Posts from the ‘Cloud Computing’ Category

Mar 23

What Enterprises Need To Plan For In 2021 When It Comes To Endpoint Security

Bottom Line: Today’s largely-distributed enterprises need to make sure they are putting endpoint security first in 2021– which includes closely managing every stage of the device lifecycle, from deployment to decommission, and ensuring all sensitive data remains protected.

There’s a looming paradox facing nearly every organization today of how they’ll secure thousands of remote endpoints without having physical access to devices, and without disrupting worker productivity. Whether there’s the need to retire hardware as part of down-sizing or cost-cutting measures, or the need to equip virtual teams with newer equipment more suitable for long term work-from-home scenarios, this is one of the most pressing issues facing CISOs and CIOs today.

Wanting to learn more about how their customers are tackling their endpoint security challenges and how their companies are helping to solve it, I sat down (virtually) with Absolute Software’s President and CEO Christy Wyatt and Matthew Zielinski, President of North America Intelligent Devices Group at Lenovo. The following is my interview with both of them:

Louis Columbus: Christy and Matt, thanks so much for your time today. To get started, I would like each of you to share what you’re hearing from your customers regarding their plans to refresh laptops and other endpoint devices in 2021.

Christy Wyatt: We’re seeing a strong desire from organizations to ensure that every individual is digitally enabled, and has access to a screen. In some cases, that means refreshing the hardware they already have in the field, and in other cases, that means buying or adding devices. From the endpoint security standpoint, there’s been a shift in focus around which tools matter the most. When laptops were primarily being used on campus, there was a certain set of solutions to monitor those devices and ensure they remained secure. Now that 90% of devices are out of the building, an entirely different set of capabilities is required – and delivering those has been our focus.

Matt Zielinski: We are seeing historic levels of demand from consumers, as many are transitioning from having maybe one or two devices per household to at least one device per person. We’re also seeing the same levels of demand on both the education and enterprise side. The new dynamic of work-from-anywhere, learn-from-anywhere, collaborate-from-anywhere underscores that the device hardware and software need to be current in order to support both the productivity and security needs of hugely distributed workforces. That’s our highest priority.

Louis: Where are CISOs in their understanding, evaluation, and adoption of endpoint security technologies?

Christy: The journey has been different for the education market than for the enterprise market. Most enterprise organizations were already on the digital path, with some percentage of their population already working remotely. And because of this, they typically have a more complex security stack to manage; our data shows that the total number of unique applications and versions installed on enterprise devices is nearly 1.5 million. What they’ve seen is a trifecta of vulnerabilities: employees taking data home with them, accessing it on unsecured connections, and not being aware of how their devices are protected beyond the WiFi connection and the network traffic.

In the education space, the challenges – and the amount of complexity – are completely different; they’re managing just a small fraction of that total number of apps and versions. That said, as the pandemic unfolded, education was hit harder because they were not yet at a point where every individual was digitally connected. There was a lot of reliance on being on campus, or being in a classroom. So, schools had to tackle digital and mobile transformation at the same time – and to their credit, they made multiple years of progress in a matter of weeks or months. This rapid rate of change will have a profound effect on how schools approach technology deployments going forward.

Matt: Whether in enterprise or education, our customers are looking to protect three things: their assets, their data, and their users’ productivity. It’s a daunting mission. But, the simplest way to accomplish it is to recognize the main control point has changed. It’s no longer the server sitting behind the firewall of your company’s or school’s IT environment. The vulnerability of the endpoint is that the network is now in the user’s hands; the edge is now the primary attack surface. I think CISOs realize this, and they are asking the right questions… I just don’t know if everyone understands the magnitude or the scale of the challenge. Because the problem is so critical, though, people are taking the time to make the right decisions and identify all the various components needed to be successful.

Louis: It seems like completing a laptop refresh during the conditions of a pandemic could be especially challenging, given how entire IT teams are remote. What do you anticipate will be the most challenging aspects of completing a hardware refresh this year (2021)?

Matt: The PC has always been a critical device for productivity. But now, without access to that technology, you are completely paralyzed; you can’t collaborate, you can’t engage, you can’t connect. Lenovo has always been focused on pushing intelligent transformation as far as possible to get the best devices into the hands of our customers. Beyond designing and building the device, we have the ability to distribute asset tags and to provide a 24/7 help desk for our customers whether you’re a consumer, a school, or a large institution. We can also decommission those devices at the end, so we’re able to support the entire journey or lifecycle.

The question has really become, how do you deliver secure devices to the masses? And, we’re fully equipped to do that. For example, every Lenovo X1 Carbon laptop comes out of the box with Lenovo Security Assurance, which is actually powered by Absolute; it is in our hardware. Our customers can open a Lenovo PC, and know that it is completely secure, right out of the box. Every one of our laptops is fortified with Absolute’s Persistence technology and self-healing capabilities that live in the BIOS. It’s that unbreakable, secure connection that makes it possible for us to serve our customers throughout the entire lifecycle of device ownership.

Louis: Why are the legacy approaches to decommissioning assets falling short / failing today? How would you redesign IT asset-decommissioning approaches to make them more automated, less dependent on centralized IT teams?

Christy: There have been a few very visible cases over the past year of highly regulated organizations, experiencing vulnerabilities because of how they decommissioned – or did not properly decommission – their assets. But, I don’t want anyone to believe that that this is a problem that is unique to regulated industries, like financial services. The move to the cloud has given many organizations a false sense of security, and it seems that the more data running in the cloud, the more pronounced this false sense of security becomes. It’s a mistaken assumption to think that when hardware goes missing, the security problem is solved by shutting down password access and that all the data is protected because it is stored in the cloud. That’s just not true. When devices aren’t calling in anymore, it’s a major vulnerability – and the longer the device sits without being properly wiped or decommissioned, the greater the opportunity for bad actors to take advantage of those assets.

The other piece that should be top of mind is that once a device is decommissioned, it’s often sold. We want to ensure that nothing on that device gets passed on to the next owner, especially if it’s going to a service or leasing program. So, we’ve concentrated on making asset decommissioning as precise as possible and something that can be done at scale, anytime and anywhere.

Matt: Historically, reclaiming and decommissioning devices has required physical interaction. The pandemic has limited face-to-face encounters, so , we’re leveraging many different software solutions to give our customers the ability to wipe the device clean if they aren’t able to get the asset back in their possession, so that at least they know it is secure. Since we’re all now distributed, we’re looking at several different solutions that will help with decommissioning, several of which are promising and scale well given today’s constraints. Our goal is to provide our enterprise customers with decommissioning flexibility, from ten units to several thousand.

Louis: Paradoxically, having everyone remote has made the business case for improving endpoint security more compelling too. What do you hear from enterprises about accelerating digital transformation initiatives that include the latest-generation endpoint devices?

Christy: The same acceleration that I spoke about on the education side, we absolutely see on the enterprise side as well, and with rapid transformation comes increased complexity. There has been a lot of conversation about moving to Zero Trust, moving more services to the cloud and putting more controls on the endpoint – and not having these sort of layers in between. Our data tells us that the average enterprise device today has 96 unique applications, and at least 10 of them are security applications. That is a massive amount of complexity to manage. So, we don’t believe that adding more controls to the endpoint is the answer; we believe that what’s most important is knowing the security controls you have are actually working. And we need to help devices and applications become more intelligent, self-aware, and capable of fixing themselves. This concept of resiliency is the cornerstone of effective endpoint security, and a critical part of the shift to a more modern security architecture.

Matt: I think there are two major forcing functions: connection and security. Because we are all now remote, there’s a huge desire to feel connected to one another even though we aren’t sitting in the same room together. We’re modifying our products in real-time with the goal of removing shared pain points and optimizing for the new reality in which we’re all living and working. Things like microphone noise suppression and multiple far field microphones, so that if the dog barks or kids run into a room, the system will mute before you’ve even pressed the mute button. We’re improving camera technology from a processing standpoint to make things look better. Ultimately, our goal is to provide an immersive and connected experience.

Security, however, transcends specific features that deliver customer experiences – security is the experience. The features that make hardware more secure are those that lie beneath the operating system, in the firmware. That is why we have such a deep network of partners, including Absolute. Because you need to have a full ecosystem, and a program that takes advantage of all the best capabilities, in order to deliver the best security solution possible.

Louis: How is Absolute helping enterprise customers ensure greater endpoint security and resiliency in 2021 and beyond?

Christy: We spend a lot of time sitting with customers to understand their needs and how and where we can extend our endpoint security solutions to fit. We believe in taking a layered approach – which is the framework for defense in-depth, and an effective endpoint security strategy. The foundational piece, which we are able to deliver, is a permanent digital tether to every device; this is the lifeline. Not having an undeletable connection to every endpoint means you have a very large security gap, which must be closed fast. A layered, persistence-driven approach ensures our customers know their security controls are actually working and delivering business value. It enables our customers to pinpoint where a vulnerability is and take quick action to mitigate it.

Lenovo’s unique, high value-add approach to integrated security has both helped drive innovation at Absolute, while also providing Lenovo customers the strongest endpoint security possible. Their multilayer approach to their endpoint strategy capitalizes on Absolute’s many BIOS-level strengths to help their customers secure every endpoint they have. As our companies work together, we are both benefitting from a collaboration that seeks to strengthen and enrich all layers of endpoint security. Best of all, our shared customers are the benefactors of this collaboration and the results we are driving at the forefront of endpoint security.

Louis: How has the heightened focus on enterprise cybersecurity in general, and endpoint security specifically, influenced Lenovo’s product strategy in 2021 and beyond?

Matt: We have always been focused on our unique cybersecurity strengths from the device side and making sure we have all of the control points in manufacturing to ensure we build a secure platform. So, we’ve had to be open-minded about endpoint security, and diligent in envisioning how potential vulnerabilities and attack strategies can be thwarted before they impact our customers. Because of this mindset, we’re fortunate to have a very active partner community. We’re always scouring the earth for the next hot cybersecurity technology and potential partner with unique capabilities and the ability to scale with our model. This is a key reason we’ve standardized on Absolute for endpoint security, as it can accommodate a wide breadth of deployment scenarios. It’s a constant and very iterative process with a team of very smart people constantly looking at how we can excel at cybersecurity. It is this strategy that is driving us to fortify our Lenovo Security Assurance architecture over the long-term, while also seeking new ways of providing insights from existing and potentially new security applications.

Louis: What advice are you giving CISOs to strengthen endpoint security in 2021 and beyond?

Christy: One of our advisors is the former Global Head of Information Security at Citi Group, and former CISO of JP Morgan and Deutsche Bank. He talks a lot about his shared experiences of enabling business operations, while defending organizations from ever-evolving threats, and the question that more IT and security leaders need to be asking – which is, “Is it working?” Included in his expert opinion is that cybersecurity needs to be integral to business strategy – and endpoint security is essential for creating a broader secure ecosystem that can adapt as a company’s needs change.

I believe there needs to be more boardroom-level conversations around how compliance frameworks can be best used to achieve a balance between cybersecurity and business operations. A big part of that is identifying resiliency as a critical KPI for measuring the strength of endpoint controls.

Mar 21

The Pandemic Is Teaching Enterprises How To Mind The Cybersecurity Gap

30% of US and UK remote workers say their organizations don’t require them to use a secure access tool, including VPN, to log into corporate databases and systems, according to Ivanti’s 2021 Secure Consumer Cyber Report.
Plus, 25% of remote workers in the US and UK aren’t required to have specific security software running on their devices to access certain applications while working remotely.
And one in four US remote workers use their work email and passwords to log in to consumer websites and apps.

Cybersecurity gaps have continued to widen during the pandemic. A noteworthy survey by Ivanti illustrates exactly how remote workers are putting organizations at risk and where enterprise security is falling short, making those cybersecurity gaps challenging for CISOs to close. Ivanti’s 2021 Secure Consumer Cyber Report outlines the challenges that cybersecurity and IT teams have faced when securing remote workers in what’s being described as the “Everywhere Workplace.” Based on interviews with more than 2,000 US and UK respondents working from home in November 2020, the survey shows that authentication and endpoint security needs to improve across all devices that employees use.

IT Organizations Need Help Closing Their Cybersecurity Gaps

Of the many lessons learned from 2020, among the most valuable are how virtual workforces need self-diagnosing and self-remediating endpoints, while IT organizations need improved unified endpoint management (UEM) as part of a zero-trust strategy. Bad actors continue to target remote workers’ privileged access credentials to gain access and exfiltrate customer, financial and proprietary data, including intellectual property. Ivanti’s survey provides insights into where cybersecurity gaps need attention first:

The most challenging threat surface to protect is a person’s identity because it’s exposed across so many threat surfaces, including personal and work devices, consumer websites, and IoT devices in homes. The pandemic is proving identities are the new security perimeter. A person’s cell phone, personal tablet, and laptop is a real-time digital definition of a person’s identity. Nearly half (49%) of US remote workers use personal devices for their jobs, often without two-factor authentication enabled. The graphic below shows how organizations can close this cybersecurity gap by adopting UEM as part of their go-forward initiatives in 2021 and beyond:

Lack of consistent security software and password standards is a big contributor to US and UK organizations’ cybersecurity gaps today. One in four remote workers can access enterprise resources without any security software in place. An even more surprising finding is that 30% of remote workers in the US and UK can access corporate data without a secure access tool or VPN connection. If a remote worker’s identity is compromised, there’s a one in three chance that their organization will be breached, enabling cyberattackers to move laterally through the company’s systems:

Protecting remote workers’ identities & devices at scale requires Zero Trust. Automating as many tasks as possible while providing a continuous and seamless user experience is the surest way to close cybersecurity gaps. Getting rid of passwords and automating two-factor authentication using Zero Sign-On (ZSO), a core part of the Ivanti platform, is proving essential today. Zero Sign-On relies on proven biometrics, including Apple’s Face ID, as a secondary authentication factor to gain access to work email, unified communications and collaboration tools, and corporate-shared databases and resources. CISOs and their teams also need to consider how mobile threat defense can better secure personal devices against phishing, device, network, and malicious app threats. Late last year, MobileIron (now part of Ivanti) received its second mention in two years in the Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q3 2020. The Forrester Wave graphic is shown below:

In conclusion, enterprise cybersecurity gaps are widening due to a combination of risky consumer behavior and a lack of consistent security for mobile workforces. And these gaps will only increase as employees increasingly work from anywhere, using their personal devices to connect to corporate resources. To secure and enable the future of work, organizations need to start implementing and maturing an end-to-end zero trust security model today by leveraging new technologies and protecting their current security technology investments.

Mar 18

How To Digitally Transform Talent Management For The Better

Bottom Line: CHROs and the HR teams they lead need to commit to keep learning and adopting digital technologies that help improve how they hire, engage and retain talent if they’re going to stay competitive.

Driven by the urgency to keep connected with employees, customers and suppliers, McKinsey’s recent Covid-19 survey finds global organizations are now seven years ahead of schedule on digital transformation initiatives. HR’s role is proving indispensable in enabling the fast pace of digital adoption today. By providing Business Continuity Planning (BCP), HR’s contributions to digital transformation separate the organizations that thrive despite crises versus those left behind, according to McLean & Company’s 2021 HR Trends Report. The graphic below from the report shows how effective HR has been in supporting the rapid changes needed to keep employees communicating and engaged.

The McLean and Company Trends Report also shows that talent management’s major gaps need attention now before they grow wider. These areas include analyzing the employee skills gap (24%), developing employees on new competencies (24%), and training new employees in specific new skills (21%). Improving talent acquisition, retention, diversity and inclusion, and employee experiences by digitally transforming them with greater personalization at scale and visibility is key. CHROs and the HR teams they lead need to close these gaps now.

How To Get Started Digitally Transforming Talent Management

Start with the gaps in talent management you see in your organization. The largest gaps are often in the following four areas: recruiting and talent acquisition; retention of top talent and diverse talent; lack of visibility into employee capabilities; and workforce strategies not aligned to business strategies. Key challenges that need to drive digital transformation in these four areas include the following:

Legacy recruiting and Applicant Tracking Systems prioritize HR’s needs to capture thousands of resumes instead of delivering an excellent candidate experience. Attracting and recruiting the most qualified candidates in a virtual-first world is a daunting task. Organizations who are leaders in digital transformation quickly realized this and relied on automating the applicant experience so much it began to resemble the Amazon 1-Click Ordering experience. McKinsey’s recent Covid survey found that 75% of organizations digitally transforming their operations, including HR, were able to fill tech talent gaps during the crisis:

How To Digitally Transform Talent Management For The Better

Source: McKinsey & Company, 2020, How Covid-19 has pushed companies over the technology tipping point—and transformed business forever

Top talent retention is more of a problem than many organizations realize, with top performers receiving between five and ten recruiter calls a month or more. The average tenure of employees at companies has been decreasing for nearly two decades. And a primary driver is not for lack of opportunity, but because employees can’t find a career path internally as easily as they can find a growth opportunity at another company. It’s possible to retain the top talent by guiding employees to what’s next in their careers. Of the many approaches to providing employees a self-service option for personalized coaching guidance at scale, Eightfold’s Talent Intelligence Platform is delivering results at such notable companies as Air Asia, Micron, NetApp, and others. Eightfold found that 47% of top talent leave within two years, but most would happily stay if given the right opportunity. The following video explains how Eightfold helps its customers retain talent:

Employees often lack visibility into new internal opportunities, and both HR and business leaders lack visibility into employees’ unique capabilities. There’s often a 360-degree lack of visibility into new internal career positions from the employee’s side and a lack of awareness on the employer’s side of their employee’s innate capabilities. The lack of visibility from the employer side limits their ability to benchmark talent, create programmatic, scalable, and flexible career development opportunities and ultimately redeploy talent in an agile way that serves business strategies that are evolving rapidly in response to the impacts of the global pandemic.
Workforce strategies that don’t align and support business strategies waste opportunities to improve morale, productivity, and employees’ professional growth. While organizations have invested heavily in valuable infrastructure, including Learning Management Systems (LMS) and other employee experience and development tools, they often lack a unified platform to help deliver the right growth opportunities to the right person at the right time.

Achieving Greater Automation, Visibility And Personalization At Scale

Talent management is core to any digital business and the competitive outcomes each can produce today and in the future. To make greater contributions, Talent Management needs to deliver the following by relying on a unified platform:

Talent Management platforms need to combine ongoing business insights based on operations data, technology management data, and business transformation apps and tools to create new digitally-driven employee experiences quickly.
A key design goal of any Talent Management platform has to be delivering personalized candidate or prospect experiences at scale through every communications channel an organization relies on, both digital and human.
The best Talent Management platforms provide the apps, data, and contextual intelligence to drive task and mission ownership deep into an organization and reinforce accountability. What’s noteworthy about Eightfold’s Talent Intelligence Platform is that it has designed-in empathy and the ability to deliver quick, effective decisions that further reinforce team inclusion. Eightfold’s many customer wins in Talent Management illustrate how combining empathy, inclusion, and accountability in a platform’s design pays off.

As McLean & Company’s 2021 HR Trends Report shows, taking a band-aid approach to solving Talent Management’s many challenges is effective in the short-term. Turning Talent Management into a solid contributor to business strategies for the long-term needs to start at the platform level, however. Eightfold’s approach to combining their Talent Management, Talent Insights and Talent Acquisition modules, all supported by their Talent Intelligence Platform, enables their customers to define their digital transformation goals and strategies and get results.

Conclusion

The Talent Management goal many organizations aspire to today is to digitally transform candidate or prospect experiences so well that people have an immediate affinity for the company they apply to, and the self-service options are so intuitive they rival Amazon’s 1-Click Ordering Experience. Across any industry, digital transformation succeeds when customers’ expectations are exceeded so far that a new category gets created. Uber’s contextual intelligence, rating system, and ability to optimize ride requests is an example. UberEats provides the same real-time visibility into every step of each order, creating greater trust. Domino’s Pizza Tracker app keeps customers informed of every phase of their orders. What’s common across all these examples is personalization at scale, real-time automation across service providers, and real-time visibility. Those same core values need to be at the center of any Talent Management digital transformation effort today.

Mar 17

How LogicMonitor Buying Airbrake Unleashes DevOps To Do What They Do Best

Bottom Line: LogicMonitor knows first-hand how much pressure DevOps teams are under to produce high-quality code in record time during the pandemic. Acquiring Airbrake proves they get it: DevOps has a high need for speed right now.

LogicMonitor Aims To Solve Today’s DevOps Paradox

The pandemic is forcing every business to make DevOps a core part of their DNA faster than any of them expected. The competitive strengths many banked on in a pre-pandemic world aren’t as relevant as having a steady pipeline of new apps, platforms, and digital channels are. It’s creating a paradox for DevOps: on the one hand, they’re expected to deliver perfect code, and on the other, it needs to be delivered in record time. Pre-pandemic, a typical DevOps team in a $500M+ enterprise has over 200 concurrent projects in progress, with over 70% dedicated to safeguarding and improving customer experiences according to IDC. Today, there are up to 2X more projects, and up to 80% are focused on cybersecurity.

No organization is perfect at DevOps today. Everyone is at various stages of maturity and growth. The pandemic puts a lot of pressure on DevOps teams to get their code right quickly and into a released app in record time. LogicMonitor must see it in their customer base every day. The trade-offs DevOps teams have to make for speed versus quality – and even security – when pushing out a release are real and often tend to overlook diagnostics. That’s why the Airbrake acquisition makes so much sense today. LogicMonitor bought Airbrake to help DevOps teams do what they do best.

The often-quoted Boston Consulting Group (BCG) article, Going All In With DevOps, illustrates the typical pressure DevOps is under to perform, including catching bugs early, solving them, and getting code into test and deployment. According to Airbrake, 73% of their DevOps customers are pushing code multiple times per week – and many said they were deploying code “multiple times per day.” What makes Airbrake a perfect fit for LogicMonitor is how their developer-centric application error and performance monitoring service provides detailed diagnostics beyond the first layer of a bug or problem. In the context of the BCG graphic below, LogicMonitor buying Airbrake gives DevOps teams the diagnostics they need to move faster through error detection and into the test, deploy and release phases.

Competing In Real-Time Is DevOps’ New Reality

46% of DevOps teams are expected to build and deploy software faster now than before the pandemic, according to a recent survey by Checkmarx.
36% of DevOps team members are struggling to keep up with increased dev speeds and demands, according to Checkmarx’s survey.
55% of DevOps team members have taken on more security responsibility during the pandemic, according to Checkmark’s survey.

DevOps teams are struggling to keep up with their workloads today. LogicMonitor believes that by automating more monitoring processes and providing deeper contextual data and insight, DevOps teams can improve their response times and quality.

Automation pays off with more efficient continuous integration and deployment (CI/CD) cycles across DevOps teams, speeding up time-to-market and improving software quality in the process. Buying Airbrake extends LogicMonitor into developer environments and enables their shared customers to gain visibility into CI/CD workflows while reducing risk and ensuring every code release meets customer expectations. The following graphic illustrates how the CI/CD pipelines support DevOps. The more efficient continuous integration, testing, delivery, and operations, the more code releases DevOps can deliver at a higher quality, on time, and to customers’ expectations.

How LogicMonitor Buying Airbrake Unleashes DevOps To Do What They Do Best

Source: Deloitte, DevOps Point of View, An Enterprise Architecture perspective, Amsterdam, 2020

Conclusion

The best aspect of LogicMonitor acquiring Airbrake is how practical, pragmatic, and immediately useful their vision of providing unified observability is in supporting DevOps teams under pressure to perform today. Airbrake is LogicMonitor’s second acquisition in just over a year, having also acquired Stockholm-based log analytics company Unomaly in January 2020. LogicMonitor’s Airbrake page provides additional information.

Mar 14

10 Ways Cybersecurity Can Protect COVID-19 Vaccine Supply Chains

The Pharma industry has lost $14 billion through Intellectual Property (IP) cyber theft worldwide, according to the United Kingdom Office of Cyber Security and Information Assurance.
53% of pharmaceutical IP thefts and related breaches are carried out by someone with insider access, also according to the United Kingdom Office of Cyber Security and Information Assurance.
The pharma industry’s average total cost of a data breach is $5.06 million, with one of the highest costs of remediating the breach at $10.81 million across all industries, according to a recent ProofPoint study.
Over 93% of healthcare organizations experienced a data breach in the past three years, and 57% have had more than five data breaches, according to the Cybersecurity Ventures 2020 Healthcare Cybersecurity Report.
Gartner predicts the privileged access management (PAM) market will grow at a compound annual growth rate (CAGR) of 10.7% from 2020 through 2024, reaching $2.9 billion by 2024.

Bottom Line: Having developed COVID-19 vaccines in a fraction of the time it takes to create new treatments, pharmaceutical companies need to protect the priceless IP, supporting data, and supply chains from cyberattacks.

Showing how powerful global collaboration between pharmaceutical industry leaders can be, the world’s leading vaccine producers delivered new vaccines in record time. The IP behind COVID-19 vaccines and their supporting supply chains need state-of-the-art protection comprised of cybersecurity technologies and systems, as the vaccines’ IP is an asset that cyber attackers have already tried to obtain.

Pharmaceutical’s Growing Number of Threat Surfaces Make Cybersecurity a Priority

In the race to create a COVID-19vaccine by collaborating across the industry, pharmaceutical companies have exposed more threat surfaces than existed before the pandemic. In R&D, Clinical Trials, Manufacturing, and Distribution, there’s a proliferation of new threat surfaces cyber attackers are targeting today, as evidenced by threat analysis reports from the U.S. Homeland Security Department’s Cybersecurity & Infrastructure Security Agency (CISA).

The report provides specifics about how cyber attackers could impersonate an executive from a Chinese biomedical company known for having end-to-end cold chain expertise, which is essential for delivering vaccines reliably. The cyber attackers conducted spear-phishing attacks against global companies who support the global cold chain needed for distributing vaccines. There were credential harvesting attempts against global organizations in at least six countries known today to access vaccine transport and distribution sensitive information.

Launching a phishing campaign with the goal of harvesting details on key executives and access credentials across the cold chain is just the beginning. According to Lookout’s Pharmaceutical Industry Threat Report, some of the most significant threat surfaces are the most problematic today, including the following:

Research & Development & Clinical Trials

Collaborative research teams across pharmaceutical manufacturers globally
Scientists creating initial compounds and completing primary research to define a vaccine.
Integration of study sites at the test device and reporting system level

Manufacturing and Distribution

Plant workers’ systems, including tablets with build instructions on them
Physician & Pharmacist Networks
Distribution Channels and their supporting IT systems

Cyber attackers are taking a more synchronized, multifaceted approach to attacking Covid-19 supply chains, reiterated in CISA’s report. There’s evidence that state-sponsored cyber attackers attempt to move laterally through networks and remain there in stealth, allowing them to conduct cyber espionage and collect additional confidential information from victim environments for future operations. Cyber attackers are initially focused on phishing, followed by malware distribution, registration of new Covid-specific domain names, and always looking for unprotected threat surfaces.

10 Ways Cybersecurity Can Protect COVID-19 Vaccine Supply Chains

By combining multiple cybersecurity best practices and strategies, pharmaceutical companies stand a better chance of protecting their valuable IP and vaccines. Presented below are ten ways the pharmaceutical industry needs to protect the COVID-19 vaccine supply chain today:

Prioritize Privileged Access Management (PAM) across the vaccine supply chain, ensuring least privilege access to sensitive data starting with IP. CISA’s note finds that there have been multiple attempts at capturing privileged credentials, which often have broad access privileges and are frequently left standing open. PAM is needed immediately to institute greater controls around these privileged accounts across the supply chain and only grant just enough just-in-time access to sensitive IP, shipping and logistics data, vaccination schedules, and more. Leaders include Centrify, which is noteworthy for cloud-based PAM implementations at the enterprise and supply chain levels. Additional vendors in this area include BeyondTrust, CyberArk, Ivanti, Thycotic, Ping Identity, and Senhasegura.
Assess every supplier’s security readiness in vaccine supply chains, defining minimum levels of compliance to security standards that include a single, unified security model across all companies. In creating a secured vaccine supply chain, it’s imperative to have every supplier network member on the same security model. Taking this step ensures accountability, greater clarity of roles and responsibilities, and a common definition of privileged roles and access privileges. Leaders in this area include BeyondTrust, Centrify, CyberArk, Ivanti, and Thycotic.
Taking a Zero Trust-based approach to secure every endpoint across the vaccine manufacturer’s R&D, Clinical Trials, Manufacturing, and Distribution networks is necessary to shut down cyber attackers taking advantage of legacy security weaknesses approaches. The pharmaceutical companies and myriad logistics providers see a much faster than the expected proliferation of endpoints today. Trusted and untrusted domains from legacy server operating systems are a time sink when it comes to securing endpoints – and proving unreliable despite the best efforts that Security Operations teams are putting into them. Worst of all, they leave vaccine supply chains vulnerable because they often take an outdated “trust but verify” cybersecurity approach. Leaders include Illumio, Ivanti (MobileIron), Cisco, Appgate, Palo Alto Networks, and Akamai Technologies.
Extend the Zero Trust framework across the entire supply chain by implementing microsegmentation and endpoint security requirements across all phases of the vaccine’s development cycles. This will ensure cyber attackers don’t have the opportunity to embed code to activate later. The goal is to push Zero Trust principles to all related processes integrating with the vaccines’ pipeline, including all dependencies across the entire development lifecycle.
Incorporating Multi-Factor Authentication (MFA) across every system in the vaccine supply chain is a given. Usernames and passwords alone are not enough, and MFA is low-hanging fruit to authenticate authorized users. MFA is based on two or more factors that can authenticate who you are based on something you know (passwords, PINs, code works), something you have (a smartphone, tokens devices that produce pins or pre-defined pins), or something you are (biometrics, facial recognition, fingerprints, iris, and face scans). For example, Google provides MFA as part of their account management to every account holder and has a thorough security check-up, which is useful for seeing how many times a given password has been reused.
Alleviate the conflicts of who will pay for increasing cybersecurity measures by making supplier-level security a separate line item in any CISOs and CIO’s budget. Today certain pharma supply chain CISOs are expected to ramp up cybersecurity programs with the same budget before Covid-19. While there are slight increases in cybersecurity budget levels, it’s often not enough to cover the higher costs of securing a broader scope of supply chain operations. CISOs need to have greater control over cybersecurity budgets to protect vaccine IP and distribution. Relying on traditional IT budgets controlled by CIOs isn’t working. There needs to be a new level of financial commitment to securing vaccine supply chains.
Consider using an AIOps platform adept at unifying diverse IT environments into a single, cohesive AI-based intelligence system that can identify anomalous network behavior in real-time and take action to avert breaches. Based on conversations with CIOs across the financial services industry, it is clear they’re leaning in the direction of AIOps platforms that provide real-time integration to cloud platforms combined with greater control over IT infrastructure. LogicMonitor’s prioritizing IT integration as a core strength of their platform shows, as they have over 2,000 integrations available out of the box. Relying on Collectors’ agentless system, LogicMonitor retrieves metrics such as cloud provider health and billing information. This collector then pulls metrics from different devices using various methods, including SNMP, WMI, perf Mon JMX, APIs, and scripts.
Unified Endpoint Security (UES) needs to become a standard across all vaccine supply chains now. Vendors who can rapidly process large amounts of data to detect previously unknown threats are needed today to stop cyberattacks from capturing IP, shipment data, and valuable logistics information. Absolute Software’s approach to leveraging its unique persistence, resilience, and intelligence capabilities is worth watching. Their approach delivers unified endpoint security by relying on their Endpoint Resilience platform, which includes a permanent digital tether to every enterprise’s endpoint. Absolute is enabling self-healing, greater visibility, and control by having an undeletable digital thread to every device. Based on conversations with their customers in Education and Healthcare, Absolute’s unique approach gives IT complete visibility into where every device is at all times and what each device configuration looks like in real-time.
Pharma supply chains need to have a strategy for achieving more consistent Unified Endpoint Management (UEM) across every device and threat surface of the vaccine supply chain. UEM’s many benefits, including streamlining continuous OS updates across multiple mobile platforms, enabling device management regardless of the connection, and having an architecture capable of supporting a wide range of devices and operating systems. Another major benefit enterprises mention is automating Internet-based patching, policy, configuration management. Ivanti is the global market leader in UEM, and their recent acquisition of Cherwell expands the reach of their Neurons platform, providing service and asset management from IT to lines of business and from every endpoint to the IoT edge. Neurons are Ivanti’s AI-based hyper-automation platform that connects Unified Endpoint Management, Security, and Enterprise Service Management. Ivanti is prioritizing its customers’ needs to autonomously self-heal and self-secure devices and self-service end-users.
Track-and-traceability is essential in any vaccine supply chain, making the idea of cyber-physical passports that include serialization for vaccine batches more realistic given how complex supply chains are today. Passports are an advanced labeling technology that provides the benefits of virtual tracking, verification of specific compounds, and yield rates of key materials. Serialization is a must-have for ensuring greater traceability across vaccine supply chains proving effective in stopping counterfeiting. Having digital passports traceable electronically can further help thwart cyber attackers.

Conclusion

By closing the cybersecurity gaps in vaccine supply chains, the world’s nations can find new, leaner, more efficient processes to distribute vaccines and protect their citizens. It’s evident from the results achieved so far in the U.S. alone that relying on traditional supply chains and means of distribution isn’t getting the job done fast enough, and cyber attackers are already looking to take advantage. By combining multiple cybersecurity tactics, techniques, and procedures, the vaccine supply chain stands to improve and be more secure from threats.

Mar 8

How FinancialForce Is Using AI To Fight Revenue Leakage

Bottom Line: Using AI to measure and predict revenue, costs, and margin across all Professional Services (PS) channels leads to greater accuracy in predicting payment risks, project overruns, and service forecasts, reducing revenue leakage in the process.

Professional Services’ Revenue Challenges Are Complex

Turning time into revenue and profits is one of the greatest challenges of running a Professional Services (PS) business. What makes it such a challenge is incomplete time tracking data and how quickly revenue leaks spring up, drain margins, and continue unnoticed for months. Examples of revenue leaks across a customers’ life cycles include the following:

Billing errors are caused by the booking and contract process not being in sync with each other leading to valuable time being wasted.
When products are bundled with services, there’s often confusion over recognizing each revenue source, when, and by which PS metric.
Inconsistent, inaccurate project cost estimates and actual activity lead to inaccurate forecasting, delaying the project close and the potential for bad debt write-offs and high Days Sales Outstanding (DSO).
Revenue leakage gains momentum and drains margins when the following happens:
- Un-forecasted delays and timescale creep
- Reduced utilization rates across each key resource required for the project to be completed
- Invoice and billing errors that result in invoice disputes that turn into high DSOs & write-offs
- Incorrect pricing versus the costs of sales & service often leads to customer churn.
- Revenue leakage gains momentum as each of these factors further drains margin

Adding up all these examples and many more can easily add up to 20-30% of actual lost solution and services margin. In many ways, it’s like death by a thousand small cuts. The following graphic provides examples across the customer lifecycle:

Why Professional Services Are Especially Vulnerable To Revenue Leakage

Selling projects and the promise of their outcomes in the future create a unique series of challenges for PS organizations when it comes to controlling revenue leakage. It often starts with inaccurately scoping a project too aggressively to win the deal, only to determine the complexity of tasks originally budgeted for will take 10 – 30% longer or more. Disconnects on project scope are unfortunately too common, turning small revenue leaks into major ones and the potential of long Days Sales Outstanding (DSO) on invoices. When revenue leaks get ingrained in a project’s structure, they continue to cascade into each subsequent phase, growing and costing more than expected.

The SPI 2021 Professional Services Maturity™ Benchmark Service published by Services Performance Insight, LLC in February of this year provides insights into the hidden costs and prevalence of revenue leakage. The following table illustrates how organizations with high levels of revenue leakage also perform badly against other key metrics, including client referencability. The more revenue leakage an organization experiences, the more billable utilization drops, on-time project deliveries become worse, and executive real-time visibility becomes poorer.

How FinancialForce Is Using AI To Fight Revenue Leakage

It’s noteworthy that FinancialForce is now on its 12^th consecutive product release that includes Salesforce Einstein, and many customers, including Five9, are using AI to manage revenue leakage across their PS business. Throughout the pandemic, the FinancialForce DevOps, product management, and software quality teams have been a machine, creating rich new releases on schedule and with improved AI functionality based on Einstein. The 12^th release includes prebuilt data models, lenses, dashboards, and reports.

Andy Campbell, Solution Evangelist at FinancialForce, says that “FinancialForce customers have access to best practices to minimize revenue leakage by scoping and selling the right product and services mix to allocating the optimal range and amount of services personnel and finally billing, collecting and recognizing the right amount of revenue for services provided.” Andy continued, saying that recent dashboards have been built for resource managers to automate demand and capacity planning and service revenue forecasting and assist financial analysts in managing deferred revenue and revenue leakage.

By successfully integrating Einstein into their ERP system for PS organizations, FinancialForce helps clients find new ways to reduce revenue leakage and preserve margin. Relying on AI-based insights for each phase of a PS engagement delivered a 20% increase in Customer Lifetime Value according to a FinancialForce customer. And by combining FinancialForce and Salesforce, customers see an increased bid:win ratio of 10% or more. The following graphic illustrates how combining the capabilities of Einstein’s AI platform with FinancialForce delivers results.

Conclusion

FinancialForce’s model building in Einstein is based on ten years of structured and unstructured data, aggregated and anonymized, then used for in-tuning AI models. FinancialForce says these models are used as starting points or templates for AI-based products and workflows, including predict to pay. Salesforce has also done the same for its Sales Cloud Analytics and Service Cloud Analytics. In both cases, Salesforce and FinancialForce customers benefit from best practices and recommendations based on decades of data, which should be particularly interesting considering the “black swan” nature of 2020 data for most of their customers.

Mar 7

How A Startup Uses AI To Help You Find The Market Research You Need

95% of the content essential for decision making in an organization is unstructured, residing in PDFs and various file formats that defy easy indexing and quick access, according to MIT Media Labs.
80% of typical organizations’ data is unstructured, slowing down work, often leading to less-than-optimal decision-making, according to an Accenture study published earlier this year.
Organizations use 35% of their structured data for insights and decision-making, but only 25% of their unstructured enterprise data, according to an Accenture study on how data is used for decision-making.
60% to 80% of employees can’t find the information they are looking for even when there’s content management or knowledge management system in place, according to IBM’s knowledge management study.

Bottom Line: Stravito is an AI startup that’s combining machine learning, Natural Language Processing (NLP) and Search to help organizations find and get more value out of the many market research reports, competitive, industry, market share, financial analysis and market projection analyses they have by making them searchable.

When It Comes To Finding Market Research Data, Intranets Aren’t Getting It Done

Facing tight deadlines to get a marketing plan together for a new product, channel, or selling strategy, market research and product marketing teams will give up looking for a report they know they’ve bought and re-purchase it. The tighter the deadline and the more important the plan, the more this happens.

When a quick call to the Market Research Analyst who has access privileges to all the market research subscriptions doesn’t have the reports a team needs, they either move on without the data or repurchase the report. Having spent the first years of my career as a Market Research Analyst, I can attest to the accuracy of IBM’s finding that 30% of a typical knowledge workers’ day is spent searching for information and understanding its context and original methodology. All reports our organization had distribution rights to internally went on the Intranet site. There were hundreds of reports available online on an Intranet platform with mediocre search capabilities.

The company was founded by Thor Olof Philogène and Sarah Lee in 2017, who together identified an opportunity to help companies be more productive getting greater value from their market research investments. Thor Olof Philogène and Andreas Lee were co-founders of NORM, a research agency where both worked for 15 years serving multinational brands, eventually selling the company to IPSOS. While at NORM, Anders and Andreas were receiving repeated calls from global clients that had bought research from them but could not find it internally and ended up calling them asking for a copy. Today the startup has Carlsberg, Comcast, Colruyt Group, Danone, Electrolux, Pepsi Lipton and others. Stravito has offices in Stockholm (HQ), Malmö and Amsterdam.

Instead of settling for less-than-optimal market and industry data that partially deliver the insights needed for an exceptional product launch or sales campaign, marketing & senior management teams need to set their sights higher. It’s time to replace legacy Intranet sites and their limited search functions with AI-based search engines that auto-tag content and build taxonomies based on content attributes in real-time. Stravito combines AI, machine learning, NLP and Search on a single platform that can index every major file type an organization uses, creating a taxonomy that streamlines search queries.

Having AI as the foundation of the Stravito platform delivers the following benefits:

AI-powered fast search gives individuals the ability to find and share insights and information quicker than any legacy Intranet technology could. With everyone working from home and self-service being a goal every marketing, business planning and IT department is trying to achieve today, Stravito’s architecture is designed for simple queries and requests anyone can quickly learn to create.
Relying on AI and machine learning to alleviate the need to manually upload and tag hundreds of market research reports and analysis. Stravito’s approach to data categorization using AI also identifies and removes duplicate report copies and can be configured to filter out any reports past a specific date. Search perimeters, auto-tagging and in-PDF search options are all configurable. Stravito will rank PDFs by the percentage of relevant content they have for a specific search term, providing a bar graph designating which pages have the most relevant content.
Stravito’s design team has successfully combined AI, machine learning and advanced user interface design to produce an application comparable to Spotify, Google and Netflix. Developing and launching an enterprise-level search engine designed for usability first is noteworthy. Many enterprise applications still aren’t achieving this design goal despite being mentioned as a first priority by enterprise software vendors. As can be seen from their search results screen, Stravito’s approach is to combine information discovery and collaboration:

How A Startup Is Using AI To Help You Find The Market Research You Need

Stravito deserves credit for finding new ways to use AI and machine learning to accomplish drag-and-drop integration of any commonly used file format in an organization – and then have it assigned to a taxonomy in seconds. Stravito’s innovative use of AI, machine learning and auto-tagging provides its customers with a simple drag-and-drop interface that supports bulk uploads. The platform has API integration designed with any market research or advisory service with an API library compatible with their platform. Their customer base actively relies on Euromonitor and Mintel today, for example.

Conclusion

Stravito fills the gap legacy Intranet technologies and current generation collaboration platforms are not addressing. That’s the need to provide a more powerful search engine, one capable of continually adapting to new information and documents. Supervised machine learning has proven effective for taking on challenges related to creating and keeping taxonomies current. Stavito’s product strategy of providing personalized recommendations for the content of interest is a natural progression of their platform. For organizations overwhelmed with research data yet can’t seem to get the reports to decision-makers fast enough, the Stravito platform is worth checking out.

Mar 3

10 Ways AI And Machine Learning Are Improving Marketing In 2021

AI and Machine Learning are on track to generate between $1.4 Trillion to $2.6 Trillion in value by solving Marketing and Sales problems over the next three years, according to the McKinsey Global Institute.
Marketers’ use of AI soared between 2018 and 2020, jumping from 29% in 2018 to 84% in 2020, according to Salesforce Research’s most recent State of Marketing Study.
AI, Machine Learning, marketing & advertising technologies, voice/chat/digital assistants, and mobile tech & apps are the five technologies that will have the greatest impact on the future of marketing, according to Drift’s 2020 Marketing Leadership Benchmark Report.

Chief Marketing Officers (CMOs) and the marketing teams they lead are expected to excel at creating customer trust, a brand that exudes empathy and data-driven strategies that deliver results. Personalizing channel experiences at scale works when CMOs strike the perfect balance between their jobs’ emotional and logical, data-driven parts. That’s what makes being a CMO today so challenging. They’ve got to have the compassion of a Captain Kirk and the cold, hard logic of a Dr. Spock and know when to use each skill set. CMOs and their teams struggle to keep the emotional and logical parts of their jobs in balance.

Asked how her team keeps them in balance, the CMO of an enterprise software company told me she always leads with empathy, safety and security for customers and results follow. “Throughout the pandemic, our message to our customers is that their health and safety come first and we’ll provide additional services at no charge if they need it.” True to her word, the company offered their latest cybersecurity release update to all customers free in 2020. AI and machine learning tools help her and her team test, learn and excel iteratively to create an empathic brand that delivers results.

The following are ten ways AI and machine learning are improving marketing in 2021:

1. 70% of high-performance marketing teams claim they have a fully defined AI strategy versus 35% of their under-performing peer marketing team counterparts. CMOs who lead high-performance marketing teams place a high value on continually learning and embracing a growth mindset, as evidenced by 56% of them planning to use AI and machine learning over the next year. Choosing to put in the work needed to develop new AI and machine learning skills pays off with improved social marketing performance and greater precision with marketing analytics. Source: State of Marketing, Sixth Edition. Salesforce Research, 2020.

10 Ways AI And Machine Learning Are Improving Marketing In 2021

2. 36% of marketers predict AI will have a significant impact on marketing performance this year. 32% of marketers and agency professionals were using AI to create ads, including digital banners, social media posts and digital out-of-home ads, according to a recent study by Advertiser Perceptions. Source: Which Emerging Tech Do Marketers Think Will Most Impact Strategy This Year?, Marketing Charts, January 5, 2021.

3. High-performing marketing teams are averaging seven different uses of AI and machine learning today and just over half (52%) plan on increasing their adoption this year. High-performing marketing teams and the CMOs lead them to invest in AI and machine learning to improve customer segmentation. They’re also focused on personalizing individual channel experiences. The following graphic underscores how quickly high-performing marketing teams learn then adopt advanced AI and machine learning techniques to their competitive advantage. Source: State of Marketing, Sixth Edition. Salesforce Research, 2020.

4. Marketers use AI-based demand sensing to better predict unique buying patterns across geographic regions and alleviate stock-outs and back-orders. Combining all available data sources, including customer sentiment analysis using supervised machine learning algorithms, it’s possible to improve demand sensing and demand forecast accuracy. ML algorithms can correlate location-specific sentiment for a given product or brand and a given product’s regional availability. Having this insight alone can save the retail industry up to $50B a year in obsoleted inventory. Source: AI can help retailers understand the consumer, Phys.org. January 14, 2019.

5. Disney is applying AI modeling techniques, including machine learning algorithms, to fine-tune and optimize its media mix model. Disney’s approach to gaining new insights into its media mix model is to aggregate data from across the organization including partners, prepare the model data and then transform it for use in a model. Next, a variety of models are used to achieve budget and media mix optimization. Then compare scenarios. The result is a series of insights that are presented to senior management. The following dashboard shows the structure of how they analyze AI-based data internally. The data shown is, for example only; this does not reflect Disney’s actual operations. Source: How Disney uses Tableau to visualize its media mix model (https://www.tableau.com/best-marketing-dashboards)

6. 41% of marketers say that AI and machine learning make their greatest contributions to accelerating revenue growth and improving performance. Marketers say that getting more actionable insights from marketing data (40%) and creating personalized consumer experiences at scale (38%) round out the top three uses today. The study also found that most marketers, 77%, have less than a quarter of all marketing tasks intelligently automated and 18% say they haven’t intelligently automated any tasks at all. Marketers need to look to AI and machine learning to automated remote, routine tasks to free up more time to create new campaigns. Source: Drift and Marketing Artificial Intelligence Institute, 2021 State of Marketing AI Report.

7. Starbucks set the ambitious goal of being the world’s most personalized brand by relying on predictive analytics and machine learning to create a real-time personalization experience. The global coffee chain faced several challenges starting with how difficult it was to target individual customers with their existing IT infrastructure. They were also heavily reliant on manual operations across their thousands of stores, which made personalization at scale a formidable challenge to overcome. Starbucks created a real-time personalization engine that integrated with customers’ account information, the mobile app, customer preferences, 3^rd party data and contextual data. They achieved a 150% increase in user interaction using predictive analytics and AI, a 3X improvement in per-customer net incremental revenues. The following is a diagram of how DigitalBCG (Boston Consulting Group) was able to assist them. Source: Becoming The World’s Most Personalized Brand, DigitalBCG.

8. Getting personalization-at-scale right starts with a unified Customer Data Platform (CDP) that can use machine learning algorithms to discover new customer data patterns and “learn” over time. For high-achieving marketing organizations, achieving personalization-at-scale is their highest and most urgent priority based on Salesforce Research’s most recent State of Marketing survey. And McKinsey predicts personalization-at-scale can create $1.7 trillion to $3 trillion in new value. For marketers to capture a part of this value, changes to the mar-tech stack (shown below) must be supported by clear accountability and ownership of channel and customer results. Combining a modified mar-tech stack with clear accountability delivers results. Source: McKinsey & Company, A technology blueprint for personalization at scale. May 20, 2019. By Sean Flavin and Jason Heller.

9. Campaign management, mobile app technology and testing/optimization are the leading three plans for a B2C company’s personalization technologies. Just 19% of enterprises have adopted AI and machine learning for B2C personalization today. The Forrester Study commissioned by IBM also found that 55% of enterprises believe the technology limitations inhibit their ability to execute personalization strategies. Source: A Forrester Consulting Thought Leadership Paper, Commissioned by IBM, Personalization Demystified: Enchant Your Customers By Going From Good To Great, February 2020.

10. Successful AI-driven personalization strategies deliver results beyond marketing, delivering strong results enterprise-wide, including lifting sales revenue, Net Promoter Scores and customer retention rates. When personalization-at-scale is done right, enterprises achieve a net 5.63% increase in sales revenue, 10.26% increase in order frequency, uplifts in average order value and an impressive 13.25% improvement in cross-sell/up-sell opportunities. The benefits transcend marketing alone and drive higher customer satisfaction metrics as well. Source: A Forrester Consulting Thought Leadership Paper, Commissioned by IBM, Personalization Demystified: Enchant Your Customers By Going From Good To Great, February 2020.

CMOs and their teams rely on AI and machine learning to iteratively test and improve every aspect of their marketing campaigns and strategies. Striking the perfect balance between empathy and data-driven results takes a new level of data quality which isn’t possible to achieve using Microsoft Excel or personal productivity tools today. The most popular use of AI and machine learning in organizations is delivering personalization at scale across all digital channels. There’s also increasing adoption of predictive analytics based on machine learning to fine-tune propensity models to improve up-sell and cross-sell results.

Bibliography

AI can help retailers understand the consumer, Phys.org. January 14, 2019

Brei, Vinicius. (2020). Machine Learning in Marketing: Overview, Learning Strategies, Applications and Future Developments. Foundations and Trends® in Marketing. 14. 173-236. 10.1561/1700000065.

Conick, H. (2017). The past, present and future of AI in marketing. Marketing News, 51(1), 26-35.

Drift and Marketing Artificial Intelligence Institute, 2021 State of Marketing AI Report.

Huang, M. H., & Rust, R. T. (2021). A strategic framework for artificial intelligence in marketing. Journal of the Academy of Marketing Science, 49(1), 30-50.

Jarek, K., & Mazurek, G. (2019). MARKETING AND ARTIFICIAL INTELLIGENCE. Central European Business Review, 8(2).

Libai, B., Bart, Y., Gensler, S., Hofacker, C. F., Kaplan, A., Kötterheinrich, K., & Kroll, E. B. (2020). Brave new world? On AI and the management of customer relationships. Journal of Interactive Marketing, 51, 44-56.

Ma, L., & Sun, B. (2020). Machine learning and AI in marketing–Connecting computing power to human insights. International Journal of Research in Marketing, 37(3), 481-504.

McKinsey & Company, A technology blueprint for personalization at scale. May 20, 2019

McKinsey Global Institute, Visualizing the uses and potential impact of AI and other analytics, April 17, 2018, | Interactive

Microsoft Azure AI Gallery (https://gallery.azure.ai/)

Pedersen, C. L. Empathy‐based marketing. Psychology & Marketing.

Sinha, M., Healey, J., & Sengupta, T. (2020, July). Designing with AI for Digital Marketing. In Adjunct Publication of the 28th ACM Conference on User Modeling, Adaptation and Personalization (pp. 65-70).

State of Marketing, Sixth Edition. Salesforce Research, 2020.

Feb 28

Securing Machine Identities Needs To Be A Top Cybersecurity Goal In 2021

Bottom Line: Bad actors quickly capitalize on the wide gaps in machine identity security, creating one of the most breachable threat surfaces today.

Why Machines Are the Most Challenging Threat Surface To Protect

Forrester’s recent webinar on the topic, How To Secure And Govern Non-Human Identities, estimates that machine identities (including bots, robots and IoT) are growing twice as fast as human identities on organizational networks. Forrester defines machine, or non-human, identities as robotic process automation (bots), robots (industrial, enterprise, medical, military) and IoT devices.

The webinar points out that one of the fastest-growing automation types is software bots, with 36% used in finance and accounting, 15% used in business line and 15% in IT. The webinar also points out that in 2019, there were 2.25 million robots in the global workforce, twice as many as in 2010 and 32% of global infrastructure decision-makers expect their firms to use robotic process automation (RPA) over the next 12 months.

According to the Forrester Consulting white paper, Securing The Enterprise With Machine Identity Protection, over 50% of organizations find it challenging to protect their machine identities today. Unprotected machine identities are making it easy for bad actors to take control of entire networks of devices. Bad actors rely on organizations’ bots to provide the cover they need to attack networks and devices, often undetected for months or years.

Forrester found that machine identities are left exposed to bad actors because organizations aren’t adopting the tools they need to create and manage a centralized Identity Access Management (IAM) strategy across all machines. This includes defining and enforcing policies, auditing each machine and endpoint and better integrating support across machines and monitoring systems.

Furthermore, by adopting a more modern Privileged Identity Management (PIM) approach, organizations could solve many of these challenges. Leading PIM solutions providers include Centrify, which has succeeded in adapting to the ephemeral nature of securing machine identities by delivering machine identity and credential authentication based on a centralized trust model.

The Forrester report’s bottom line is that machines are isolated, exposed and more vulnerable than any other endpoint on a network. The following graphic compares protection strategies and finds a majority of organizations struggling to deliver them:

Securing Machine Identities Needs To Be a Top Cybersecurity Goal In 2021

Machine Identities Are Networks’ Weakest Security Link

According to a Venafi study, machine identity attacks grew 400% between 2018 and 2019, increasing by over 700% between 2014 and 2019. Malware capable of compromising machine identities continues to gain momentum, doubling between 2018 and 2019 and growing 300% over the five years leading up to 2019. According to Kount’s 2020 Bot Landscape and Impact Report, 81% of enterprises are regularly dealing with malicious bots today and one in four say a single bot attack has cost them $500,000 or more. Furthermore, many organizations may not realize how many bots and machine identities they have – and bad actors capable of creating hundreds using automated scripting tools.

Forrester provided the following data points underscoring how vulnerable machines are to botnet and identity-based attacks today:

The 2017 Mirai botnet attack is a cautionary tale of the dangers of using default security credentials on machines and IoT devices. Using botnets to automate scans of vast blocks of IP addresses for potential telnet ports to log into, the Mirai botnets were programmed to rapidly try a series of basic usernames and passwords to gain access to IoT devices and machines. The Mirai botnets were successful, gaining control of thousands of machines and orchestrating them to deliver one of the largest DDOS attacks in history.
It’s common for enterprises to lose track of how many bots they’ve created, giving malicious actors the perfect cover to mask their movements. Instead of creating their bots, malicious actors look to disguise their movements across a network with a company’s bots. Forrester’s webinar mentioned how a large North American insurance provider deployed 400 software bots for customer-facing digital chatbots and processing claims, among other tasks.
There’s often no oversight of who has the rights to create and launch bots internally, leading to potentially thousands of bots without secured identities. One of the most troubling findings presented during the webinar is how loose the process is to create a bot – with no checks and balances in place or means of achieving consistent identity management.

How To Strengthen Machine Security

The more challenging any machine threat surface is to protect, the more opportunity it provides bad actors to breach them. A good place to start is by clarifying who owns keeping Transport Layer Security (TLS) and previous-generation Secured-Sockets Layer (SSL) client and server certificates, code signing certificates, Secure Shell (SSH) host and cryptographic keys so they are kept up to date. Letting those fall through the cracks will leave thousands of machines exposed and exploitable on networks.

Prioritizing machine identities and securing machine credentials is a must-have in 2021, as botnet attacks are quickly increasing due to bad actors’ being able to spin up thousands of them in days. The following are key steps to get started:

Taking a Zero Trust approach to managing every machine identity authentication on a network now could save thousands of hours and dollars in the future. Taking a least privilege access approach to managing machines now will pay off in the future, as the workloads of machines and non-human entities continue to grow more complex. The Forrester webinar expands on this point by explaining how new, more complex inter-machine relationships are evolving quicker than legacy approaches to endpoint governance and security can keep up.
Privileged access controls need to be more adaptive, secure and scalable than many organizations’ static-based approaches to securing machines are today. Forrester recommends replacing long-standing hardcoded credentials with session-based ones assigned via API calls from a vault. Machines are being used 24/7 and have access patterns completely different from humans using the network, making dynamically-assigned, ephemeral credentials even more important to protect a network. Privileged Identity Management (PIM) proves effective at providing privileged access controls for machine identities, with Forrester mentioning Centrify, HashiCorp and others as leaders in this area. Centrify’s approach is noteworthy in enrolling machines with its platform via a client to establish a trust relationship, so applications running on that machine can also be authenticated using a short-lived, scoped token.
Monitoring more machines on a network often leads to a transition from legacy to integrated log monitoring systems that can capture, analyze and report anomalous activity across a network. Log Monitoring systems are proving invaluable in identifying machine endpoint configuration and performance anomalies in real-time. AIOps is proving effective in identifying anomalies and performance event correlations in real-time, contributing to greater business continuity. One of the leaders in this area is LogicMonitor, whose AIOps-enabled infrastructure monitoring and observability platform have proven successful in troubleshooting infrastructure problems and ensuring business continuity.
Perform periodic audits to track all bots and machines in use across an organization, using Microsoft Active Directory to inventory and manage all of them. One of the most valuable take-aways from the Forrester webinar is the need to manage machine identities and their credentials centrally. Forrester mentions Microsoft Active Directory as one option. The companies providing services in this area include Centrify, which pioneered Active Directory bridging to authenticate human and machine identities based on a centralized model from a single identity repository.

Conclusion

Machines, or as Forrester calls them in their webinar, non-human identities require more precise, adaptive and ephemeral identity structures and access controls. CISOs and CIOs need to take greater ownership of machine identity authentication and provide Identity Access Management (IAM) and Privileged Access Management (PAM) down to the bot and non-human identity level. With the exponential growth of malicious bots tracking machine identities, now is the time to place machine identities among the highest priority of any cybersecurity strategy in 2021.

Feb 26

1 Comment

10 Charts That Will Change Your Perspective Of Microsoft Azure’s Growth

Microsoft Azure revenue grew 50% year-over-year in fiscal Q2, 2021, contributing to a 26% increase in Server products and cloud services revenue.
According to the latest earnings call, more than 1,000 Microsoft customers now use Azure Arc to simplify hybrid management and run Azure services across on-premises, multi-cloud and at the edge.
Commercial cloud gross margins increased to 71% in the latest quarter, up from 67% a year earlier.
There are now over 60 Azure regions globally, strengthening Microsoft’s competitive global position versus Amazon Web Services.
Microsoft reported $43.08 billion in the second fiscal quarter ended Dec. 31, up from $36.91 billion a year earlier,

These and many other insights are from Microsoft’s Fiscal Year 2021 Second Quarter Earnings Conference Call and related research. Microsoft’s early decision to double down on expanding their cloud platform by accelerating new product and services development and Azure region expansion is paying off. Azure’s revenue growth shows Microsoft is an innovation machine when it comes to the cloud.

In their latest fiscal quarter, Microsoft announced hundreds of new services and updates to Microsoft Azure alone. The most noteworthy are improvements to Microsoft Cloud for Healthcare, Azure Defender for SQL, Password spray detection in Azure AD Identity Protection, Azure Stack HCI, Azure Stack Edge, Azure Data Factory now being available in five new regions and many more. All Azure updates are available in an online index that provides options for finding those now available, in preview, or in development.

The following ten charts will change your perspective of Microsoft Azure’s growth:

Intelligent Cloud delivered the highest operating income of all segments in the 2^nd quarter at $6.4 billion or 36% of total consolidated operating income. This quarter, Microsoft’s success with indirect channel sales combined with more enterprise customers accelerating their cloud-first initiatives contributed to Intelligent Cloud leading all segments in operating income. The following is from the Q2, FY21 Earnings Call.

10 Charts That Will Change Your Perspective Of Microsoft Azure's Growth

Synergy Research Group’s latest cloud market analysis finds that Amazon and Microsoft are over 50% of the global cloud provider market, with Microsoft reaching 20% worldwide market share for the first time. Q4, 2020 enterprise spending on cloud infrastructure services was just over $37 billion, $4 billion higher than the previous quarter and up 35% from the fourth quarter of 2019. Synergy Research notes that it has taken just nine quarters for the market to double in size.

63% of enterprises are currently running apps on Microsoft Azure, second only to AWS. Azure is narrowing the gap with AWS in both the percentage of enterprises using it and the number of virtual machines (VMs) enterprises are running on it. 6% of enterprises are spending at least $1.2 million annually on Microsoft Azure. Source: Statista and Flexera 2020 State of the Cloud Report, page 50.

2020 total cloud infrastructure services spending grew 33% to $142 billion from $107 billion in 2019, according to Canalys, with Microsoft’s indirect channel business fueling their 20% market share growth. Microsoft’s dominance of indirect selling channels is evident in the level of sales enablement, sales and technical support they provide resellers. Canalys’ Chief Analyst Alastair Edwards says that “organizations are turning to trusted business partners to advise, implement, support and manage their cloud journeys and articulate the real business value of cloud migration.”

19% of enterprises expect to invest significantly more on Microsoft Azure in 2021, leading all other cloud vendors this year. Microsoft Azure leads all vendors when compared to the percentage change in spending this year. It’s noteworthy that 61% of all enterprises interviewed expect to increase their investments in Microsoft Azure this year, second only to Microsoft SaaS software. Source: 2021 Flexera State of Tech Report, January 2021.

Microsoft Azure Stack is the second most-used private cloud platform by enterprises, with 35% of them currently running apps today. Azure Stack also leads all others in experimentation, with one in five enterprises, or 21%, currently in that phase of deployment. 67% of all enterprises interviewed in the 2020 Flexera State of the Cloud Report are either running Azure apps or are considering it.

Microsoft’s centerpiece for their intelligence investment is the Microsoft Intelligent Security Graph, which processes over 630 billion authentications across our cloud services each month. Microsoft relies on the Security Graph to gain insights into normal behavior, including sign-ins and authentications and abnormal behavior, including attempted bypasses to two-factor authentication. Microsoft blocks more than 5 billion distinct malware threats per month, providing a great deal of useful data to analyze endpoints across customers’ networks. Source: Microsoft CISO Workshop 1 – Cybersecurity Briefing.

44.5% of enterprises say Microsoft Azure is their preferred provider for Cloud Business Intelligence (BI). Azure is considered 27% more critical to an enterprises’ Cloud BI requirements and preferences than Amazon Web Services. It’s noteworthy that 96.5% of all enterprises have a preference for Microsoft Azure BI versus its main competitors, including Google Cloud, IBM BlueMix, or Alibaba.

Microsoft Azure is the leading IoT platform worldwide by end-to-end capabilities with a total score of 276 according to Counterpoint Research. According to the methodology Counterpoint used for ranking IoT platforms, Microsoft Azure is considered a global leader in edge data processing, an increasingly important feature of IoT platforms worldwide. The ability to deliver IoT capabilities from the cloud to the edge helped Microsoft’s platform rank high in this category. Source; Statista and CounterPointResearch.com.

Microsoft Azure is the foundation for a Digital Supply Chain Platform that integrates supply chain partner, corporate, data & advanced analytics platforms and supply chain core transaction systems. The ongoing pandemic is putting continued pressure on supply chains. Most manufacturing executives say that employee safety, data security, remote worker access, supply chain visibility and insights visibility are high priorities. In response to these market needs, Microsoft Supply Chain (MSC) was created on the Azure platform. The diagram below explains how Azure is integral to the Digital Supply Chain platform.

Focusing on AI & Machine Learning's Impact On The Future Of Enterprise Software

Posts from the ‘Cloud Computing’ Category

What Enterprises Need To Plan For In 2021 When It Comes To Endpoint Security

Like this:

The Pandemic Is Teaching Enterprises How To Mind The Cybersecurity Gap

Like this:

How To Digitally Transform Talent Management For The Better

Like this:

How LogicMonitor Buying Airbrake Unleashes DevOps To Do What They Do Best

Like this:

10 Ways Cybersecurity Can Protect COVID-19 Vaccine Supply Chains

Like this:

How FinancialForce Is Using AI To Fight Revenue Leakage

Like this:

How A Startup Uses AI To Help You Find The Market Research You Need

Like this:

10 Ways AI And Machine Learning Are Improving Marketing In 2021

Like this:

Securing Machine Identities Needs To Be A Top Cybersecurity Goal In 2021

Like this:

10 Charts That Will Change Your Perspective Of Microsoft Azure’s Growth

Like this:

Email Subscription

Top Posts

This Blog’s Purpose

Pages

Categories

Search

Focusing on AI & Machine Learning's Impact On The Future Of Enterprise Software

Posts from the ‘Cloud Computing’ Category

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Email Subscription

Top Posts

This Blog’s Purpose

Pages

Categories

Search