal set of capabilities and potential for every open position an organization has.
  • New York, San Francisco, and Washington D.C. are the top three cities for AI and machine learning jobs in 2019. Indeed’s 2018 study also found New York and San Francisco leading all other metropolitan areas in open positions. New York’s diverse industries that range from banking, financial services, institutional investing, insurance to a growing AI startup community all contribute to its ranking first in the U.S. for AI positions.

Indeed's 10 Most Popular AI & Machine Learning Jobs This Year

Jul 8

1 Comment

Salesforce Now Has Over 19% Of The CRM Market

 

  • Salesforce dominated the worldwide CRM market with a 19.5% market share in 2018, over double its nearest rival, SAP, at 8.3% share.
  • Worldwide spending on customer experience and relationship management (CRM) software grew 15.6% to reach $48.2B in 2018.
  • 72.9% of CRM spending was on software as a service (SaaS) in 2018, which is expected to grow to 75% of total CRM software spending in 2019.
  • Worldwide enterprise application software revenue totaled more than $193.6B in 2018, a 12.5% increase from 2017 revenue of $172.1B. CRM made up nearly 25% of the entire enterprise software revenue market.

CRM remains the largest and fastest growing enterprise software category today according to the latest market sizing, and market share research Gartner published this weekGartner defines CRM as providing the functionality to companies across the four segments of customer service and support, digital commerce, marketing, and sales. All four subsegments of the CRM market grew by more than 13.7%, with marketing emerging as the fastest growing segment, increasing by 18.8% and representing more than 25% of the entire CRM market. Customer service and support retain its No. 1 position, contributing 35.7% of CRM market revenue, attaining $17.1B in revenues in 2018.

Key insights include the following:

  • With 19.5% market share, Salesforce has over 2X the CRM sales SAP has and over 3X of Oracle. Salesforce continues to dominate CRM globally, increasing its market share from 18.3% in 2017 to 19.5% in 2018. Adobe is the only other vendor to grow its market share in 2018. Microsoft and SAP successfully held onto to market share while Oracle lost share.

  • Adobe and Salesforce grew faster than the overall market, increasing CRM revenues 21.7% and 23.2% respectively. Adobe’s CRM sales jumped from $2B in 2017 to $2.4B in 2018. Salesforce CRM revenues increased from $7.6B in 2017 to $9.4B in 2018, growing the fastest of all competitors in this market. SAP grew 15.5% between 2017 and 2018, just below the overall market growth of 15.6%. Microsoft (15%) and Oracle (7.1%) grew slower than the market. The following graphic compares growth rates between 2017 and 2018.

  • Adobe dominates the marketing subsegment of CRM with 19% market share in 2018. Salesforce has 11.7% of the marketing subsegment, followed by IBM (5.7%), SAP (4%), Oracle (3.6%) and HubSpot (3.4%). Gartner estimates the marketing subsegment was a $12.2B market in 2018, increasing from $10.3B in 2017, achieving 18.8% growth in just a year.
  • Eastern and Western Europe were the fastest growing regions at 19.7% and 17.5% respectively. North America and Western Europe were the largest two regions with North America growing at 15.2% to reach $28.1B in revenue.

Sources:

Gartner Says Worldwide Customer Experience and Relationship Management Software Market Grew 15.6% in 2018

Market Share: Customer Experience and Relationship Management, Worldwide, 2018 (client access required)

Jul 7

Customer Experiences Define Success In A Digital-First World

Customer Experiences Define Success In A Digital-First World

  • 91% of enterprises have adopted or have plans to adopt a digital-first strategy. Of these enterprises, 48% already have a digital-first approach in place.
  • Creating better customer experiences (67%), improving process efficiency through automation (53%), and driving new revenue (48%) are the top three digital business strategies enterprises are investing in today.
  • 35% of enterprises have experienced revenue growth due to digital business initiatives over the past 12 months.
  • 5G, Artificial Intelligence, and Machine Learning are the top technologies being researched by enterprises who are defining digital business strategies.
  • Enterprises are planning to spend $15.3M on digital initiatives over the next 12 months. 59% will be allocated to technology, and 41% will be dedicated to people and skills.

These and many other fascinating insights are from the second annual IDG Digital Business study, The State of Digital Business Transformation 2019. You can download a summary of the slides here (7 pp., PDF, opt-in). The survey’s methodology is based on 702 interviews across nine industries with technology, financial services, and business services (consulting, legal and real estate) comprising 43% of all respondents. IDG relied on CIO, Computerworld, CSO, InfoWorld, and Network World visitors as their primary respondent base. For additional details regarding the methodology, please see page 2 of the study.

The study’s primary goal was to gain a better understanding of where organizations are in their approaches to becoming digital-first businesses. The study captures the strategies and technologies businesses are adopting to ensure digitally-driven growth with customer experience improvements being proven as a growth catalyst. Key insights from the survey include the following:

  • 52% of enterprises define digital business as meeting customer experience expectations, jumping to 65% for financial services enterprises. Customer expectations rule all other categories of how an enterprise defines a digital business. 49% define digital business as enabling worker productivity with mobile apps, data access, and AI-assisted automation. The following graphic compares how enterprises define their digital business. Please click on the graphic to expand for easier reading.

Customer Experiences Define Success In A Digital-First World

  • Mobile devices and apps are enterprises’ platform of choice for launching digital-first strategies in 2019. Mobile apps and the platforms supporting them provide the needed scale, speed-to-market, and performance gains through application-level improvements that all businesses need to gain initial adoption and growth with their digital-first strategies. IDG found that private cloud and business process management are the second- and third-most used technologies to drive digital-first initiatives. Enterprises also have a considerable lead when it comes to mobile app availability: 74% have mobile apps today compared to 51% of SMBs.

  • Internet of Things (IoT), Artificial Intelligence (AI) and machine learning are the leading three initiatives enterprises have in pilot today as part of their digital-first initiatives. 21% of all organizations surveyed are in one or more IoT pilots, and 20% of organizations are piloting AI and machine learning projects today. Nearly a third of all organizations (29%) have multi-cloud configurations in production today, and 25% have software-defined Wide Area Networks (WANs).

  • 57% of enterprises (companies with over 1K employees) say improving new product and service offerings by digitally enabling operations is the single greatest source of revenue growth. Digitally enabling or streamlining new product and development processes and the systems supporting them also improve the ability to innovate and size new opportunities (49%). It makes sense that once the new product development process is more digitally enabled, an organization will be able to more efficiently launch new capabilities (47% in enterprises) and improve sales capacity including upsell and cross-sell (41% overall).

  • Creating better customer experiences (67%), improving process efficiency through automation (53%), and driving new revenue (48%) are the top three digital business strategies enterprises are investing in today. Business Management, including General Managers with P&L responsibility, are placing a high priority on creating a better customer experience, far above all else. They’re the revenue drivers of businesses adopting a digital-first strategy today as well, over 10% higher than IT Management and 12% higher than IT executives.

  • In the most successful digital-first businesses, the CIO the most visible, vocal, and successful in leading change management initiatives. Six of the nine core dimensions of a successful digital enablement strategy are dominated by CIOs. Technology Needs Assessment (48%), IT Skills Assessment (48%) and Change Management (33%) are the three areas CIOs are making the greatest contribution to digital-first strategies on the part of their businesses. It’s important to note that CIOs are far and away, the champion and leader of data management strategies as well.

  • Enterprises are placing a high priority on data security and protection as part of the digital-first initiatives, with 27% having cybersecurity systems in place. It’s encouraging to see business and IT leaders making data and system security their highest priority, getting results quickly in this area. Technology needs assessment, and IT skills assessment (both 24%) are also areas where enterprises are making strong progress. As the CIO owns these areas and is also the person most likely to be owning change management, it’s understandable how advanced digital-first businesses are on these two dimensions. The following graphic compares the progress enterprises are making in becoming a digitally-driven business.

Jun 23

Top 10 Cybersecurity Companies To Watch In 2019

Today’s Threatscape Has Made “Trust But Verify” Obsolete 

The threatscape every business operates in today is proving the old model of “trust but verify” obsolete and in need of a complete overhaul. To compete and grow in the increasingly complex and lethal threatscape of today, businesses need more adaptive, contextually intelligent security solutions based on the Zero Trust Security framework. Zero Trust takes a “never trust, always verify, enforce least privilege” approach to privileged access, from inside or outside the network. John Kindervag was the first to see how urgent the need was for enterprises to change their approach to cybersecurity, so he created the Zero Trust Security framework in 2010 while at Forrester. Chase Cunningham, Principal Analyst at Forrester, is a mentor to many worldwide wanting to expand their knowledge of Zero Trust and frequently speaks and writes on the topic. If you are interested in cybersecurity in general and Zero Trust specifically, be sure to follow his blog.

AI and machine learning applied to cybersecurity’s most significant challenges is creating a proliferation of commercially successful, innovative platforms. The size and scale of deals in cybersecurity continue to accelerate with BlackBerry’s acquisition of Cylance for $1.4B in cash closing in February of this year being the largest. TD Ameritrade’s annual survey of registered investment advisors (RIA) showed nearly a 6X jump in cybersecurity investments this year compared to 2018.

The top ten cybersecurity companies reflect the speed and scale of innovation happening today that are driving the highest levels of investment this industry has ever seen. The following are the top ten cybersecurity companies to watch in 2019:

Absolute (ABT.TO)  – One of the world’s leading commercial enterprise security solutions, serving as the industry benchmark for endpoint resilience, visibility, and control. The company enables more than 12,000 customers with self-healing endpoint security, always-connected visibility into their devices, data, users, and applications whether endpoints are on or off the network, and the ultimate level of control and confidence required for the modern enterprise. Embedded in over one billion endpoint devices, Absolute delivers intelligence and real-time remediation capabilities that equip enterprises to stop data breaches at the source.

To thwart attackers, organizations continue to layer on security controls — Gartner estimates that more than $124B will be spent on security in 2019 aloneAbsolute’s 2019 Endpoint Security Trends Report finds that much of that spend is in vain, however, revealing that 70% of all breaches still originate on the endpoint. The problem is complexity at the endpoint – it causes security agents to fail invariably, reliably, and predictably.

Absolute’s research found that 42% of all endpoints are unprotected at any given time, and 100% of endpoint security tools eventually fail. As a result, IT leaders see a negative ROI on their security spend. What makes Absolute one of the top 10 security companies to watch in 2019 is their purpose-driven design to mitigate this universal law of security decay.

Enterprises rely on Absolute to cut through the complexity to identify failures, model control options, and refocus security intent. Rather than perpetuating organizations’ false sense of security, Absolute enables uncompromised endpoint persistence, builds resilience and delivers the intelligence needed to ensure security agents, applications, and controls continue functioning and deliver value as intended. Absolute has proven very effective in validating safeguards, fortifying endpoints, and stopping data security compliance failures. The following is an example of the Absolute platform at work:

BlackBerry Artifical Intelligence and Predictive Security  –  BlackBerry is noteworthy for how quickly they are reinventing themselves into an enterprise-ready cybersecurity company independent of the Cylance acquisition. Paying $1.4B in cash for Cylance brings much-needed AI and machine learning expertise to their platform portfolio, an acquisition that BlackBerry is moving quickly to integrate into their product and service strategies. BlackBerry Cylance uses AI and machine learning to protect the entire attack surface of an enterprise with automated threat prevention, detection, and response capabilities. Cylance is also the first company to apply artificial intelligence, algorithmic science, and machine learning to cyber security and improve the way companies, governments, and end users proactively solve the world’s most challenging security problems. Using a breakthrough mathematical process, BlackBerry Cylance quickly and accurately identifies what is safe and what is a threat, not just what is in a blacklist or whitelist. By coupling sophisticated math and machine learning with a unique understanding of a hacker’s mentality, BlackBerry Cylance provides the technology and services to be truly predictive and preventive against advanced threats. The following screen from CylancePROTECT provides an executive summary of CylancePROTECT usage, from the number of zones and devices to the percentage of devices covered by Auto-Quarantine and Memory Protection, Threat Events, Memory Violations, Agent Versions, and Offline Days for devices.

Centrify –  Centrify is redefining the legacy approach to Privileged Access Management by delivering cloud-ready Zero Trust Privilege to secure modern enterprise attack surfaces. Centrify Zero Trust Privilege helps customers grant least privilege access based on verifying who is requesting access, the context of the request, and the risk of the access environment. Industry research firm Gartner predicted Privileged Access Management (PAM) to be the second-fastest growing segment for information security and risk management spending worldwide in 2019 in their recent Forecast Analysis: Information Security and Risk Management, Worldwide, 3Q18 Update (client access required). By implementing least privilege access, Centrify minimizes the attack surface, improves audit and compliance visibility, and reduces risk, complexity, and costs for the modern, hybrid enterprise. Over half of the Fortune 100, the world’s largest financial institutions, intelligence agencies, and critical infrastructure companies, all trust Centrify to stop the leading cause of breaches – privileged credential abuse. PAM was also named a Top 10 security project for 2019 in Gartner’s Top 10 Security Projects for 2019 (client access required).
CloudFlare –  Cloudflare is a web performance and security company that provides online services to protect and accelerate websites online. Its online platforms include Cloudflare CDN that distributes content around the world to speed up websites, Cloudflare Optimizer that enables web pages with ad servers and third-party widgets to download Snappy software on mobiles and computers, CloudFlare Security that protects websites from a range of online threats including spam, SQL injection, and DDOS, Cloudflare Analytics that gives insight into website’s traffic including threats and search engine crawlers, Keyless SSL that allows organizations to keep secure sockets layer (SSL) keys private, and Cloudflare applications that help its users install web applications on their websites.

CrowdStrike – Applying machine learning to endpoint detection of IT network threats is how CrowdStrike is differentiating itself in the rapidly growing cybersecurity market today. It’s also one of the top 25 machine learning startups to watch in 2019. Crowdstrike is credited with uncovering Russian hackers inside the servers of the US Democratic National Committee. The company’s IPO was last Tuesday night, with an initial $34/per share price. Their IPO generated $610M at a valuation at one point reaching nearly $7B. Their Falcon platform stops breaches by detecting all attacks types, even malware-free intrusions, providing five-second visibility across all current and past endpoint activity while reducing cost and complexity for customers. CrowdStrike’s Threat Graph provides real-time analysis of data from endpoint events across the global crowdsourcing community, allowing detection and prevention of attacks based on patented behavioral pattern recognition technology.

Hunters.AI – Hunters.AI excels at autonomous threat hunting by capitalizing on its autonomous system that connects to multiple channels within an organization and detects the signs of potential cyber-attacks. They are one of the top 25 machine learning startups to watch in 2019. What makes this startup one of the top ten cybersecurity companies to watch in 2019 is their innovative approach to creating AI- and machine learning-based algorithms that continually learn from an enterprise’s existing security data. Hunters.AI generates and delivers visualized attack stories allowing organizations to more quickly and effectively identify, understand, and respond to attacks. Early customers, including Snowflake Computing, whose VP of Security recently said, “Hunters.AI identified the attack in minutes. In my 20 years in security, I have not seen anything as effective, fast, and with high fidelity as what Hunters can do.”  The following is a graphic overview of how their system works:

Idaptive – Idaptive is noteworthy for the Zero Trust approach they are taking to protecting organizations across every threat surface they rely on operate their businesses dally. Idaptive secures access to applications and endpoints by verifying every user, validating their devices, and intelligently limiting their access. Their product and services strategy reflects a “never trust, always verify, enforce least privilege” approach to privileged access, from inside or outside the network. The Idaptive Next-Gen Access platform combines single single-on (SSO), adaptive multifactor authentication (MFA), enterprise mobility management (EMM) and user behavior analytics (UBA). They have over 2,000 organizations using their platform today. Idaptive was spun out from Centrify on January 1st of this year.

Kount – Kount has successfully differentiated itself in an increasingly crowded cybersecurity marketplace by providing fraud management, identity verification and online authentication technologies that enable digital businesses, online merchants and payment service providers to identify and thwart a wide spectrum of threats in real-time. Kount has been able to show through customer references that their customers can approve more orders, uncover new revenue streams, and dramatically improve their bottom line all while minimizing fraud management cost and losses. Through Kount’s global network and proprietary technologies in AI and machine learning, combined with policy and rules management, their customers thwart online criminals and bad actors driving them away from their site, their marketplace and off their network. Kount’s continuously adaptive platform learns of new threats and continuously updates risk scores to further thwart breach and fraud attempts. Kount’s advances in both proprietary techniques and patented technology include: Superior mobile fraud detection, Advanced artificial intelligence, Multi-layer device fingerprinting, IP proxy detection and geo-location, Transaction and custom scoring, Global order linking, Business intelligence reporting, Comprehensive order management, Professional and managed services. Kount protects over 6,500 brands today.

MobileIron –  The acknowledged leader in Mobile Device Management software, MobileIron’s latest series of developments make them noteworthy and one of the top ten cybersecurity companies to watch in 2019.   MobileIron was the first to deliver key innovations such as multi-OS mobile device management (MDM), mobile application management (MAM), and BYOD privacy controls. Last month MobileIron introduced zero sign-on (ZSO), built on the company’s unified endpoint management (UEM) platform and powered by the MobileIron Access solution. “By making mobile devices your identity, we create a world free from the constant pains of password recovery and the threat of data breaches due to easily compromised credentials,” wrote Simon Biddiscombe, MobileIron’s President and Chief Executive Officer in his recent blog post, Single sign-on is still one sign-on too many. Simon’s latest post, MobileIron: We’re making history by making passwords history, provides the company’s vision going forward with ZSO. Zero sign-on eliminates passwords as the primary method for user authentication, unlike single sign-on, which still requires at least one username and password. MobileIron paved the way for a zero sign-on enterprise with its Access product in 2017, which enabled zero sign-on to cloud services on managed devices. Enterprise security teams no longer have to trade off security for better user experience, thanks to the MobileIron Zero Sign-On.

Sumo Logic – Sumo Logic is a fascinating cybersecurity company to track because it shows the ability to take on large-scale enterprise security challenges and turn them into a competitive advantage. An example of this is how quickly the company achieved FedRAMP Ready Designation, getting listed in the FedRAMP Marketplace. Sumo Logic is a secure, cloud-native, machine data analytics service, delivering real-time, continuous intelligence from structured, semi-structured, and unstructured data across the entire application lifecycle and stack. More than 2,000 customers around the globe rely on Sumo Logic for the analytics and insights to build, run, and secure their modern applications and cloud infrastructures. With Sumo Logic, customers gain a multi-tenant, service-model advantage to accelerate their shift to continuous innovation, increasing competitive advantage, business value, and growth. Founded in 2010, Sumo Logic is a privately held company based in Redwood City, Calif. and is backed by Accel Partners, Battery Ventures, DFJ, Franklin Templeton, Greylock Partners, IVP, Sapphire Ventures, Sequoia Capital, Sutter Hill Ventures and Tiger Global Management.

Jun 23

Machine Learning Is Helping To Stop Security Breaches With Threat Analytics

Bottom Line: Machine learning is enabling threat analytics to deliver greater precision regarding the risk context of privileged users’ behavior, creating notifications of risky activity in real time, while also being able to actively respond to incidents by cutting off sessions, adding additional monitoring, or flagging for forensic follow-up.

Separating Security Hacks Fact from Fiction

It’s time to demystify the scale and severity of breaches happening globally today. A commonly-held misconception or fiction is that millions of hackers have gone to the dark side and are orchestrating massive attacks on any and every business that is vulnerable. The facts are far different and reflect a much more brutal truth, which is that businesses make themselves easy to hack into by not protecting their privileged access credentials. Cybercriminals aren’t expending the time and effort to hack into systems; they’re looking for ingenious ways to steal privileged access credentials and walk in the front door. According to Verizon’s 2019 Data Breach Investigations Report, ‘Phishing’ (as a pre-cursor to credential misuse), ‘Stolen Credentials’, and ‘Privilege Abuse’ account for the majority of threat actions in breaches (see page 9 of the report).

It only really takes one compromised credential to potentially impact millions — whether it’s millions of individuals or millions of dollars. Undeniably, identities and the trust we place in them are being used against us. They have become the Achilles heel of our cybersecurity practices. According to a recent study by Centrify among 1,000 IT decision makers, 74% of respondents whose organizations have been breached acknowledged that it involved access to a privileged account. This number closely aligns with Forrester Research’s estimate “that at least 80% of data breaches . . . [involved] compromised privileged credentials, such as passwords, tokens, keys, and certificates.”

While the threat actors might vary according to Verizon’s 2019 Data Breach Investigations Report, the cyber adversaries’ tactics, techniques, and procedures are the same across the board. Verizon found that the fastest growing source of threats are from internal actors, as the graphic from the study illustrates below:


Internal actors are the fastest growing source of breaches because they’re able to obtain privileged access credentials with minimal effort, often obtaining them through legitimate access requests to internal systems or harvesting their co-workers’ credentials by going through the sticky notes in their cubicles. Privileged credential abuse is a challenge to detect as legacy approaches to cybersecurity trust the identity of the person using the privileged credentials. In effect, the hacker is camouflaged by the trust assigned to the privileged credentials they have and can roam internal systems undetected, exfiltrating sensitive data in the process.

The reality is that many breaches can be prevented by some of the most basic Privileged Access Management (PAM) tactics and solutions, coupled with a Zero Trust approach. Most organizations are investing the largest chunk of their security budget on protecting their network perimeter rather than focusing on security controls, which can affect positive change to protect against the leading attack vector: privileged access abuse.

The bottom line is that investing in securing perimeters leaves the most popular attack vector of all unprotected, which are privileged credentials. Making PAM a top priority is crucial to protect any business’ most valuable asset; it’s systems, data, and the intelligence they provide. Gartner has listed PAM on its Top 10 Security Projects for the past two years for a good reason.

Part of a cohesive PAM strategy should include machine learning-based threat analytics to provide an extra layer of security that goes beyond a password vault, multi-factor authentication (MFA), or privilege elevation.

How Machine Learning and Threat Analytics Stop Privileged Credential Abuse 

Machine learning algorithms enable threat analytics to immediately detect anomalies and non-normal behavior by tracking login behavioral patterns, geolocation, and time of login, and many more variables to calculate a risk score. Risk scores are calculated in real-time and define if access is approved, if additional authentication is needed, or if the request is blocked entirely.

Machine learning-based threat analytics also provide the following benefits:

  • New insights into privileged user access activity based on real-time data related to unusual recent privilege change, the command runs, target accessed, and privilege elevation.
  • Gain greater understanding and insights into the specific risk nature of specific events, computing a risk score in real time for every event expressed as high, medium, or low level for any anomalous activity.
  •  Isolate, identify, and track which security factors triggered an anomaly alert.
  • Capture, play, and analyze video sessions of anomalous events within the same dashboard used for tracking overall security activity.
  • Create customizable alerts that provide context-relevant visibility and session recording and can also deliver notifications of anomalies, all leading to quicker, more informed investigative action.

What to Look for In Threat Analytics 
Threat analytics providers are capitalizing on machine learning to improve the predictive accuracy and usability of their applications continually. What’s most important is for any threat analytics application or solution you’re considering to provide context-aware access decisions in real time. The best threat analytics applications on the market today are using machine learning as the foundation of their threat analytics engine. These machine learning-based engines are very effective at profiling the normal behavior pattern for any user on any login attempt, or any privileged activity including commands, identifying anomalies in real time to enable risk-based access control. High-risk events are immediately flagged, alerted, notified, and elevated to IT’s attention, speeding analysis, and greatly minimizing the effort required to assess risk across today’s hybrid IT environments.

The following is the minimum set of features to look for in any privilege threat analytics solution:

  • Immediate visibility with a flexible, holistic view of access activity across an enterprise-wide IT network and extended partner ecosystem. Look for threat analytics applications that provide dashboards and interactive widgets to better understand the context of IT risk and access patterns across your IT infrastructure. Threat analytics applications that give you the flexibility of tailoring security policies to every user’s behavior and automatically flagging risky actions or access attempts, so that you’ll gain immediate visibility into account risk, eliminating the overhead of sifting through millions of log files and massive amounts of historical data.
  • They have intuitively designed and customizable threat monitoring and investigation screens, workflows, and modules. Machine learning is enabling threat analytics applications to deliver more contextually-relevant and data-rich insights than has ever been possible in the past. Look for threat analytics vendors who offer intuitively designed and customizable threat monitoring features that provide insights into anomalous activity with a detailed timeline view. The best threat analytics vendors can identify the specific factors contributing to an anomaly for a comprehensive understanding of a potential threat, all from a single console. Security teams can then view system access, anomaly detection in high resolutions with analytics tools such as dashboards, explorer views, and investigation tools.
  • Must provide support for easy integration to Security Information and Event Management (SIEM) tools. Privileged access data is captured and stored to enable querying by log management and SIEM reporting tools. Make sure any threat analytics application you’re considering has installed, and working integrations with SIEM tools and platforms such as Micro Focus® ArcSight™, IBM® QRadar™, and Splunk® to identify risks or suspicious activity quickly.
  • Must Support Alert Notification by Integration with Webhook-Enabled Endpoints. Businesses getting the most value out of their threat analytics applications are integrating with Slack or existing onboard incident response systems such as PagerDuty to enable real-time alert delivery, eliminating the need for multiple alert touch points and improving time to respond. When an alert event occurs, the threat analytics engine allows the user to send alerts into third-party applications via Webhook. This capability enables the user to respond to a threat alert and contain the impact of a breach attempt.

Conclusion 
CentrifyForresterGartner, and Verizon each have used different methodologies and reached the same conclusion from their research: privileged access abuse is the most commonly used tactic for hackers to exfiltrate sensitive data. Breaches based on privileged credential abuse are extremely difficult to stop, as these credentials often have the greatest levels of trust and access rights associated with them. Leveraging threat analytics applications using machine learning that is adept at finding anomalies in behavioral data and thwarting a breach by denying access is proving very effective against privileged credential abuse.

Companies, including Centrify, use risk scoring combined with adaptive MFA to empower a least-privilege access approach based on Zero Trust. This Zero Trust Privilege approach verifies who or what is requesting privileged access, the context behind the request, and the risk of the access environment to enforce least privilege. These are the foundations of Zero Trust Privilege and are reflected in how threat analytics apps are being created and improved today.

« Older Entries
Newer Entries »