Skip to content

Posts from the ‘Machine learning’ Category

How AI Is Protecting Against Payments Fraud

  • 80% of fraud specialists using AI-based platforms believe the technology helps reduce payments fraud.
  • 63.6% of financial institutions that use AI believe it is capable of preventing fraud before it happens, making it the most commonly cited tool for this purpose.
  • Fraud specialists unanimously agree that AI-based fraud prevention is very effective at reducing chargebacks.
  • The majority of fraud specialists (80%) have seen AI-based platforms reduce false positives, payments fraud, and prevent fraud attempts.

AI is proving to be very effective in battling fraud based on results achieved by financial institutions as reported by senior executives in a recent survey, AI Innovation Playbook published by PYMNTS in collaboration with Brighterion. The study is based on interviews with 200 financial executives from commercial banks, community banks, and credit unions across the United States. For additional details on the methodology, please see page 25 of the study. One of the more noteworthy findings is that financial institutions with over $100B in assets are the most likely to have adopted AI, as the study has found 72.7% of firms in this asset category are currently using AI for payment fraud detection.

Taken together, the findings from the survey reflect how AI thwarts payments fraud and deserves to be a high priority in any digital business today. Companies, including Kount and others, are making strides in providing AI-based platforms, further reducing the risk of the most advanced, complex forms of payments fraud.

Why AI Is Perfect For Fighting Payments Fraud

Of the advanced technologies available for reducing false positives, reducing and preventing fraud attempts, and reducing manual reviews of potential payment fraud events, AI is ideally suited to provide the scale and speed needed to take on these challenges. More specifically, AI’s ability to interpret trend-based insights from supervised machine learning, coupled with entirely new knowledge gained from unsupervised machine learning algorithms are reducing the incidence of payments fraud. By combining both machine learning approaches, AI can discern if a given transaction or series of financial activities are fraudulent or not, alerting fraud analysts immediately if they are and taking action through predefined workflows. The following are the main reasons why AI is perfect for fighting payments fraud:

  • Payments fraud-based attacks are growing in complexity and often have a completely different digital footprint or pattern, sequence, and structure, which make them undetectable using rules-based logic and predictive models alone. For years e-commerce sites, financial institutions, retailers, and every other type of online business relied on rules-based payment fraud prevention systems. In the earlier years of e-commerce, rules and simple predictive models could identify most types of fraud. Not so today, as payment fraud schemes have become more nuanced and sophisticated, which is why AI is needed to confront these challenges.
  • AI brings scale and speed to the fight against payments fraud, providing digital businesses with an immediate advantage in battling the many risks and forms of fraud. What’s fascinating about the AI companies offering payments fraud solutions is how they’re trying to out-innovate each other when it comes to real-time analysis of transaction data. Real-time transactions require real-time security. Fraud solutions providers are doubling down on this area of R&D today, delivering impressive results. The fastest I’ve seen is a 250-millisecond response rate for calculating risk scores using AI on the Kount platform, basing queries on a decades-worth of data in their universal data network. By combining supervised and unsupervised machine learning algorithms, Kount is delivering fraud scores that are twice as predictive as previous methods and faster than competitors.
  • AI’s many predictive analytics and machine learning techniques are ideal for finding anomalies in large-scale data sets in seconds. The more data a machine learning model has to train on, the more accurate its predictive value. The greater the breadth and depth of data, a given machine learning algorithm learns from means more than how advanced or complex a given algorithm is. That’s especially true when it comes to payments fraud detection where machine learning algorithms learn what legitimate versus fraudulent transactions look like from a contextual intelligence perspective. By analyzing historical account data from a universal data network, supervised machine learning algorithms can gain a greater level of accuracy and predictability. Kount’s universal data network is among the largest, including billions of transactions over 12 years, 6,500 customers, 180+ countries and territories, and multiple payment networks. The data network includes different transaction complexities, verticals, and geographies, so machine learning models can be properly trained to predict risk accurately. That analytical richness includes data on physical real-world and digital identities creating an integrated picture of customer behavior.

Bottom Line:  Payments fraud is insidious, difficult to stop, and can inflict financial harm on any business in minutes. Battling payment fraud needs to start with a pre-emptive strategy to thwart fraud attempts by training machine learning models to quickly spot and act on threats then building out the strategy across every selling and service channel a digital business relies on.

Why Manufacturing Supply Chains Need Zero Trust

  • According to the 2019 Verizon Data Breach Investigation Report, manufacturing has been experiencing an increase in financially motivated breaches in the past couple of years, whereby most breaches involve Phishing and the use of stolen credentials.
  • 50% of manufacturers report experiencing a breach over the last 12 months, 11% of which were severe according to Sikich’s 5th Manufacturing and Distribution Survey, 2019.
  • Manufacturing’s most commonly data compromised includes credentials (49%), internal operations data (41%), and company secrets (36%) according to the 2019 Verizon Data Breach Investigation Report.
  • Manufacturers’ supply chains and logistics partners targeted by ransomware which have either had to cease operations temporarily to restore operations from backup or have chosen to pay the ransom include Aebi SchmidtASCO Industries, and COSCO Shipping Lines.

Small Suppliers Are A Favorite Target, Ask A.P. Møller-Maersk

Supply chains are renowned for how unsecured and porous they are multiple layers deep. That’s because manufacturers often only password-protect administrator access privileges for trusted versus untrusted domains at the operating system level of Windows NT Server, haven’t implemented multi-factor authentication (MFA), and apply a trust but verify mindset only for their top suppliers. Many manufacturers don’t define, and much less enforce, supplier security past the first tier of their supply chains, leaving the most vulnerable attack vectors unprotected.

It’s the smaller suppliers that hackers exploit to bring down many of the world’s largest manufacturing companies. An example of this is how an accounting software package from a small supplier, Linkos Group, was infected with a powerful ransomware agent, NotPetya, bringing one of the world’s leading shipping providers,  A.P. Møller-Maersk, to a standstill. Linkos’ Group accounting software was first installed in the A.P. Møller-Maersk offices in Ukraine. The NotPetya ransomware was able to take control of the local office servers then propagate itself across the entire A.P. Møller-Maersk network. A.P. Møller-Maersk had to reinstall their 4,000 servers, 45,000 PCs, and 2500 applications, and the damages were between $250M to $300M. Security experts consider the ransomware attack on A.P. Møller-Maersk to be one of the most devastating cybersecurity attacks in history. The Ukraine-based group of hackers succeeded in using an accounting software update from one of A.P. Møller-Maersk’s smallest suppliers to bring down one of the world’s largest shipping networks. My recent post, How To Deal With Ransomware In A Zero Trust World explains how taking a Zero Trust Privilege approach minimizes the risk of falling victim to ransomware attacks. Ultimately, treating identity as the new security perimeter needs to be how supply chains are secured. The following geographical analysis of the attack was provided by CargoSmart, showing how quickly NotPetya ransomware can spread through a global network:

CargoSmart provided a Vessel Monitoring Dashboard to monitor vessels during this time of recovery from the cyber attack.

Supply Chains Need To Treat Every Supplier In Their Network As A New Security Perimeter

The more integrated a supply chain, the more the potential for breaches and ransomware attacks. And in supply chains that rely on privileged access credentials, it’s a certainty that hackers outside the organization and even those inside will use compromised credentials for financial gain or disrupt operations. Treating every supplier and their integration points in the network as a new security perimeter is critical if manufacturers want to be able to maintain operations in an era of accelerating cybersecurity threats.

Taking a Zero Trust Privilege approach to securing privileged access credentials will help alleviate the leading cause of breaches in manufacturing today, which is privileged access abuse. By taking a “never trust, always verify, and enforce least privilege” approach, manufacturers can protect the “keys to the kingdom,” which are the credentials hackers exploit to take control over an entire supply chain network.

Instead of relying on trust but verify or trusted versus untrusted domains at the operating system level, manufacturers need to have a consistent security strategy that scales from their largest to smallest suppliers. Zero Trust Privilege could have saved A.P. Møller-Maersk from being crippled by a ransomware attack by making it a prerequisite that every supplier must have ZTP-based security guardrails in place to do business with them.

Conclusion

Among the most porous and easily compromised areas of manufacturing, supply chains are the lifeblood of any production business, yet also the most vulnerable. As hackers become more brazen in their ransomware attempts with manufacturers and privileged access credentials are increasingly sold on the Dark Web, manufacturers need a sense of urgency to combat these threats. Taking a Zero Trust approach to securing their supply chains and operations, helps manufacturers to implement least privilege access based on verifying who is requesting access, the context of the request, and the risk of the access environment. By implementing least privilege access, manufacturers can minimize the attack surface, improve audit and compliance visibility, and reduce risk, complexity, and costs for the modern, hybrid manufacturing enterprise.

Mobile Identity Is The New Security Perimeter

  • 86% of enterprise executives say that mobile threats are growing faster than any other according to Verizon’s Mobile Security Index 2019 and 67% of enterprise execs are less confident about the security of their mobile devices compared to other IT assets.
  • Mobile devices are hackers’ favorite platform to target, with over 905,000 malware packages installed in Q1 of this year alone and over 5.3 million in 2018, according to Statistica.
  • 38% of mobile devices introduce unnecessary risk into the organization based on an analysis of privacy and security settings according to MobileIron’s Global Threat Report.

Mobile devices reflect you and your customers’ identity in the many apps, data, and ongoing activities you and they choose to engage in. Every enterprise looking to reinvent itself by scaling digital business strategies is putting mobile devices at the center of growth plans because they are everyone’s identity.

89% of security leaders believe that mobile devices will serve as your digital ID to access enterprise services and data in the near future according to a recent survey by IDG completed in conjunction with MobileIron, titled Say Goodbye to Passwords. You can download a copy of the study here. Mobile devices are increasingly becoming the IDs enterprises rely on to create and scale a mobile-centric zero trust security network throughout their organizations.

Enterprises are relying on mobile devices more than ever before, personalizing them for each associate or employee to launch and scale new business initiatives. These factors combined are leading to a rapid expansion of, and reliance on mobile devices as the single digital ID enterprises rely on to enable perimeter-less borders. The following IDG survey results reflect enterprise security leaders’ prediction of when mobile devices will authenticate Identity Access Management (IAM):

Passwords Aren’t Strong Enough For A Zero Trust World   

The bottom line is that passwords are the weakest defense in a zero-trust world. Ineffective in stopping privileged credential-based breaches, with the most privileged system access credentials shared and at times resold by insiders, passwords give hackers a key to the front door of enterprises’ systems. They no longer have to hack their way in; stolen or purchased passwords and privileged access credentials available on the Dark Web-enable hackers to use the front door of enterprise IT.

Both the IDG study published in conjunction with MobileIronSay Goodbye to Passwords and Passwordless Authentication: Bridging the Gap Between High-Security and Low-Friction Identity Management by Enterprise Management Associates (EMA) validate how weak passwords are in a zero-trust world and the many reasons they need to go.  Here are a few of the many factors that favor move beyond passwords to mobile-centric zero-trust security framework:

  • While 95% of enterprise executives say they have multi-factor authentication (MFA) implemented, a little more than half of their users are using it. Senior security executives say they doubt the security benefits (36%), expense (33%), and the decision that users don’t access sensitive information (45%), making MFA pointless.
  • 86% of senior security executives would dump password use as an authentication method if they could. In fact, nearly half of those surveyed cited eliminating passwords as a way to cut almost half of all breach attempts. Perceived security shortcomings are a key reason why almost three-quarters of these security leaders say they’re actively looking for replacements for passwords for authentication.
  • 62% of the senior security execs reported extreme user irritation with password lockouts. The percentage of respondents who reported extreme user frustration at password lockouts rose to 67% at companies with more than 5,000 employees. Users having to call in and change their password with IT’s help is a major drain on productivity and worker’s time. Senior security executives want to abandon passwords given how high maintenance they are to support and how they drain time and productivity from any organization.   

Creating A Mobile Zero Trust Network

The new reality for any enterprise is that mobile device identities are the new security perimeter. Mobility devices ranging from smartphones to tablets are exponentially expanding the threat surfaces that enterprises need to secure and passwords aren’t scaling to do the job. Instead of just relying on a password, secure access needs to be determined by a “never trust, always verify” approach that requires verification of the device, user, apps, networks, and evaluation of the presence of threats before granting access.
The formidable challenges of securing a perimeter-less enterprise where the mobile device identities are the new security perimeter need a mobile-centric zero-trust network to succeed. Zero trust validates the device, establishes user context, checks app authorization, verifies the network, and detects and remediates threats—all before granting secure access to any device or user.  Zero trust platforms are built on unified endpoint management (UEM) systems and their enabling technologies including zero sign-on (ZSO) user and device authentication, multi-factor authentication (MFA), and mobile threat detection (MTD). The following illustration reflects best practices in provisioning, granting access, protecting, enforcing, and provisioning access privileges for a mobile Zero Trust network.

Conclusion

Your smartphone or mobile device of choice is increasingly going to become your ID and secure access to resources across the enterprises you work for. Passwords have proven to be ineffective in thwarting the most common source of breaches, which is privileged credential abuse.  Enterprise executives interviewed for two completely different studies reached the same conclusion: IT infrastructure will be much safer once passwords are gone.

AI Is Predicting The Future Of Online Fraud Detection

Bottom Line: Combining supervised and unsupervised machine learning as part of a broader Artificial Intelligence (AI) fraud detection strategy enables digital businesses to quickly and accurately detect automated and increasingly complex fraud attempts.

Recent research from the Association of Certified Fraud Examiners (ACFE)KPMGPwC, and others reflects how organized crime and state-sponsored fraudsters are increasing the sophistication, scale, and speed of their fraud attacks. One of the most common types of emerging attacks is based on using machine learning and other automation techniques to commit fraud that legacy approaches to fraud prevention can’t catch. The most common legacy approaches to fighting online fraud include relying on rules and predictive models that are no longer effective at confronting more advanced, nuanced levels of current fraud attempts. Online fraud detection needs AI to stay at parity with the quickly escalating complexity and sophistication of today’s fraud attempts.

Why AI is Ideal for Online Fraud Detection

It’s been my experience that digitally-based businesses that have the best track record of thwarting online fraud rely on AI and machine learning to do the following:

  • Actively use supervised machine learning to train models so they can spot fraud attempts quicker than manually-based approaches. Digitally-based businesses I’ve talked with say having supervised machine learning categorize and then predict fraudulent attempts is invaluable from a time-saving standpoint alone. Adopting supervised machine learning first is easier for many businesses as they have analytics teams on staff who are familiar with the foundational concepts and techniques. Digital businesses with high-risk exposure given their business models are adopting AI-based online fraud detection platforms to equip their fraud analysts with the insights they need to identify and stop threats early.
  • Combine supervised and unsupervised machine learning into a single fraud prevention payment score to excel at finding anomalies in emerging data. Integrating the results of fraud analysis based on supervised and unsupervised machine learning into one risk score is one way AI enables online fraud prevention to scale today. Leaders in this area of online fraud prevention can deliver payment scores in 250 milliseconds, using AI to interpret the data and provide a response. A more integrated approach to online fraud prevention that combines supervised and unsupervised machine learning can deliver scores that are twice as predictive as previous approaches.
  • Capitalizes on large-scale, universal data networks of transactions to fine-tune and scale supervised machine learning algorithms, improving fraud prevention scores in the process. The most advanced digital businesses are looking for ways to fine-tune their machine learning models using large-scale universal data sets. Many businesses have years of transaction data they rely on initially for this purpose. Online fraud prevention platforms also have large-scale universal data networks that often include billions of transactions captured over decades, from thousands of customers globally.

The integration of these three factors forms the foundation of online fraud detection and defines its future growth trajectory. One of the most rapid areas of innovation in these three areas is the fine-tuning of fraud prevention scores. Kount’s unique approach to creating and scaling its Omniscore indicates how AI is immediately redefining the future of online fraud detection.

Kount is distinct from other online fraud detection platforms due to the company’s ability to factor in all available historical data in their universal data network that includes billions of transactions accumulated over 12 years, 6,500 customers, across over 180 countries and territories, and multiple payment networks.

Insights into Why AI is the Future of Online Fraud Detection

Recent research studies provide insights into why AI is the future of online fraud detection. According to the Association of Certified Fraud Examiners (ACFE) inaugural Anti-Fraud Technology Benchmarking Report, the amount organizations are expected to spend on AI and machine learning to thwart online fraud is expected to triple by 2021. The ACFE study also found that only 13% of organizations currently use AI and machine learning to detect and deter fraud today. The report predicts another 25% plan to adopt these technologies in the next year or two – an increase of nearly 200%. The ACFE study found that AI and machine learning technology will most likely be adopted in the next two years to fight fraud, followed by predictive analytics and modeling.

PwC’s 2018 Global Economic Crime and Fraud Survey is based on interviews with 7,200 C-level and senior management respondents across 123 different nations and territories and was conducted to determine the true state of digital fraud prevention across the world. The study found that 42% of companies said they had increased funds used to combat fraud or economic crime. In addition, 34% of the C-level and senior management executives also said that existing approaches to combatting online fraud was generating too many false positives. The solution is to rely more on machine learning and AI in combination with predictive analytics as the graphic below illustrates. Kount’s unique approach to combining these technologies to define their Omniscore reflects the future of online fraud detection.

AI is a necessary foundation of online fraud detection, and for platforms built on these technologies to succeed, they must do three things extremely well. First, supervised machine learning algorithms need to be fine-tuned with decades worth of transaction data to minimize false positives and provide extremely fast responses to inquiries. Second, unsupervised machine learning is needed to find emerging anomalies that may signal entirely new, more sophisticated forms of online fraud. Finally, for an online fraud platform to scale, it needs to have a large-scale, universal data network of transactions to fine-tune and scale supervised machine learning algorithms that improve the accuracy of fraud prevention scores in the process.

AWS Certifications Increase Tech Pay Up To $12K A Year

AWS Certifications Increase Tech Pay Up To $12K A Year

  • AWS and Google certifications are among the most lucrative in North America, paying average salaries of $129,868 and $147,357 respectively.
  • Cross-certifying on AWS is providing a $12K salary bump to IT professionals who already have Citrix and Red Hat/Linux certifications today
  • Globally, four of the five top-paying certifications are in cloud computing.

These and many other insights of which certifications provide the highest salaries by region of the world are from the recently published Global Knowledge 2019 IT Skills and Salary ReportThe report is downloadable here (27 pp., PDF, free, opt-in). The methodology is based on 12,271 interviews across non-management IT staffs (29% of interviews), mid-level professionals including managers and team leads (43%), and senior-level and executive roles (28%) across four global regions. For additional details regarding the study’s methodology, please see page 24 of the report.

Key insights from the report include the following:

  • Cross-certifying on AWS is providing a $12K salary bump to IT professionals who already have Citrix and Red Hat/Linux certifications. Citrix certifications pay an average salary of $109,546 and those earning an AWS certification see a $12,339 salary bump on average. Red Hat/Linux certification-based jobs pay an average of $113,165 and are seeing an average salary bump of $12,553.  Cisco-certified IT professionals who gain AWS certification increase their salaries on average from $101,533 to $111,869, gaining a 10.2% increase. The following chart compares the salary bump AWS certifications are providing to IT professionals with seven of the more popular certifications (please click on the graphic to expand for easier reading).

  • AWS and Google certifications are among the most lucrative in North America, paying average salaries of $129,868 and $147,357 while the most popular are cybersecurity, governance, compliance, and policy. 27% of all respondents to Global Knowledge’s survey have at least one certification in this category. Nearly 18% are ITIL certified. In North American, the most popular certification categories beyond cybersecurity are CompTIA, Microsoft, and Cisco. The following table from the report provides an overview of salary by certification category (please click on the graphic to expand for easier reading).

  • AWS Certified Solutions Architect – Associate is the most popular AWS certification today, with 72% of respondents having achieved its requirements. Certified Solutions Architect – Associate leads the top five most commonly held AWS certifications today according to the survey. AWS Certified Developer – Associate (33%), AWS Certified SysOps Administrator – Associate (24%), AWS Certified Solutions Architect – Professional (16%) and AWS Certified Cloud Practitioner round out the top five most common AWS certifications across the 12,271 global respondents to the Global Knowledge survey.

10 Charts That Will Change Your Perspective Of Amazon’s Patent Growth

10 Charts That Will Change Your Perspective Of Amazon's Patent Growth

  • Since 2010 Amazon has grown its patent portfolio from less than 1,000 active patents in 2010 to nearly 10,000 in 2019, a ten-fold increase in less than a decade.
  • Amazon heavily cites Microsoft, IBM, and Alphabet, with 39%, 32% and 28% of Amazon’s total Patent Asset Index
  • Amazon’s patent portfolio is dominated by Cloud Computing, with the majority of the patents contributing to AWS’ current and future services roadmap. AWS achieved 41% year-over-year revenue growth in the latest fiscal quarter, reaching $7.6B in revenue.

Patents are fascinating because they provide a glimpse into potential plans, and roadmaps tech companies are considering. Amazon has one of the most interesting patent portfolios today that encompass a wide spectrum of technologies, from aircraft technology, drones, cloud computing, to machine learning. Interested in learning more about Amazon’s unique patent portfolio, I contacted PatentSight, a LexisNexis company, one of the leading providers of patent analytics and provider of the PatentSight analytics platform used for creating the ten charts shown below.

  • Amazon patents grew at a Compound Annual Growth Rate (CAGR) of above 35% between 2010 and 2019. PatentSight’s analysis shows that Amazon’s patent portfolio has increased tenfold in the last decade, and is comprised entirely of organic patents with only a small percentage gained from acquisitions. PatentSight also finds that Amazon’s patents have a falling average quality as measured by their Competitive Impact score shown on the vertical axis of the chart below. As Amazon’s patent portfolio has grown, there has been a downward trend of quality. William Mansfield, Head of Consulting and Customer Success at LexisNexis PatentSight explains why. “To maintain a high quality when growing the portfolio is difficult, as each patent would need to be equally as good as or better than the previous,” he said. Mr. Mansfield’s analysis found that Amazon’s portfolio has an average Competitive Impact of 2 today, double the PatentSight database average of 1.

  • Amazon’s patent portfolio is unique in that 100% of it is protected in the U.S. “The protection strategy of Amazon is also uncommon. While it can be the case that US firms tend to be US-centric, Amazon is an extreme case,” said William Mansfield. It’s surprising how many Amazon patents are active only in the USA (86%) and invented in the USA and active only in the USA (81%). William explained that “one factor for this US-centricity could be the great acceptance of software patents in the USA, we do also see high US-only filing for other tech giants, but are a level of around 60% vs. Amazon’s 86%.”

  • PatentSight found that the majority of the Amazon portfolio falls in the 2nd decile of Competitive Impact (top 20% – 10%). Comparable technology-based organizations have a higher density of patents in the top 10% of Competitive Impact, which is another unusual aspect regarding Amazon’s patent growth. “This is unusual compared to other big tech companies which have more in the top 10%, it could be Amazon is holding onto more lower value assets than required,” William Mansfield remarked.

  • Amazon’s patent citations most often cite Microsoft, IBM, and Alphabet, with 39%, 32% and 28% of Amazon’s total Patent Asset Index. Interesting that PatentSight’s analysis finds the reciprocal is not the case. A much smaller percentage of companies cite Amazon in return. This can be attributed to a few other firms having the breadth and depth of patent development that Amazon does today.  PatentSight found that less than 10% of their respective portfolios even mention Amazon.  William Mansfield explains that “one factor here is the larger size of these companies, vs. Amazon. However, even in absolute terms, Microsoft and IBM cite Amazon much less than the other way round. However, citation value is close to equal in absolute terms between Amazon and Alphabet.”

  • Relying on patents to keep AWS’ rapid growth going appears to be Amazon’s high priority patent strategy today. As can be seen from the portfolio below, Cloud Computing patents dominate Amazon’s patent portfolio today. In the latest fiscal quarter ending March 31, 2019, AWS delivered $7.9B in revenue and$2.2B in operating income, growing 41% year-over-year. “Amazon’s ongoing developments in alternative delivery methods in Urban Logistics and Drones are noteworthy with Drones being one area of particular strength in the portfolio as seen from the high Competitive Impact, despite the smaller portfolio size,” notes William Mansfield.

  • Amazon’s prioritization of cloud computing, AI, and machine learning patents is evident when 18 years of patent history is compared. The proliferation of AI and machine learning-based services on the AWS platform is apparent in the trend line starting in 2014. The success of Amazon’s SageMaker machine learning platform is a case in point. Amazon SageMaker enables developers and data scientists to quickly and easily build, train, and deploy machine learning models at scale.

  • Amazon is already one of the top 10 patent holders in Drone technology, just behind Alphabet and Toyota Motors. PatentSight defines Drone technology as encompassing aviation, autonomous robots, and autonomous driving. Amazon’s rapid ascent in this area is attributable to the logistics and supply chain efficiencies possible when Drones and their related technologies are applied to their supply chain’s more complex challenges.

  • PatentSight finds that FinTech is an area of long-standing strength in the Amazon patent portfolio, attribute to their payment systems being the backbone of their e-commerce business. Reflecting how diverse their business model has become, Amazon is now one of the top 15 patent holders in this area due to cloud computing, AI, and machine learning taking precedence. “FinTech is a highly competitive field with many established players, and while Amazon is not in the top 10, but top 15 players, it’s still an impressive achievement,” said William Mansfield.

  • Amazon’s patent portfolio in speech recognition encompasses Alexa, its related patents, and Amazon Lex, an AWS service used for creating conversational interfaces for applications. Alphabet, Apple, Microsoft, and Samsung are patent leaders, according to PatentSight’s analysis. The fact that Amazon is in the top 10 speaks to the level of activity and patent production going on in the Alexa research and development and product teams.

  • Amazon’s patent strategy is eclectic yet always anchored to cloud computing to make AWS the platform of choice. The following selected patens reflect how broad the Amazon patent portfolio is. What each share in common is a reliance on AWS as the platform to ensure service consistency, reliability, and scale. An example of this is their patents Video Game Streaming.

Roadmap To Zero Trust For Small Businesses

Bottom Line:  Small businesses don’t need to sacrifice security due to budget constraints or productivity requirements – a Zero Trust roadmap can help them keep growing and stop breaches.

Having worked my way through college in a series of small businesses and having neighbors and friends who operate several today, I see how cloud, databases, and network devices save thousands of dollars, hours of tedious work, and streamline operations. Good friends running an AI startup, whose remarkable ability to turn whiteboard discussions into prototypes in a day, are a case in point. Keeping breach attempts from interrupting their growth needs to start with a roadmap to Zero Trust so these businesses can keep flourishing.

Defining A Zero Trust Roadmap

Most successful small businesses and my friends’ growing startup share the common trait of moving at a quick pace. They’re hiring new employees, contractors and adding new locations in days, not months. The startups and small businesses I work with are adding experts in AI, development, machine learning, sales, and marketing from around the world quickly. Each new employee, contractor, and occasional supplier receives their account login to cloud systems used for running the business, and then they’re given their first assignments.

Small Businesses Don’t Need To Sacrifice Speed For Security

Small businesses and startups run so fast there’s often a perception that achieving greater security will slow them down. In a Zero Trust world, they don’t need to spend a lot of sacrifice speed for security. Following a Zero Trust roadmap can protect their systems, valuable intellectual property, and valuable time by minimizing the risk of falling victim to costly breaches.

Here’s what small businesses and startups need to include on their Zero Trust roadmaps to reduce the potential for time-consuming, costly breaches that could steal not just data but market momentum too:

  • Put Multi-Factor Authentication (MFA) into place for every contractor, admin user, and partner account immediately. Implementing MFA is highly recommended as it can reduce the risk of privileged access credential abuse. A recent survey by Centrify found that 74% of all breaches involved privileged access abuse. Centrify also found that 58% of organizations do not use Multi-Factor Authentication (MFA) for privileged administrative access to servers, leaving their IT systems and infrastructure exposed to hacking attempts, including unchallenged privileged access abuse.
  • Get a shared account and password vault to reduce the risk of being breached by privileged access abuse. Password vaults are a must-have for any business that relies on intellectual property (IP), patents, source code under development, and proprietary data that is pivotal to the company’s growth. Vaults make sure only trusted applications can request privileged account credentials by first identifying, then validating system accounts before passwords are retrieved. Another major advantage of vaults is that they minimize attack surfaces for small businesses and startups.
  • Secure Remote Access needs to be in place to ensure employee, contractor, and IT systems contractors are given least privilege access to only the resources they need. Small businesses and startups growing fast often don’t have the expertise on staff to manage their IT systems. It’s cheaper for many to have an IT service manage server maintenance, upgrades, and security. Secure Remote Access is predicated on the “never trust, always verify, enforce least privilege” Zero Trust approach to grant access to specific resources.
  • Implement real-time audit and monitoring to track all privileged sessions and metadata auditing everything across all systems to deliver a comprehensive picture of intentions and outcomes. Creating and adding to an ongoing chronology of login and resource attempts is invaluable for discovering how a security incident first gets started, and for meeting compliance requirements. It’s much easier to identify and thwart privileged credential abuse based on the insights gained from the single system of record a real-time audit and monitoring service creates. As small businesses and startups grow, the data that real-time audits and monitoring generate are invaluable in proving privileged access is controlled and audited to meet the regulatory compliance requirements of SOX, HIPAA, FISMA, NIST, PCI, MAS, and other regulatory standards.
  • Privileged access credentials to network devices need to be part of the Zero Trust Roadmap. Small businesses and startups face a continual time shortage and sometimes forget to change the manufacturer default passwords which are often weak and well known in the hacker community. That’s why it needs to be a priority to include the network device portfolio in A Zero Trust Privilege-based security roadmap and strategy. Security admins need to have these included in the shared account and passwords vault.

Conclusion

The five factors mentioned here are the start of building a scalable, secure Zero Trust roadmap that will help alleviate the leading cause of breaches today, which is privileged access credential abuse. For small businesses who are outsourcing IT and security administration, the core elements of the Zero Trust roadmap provide them the secure login and a “never trust, always verify, enforce least privilege” strategy that can scale with their business. With Zero Trust Privilege, small businesses and startups will be able to grant least privilege access based on verifying who is requesting access, the context of the request, and the risk of the access environment

Top 10 IoT Startups Of 2019 According To IoT Analytics

  • IoT startups have received $3.6B in funding this year alone, according to IoT Analytics’ estimates.
  • Manufacturing is attracting the highest percentage of vertically-focused IoT startups at 30%.
  • 43% of all IoT startups are founded in North America, the leading region globally of startup activity.
  • 7 of the top 10 IoT startups primarily focus on AI, Analytics, and Data Science.
  • 46% of all IoT startups tracked by IoT Analytics primarily focus on AI, Analytics, and Data Science.

These and many other fascinating insights are from IoT Analytics’ recently published IoT Startups Report & Database 2019.  IoT Analytics found that there approximately 1,018 startups creating Internet of Things (IoT) products or services today. They have defined one of the most thorough methodologies in IoT research to identify the top 10 IoT analytics startups worldwide. To qualify, startups have to be older than 6 years and fit the definition of the Internet of Things, and methodology and criterion explained at the end of this post.

“The hot IoT startups today have a strong focus on data analytics and AI and are increasingly targeting industrial and manufacturing clients. It remains to be seen how much of the analytics technology that today’s startups are building will be scalable across IoT use cases and industries. For now, most of the IoT startups are adding value in specific industries or for specific use cases,” said Knud Lasse Lueth, Managing Director of IoT Analytics.

The following are the top 10 IoT Startups Of 2019 from IoT Analytics:

  1. Arundo Analytics (IoT Middleware & Software Infrastructure)

Arundo Analytics is a hot IoT Startup that provides analytics software for industrial and energy companies. The company has formed several strategic alliances, e.g., with Dell Technologies and WorleyParsons. Arundo has also formed a joint venture with DNV GL to provide stream data analytics for maritime companies. The board of directors includes Tore Myrholt, Senior Partner at McKinsey and Thomas Malone, the founding director of the MIT Center for Collective Intelligence. Recently, Arundo launched several applications incl. machine monitoring and fuel efficiency.

  1. Bright Machines (IoT Middleware & Software Infrastructure)

Bright Machines is currently the fastest growing IoT Startup, has grown from virtually zero at the beginning of 2018 to almost 200 employees a year later (April 2019). The firm focuses on “micro-factories” made up of its software and robot cells as well as new software tools that make manufacturing more efficient. The leadership team is filled with former executives from Autodesk, Flextronics, and Amazon including Amar Hanspal (CEO), Brian Mathews (CTO), Tzahi Rodrig (COO) and Nick Ciubotariu (SVP, Software Engineering). The company recently entered into a strategic partnership with BMW i Ventures.

  1. Dragos (IoT Middleware & Software Infrastructure)

Dragos is a cybersecurity startup that offers a software-defined security platform for manufacturers. The company has seen a 300%+ growth in headcount the last two years and collaborates with GE, Deloitte, OSIsoft, ThreatConnect, Crowdstrike, and several other companies. The company recently acquired Atlanta-based NexDefense and collaborates with Waterfall Solution for a joint solution.

  1. Element (IoT Middleware & Software Infrastructure)

Element (also known as Element Analytics) is a fascinating IoT Startup that focuses on industrial analytics software such as Digital Twins, particularly in heavy industries. The company counts an impressive list of investors, including Kleiner Perkins, GE, Honeywell, and ABB. Element partners with Microsoft, Uptake, OSIsoft, and Radix (consulting).

  1. FogHorn (IoT Middleware & Software Infrastructure)

In recent years, US-based startup FogHorn has gained an excellent reputation with leading manufacturers and oil and gas organizations around the world for its real-time edge computing and analytics software. The company has seen an 89% employee growth in the past two years and has secured partnerships with 50+ industrial solution providers, OEMs, gateway providers, and consultants/SIs, including AWS, Google Cloud, Microsoft, Cisco, HP, NTT Data, and more. FogHorn is also a member of LF Edge, an umbrella organization to drive an open, interoperable framework for edge computing to accelerate deployment among the growing number of edge devices. Investors in FogHorn include The Hive, Bosch, Dell, GE, Honeywell, Intel, Saudi Aramco, and Yokogawa.

  1. Iguazio (IoT Middleware & Software Infrastructure)

Iguazio is a hot startup that provides a state-of-the-art data science platform for various verticals, including Industrial IoT, Smart Mobility, and Telecommunications. The company recently entered into collaborations with NVIDIA, Microsoft, and Google. Iguazio markets its Nuclio platform product as a “serverless” framework for multi-cloud environments and is thus well-positioned for the next wave of cloud computing.

  1. IoTium (IoT Connectivity)

IoTium is a quickly upcoming IoT startup from the Silicon Valley area that focuses on software-defined network infrastructure in manufacturing and related verticals. The company has seen a 100%+ growth in headcount over the last two years and now counts John Chambers, former Cisco CEO, as an investor along with other well-known corporate investors incl. Juniper, Qualcomm, SafeNet, and Wind River. The company is also very active in the EdgeX Foundry and recently joined the Siemens’ MindSphere partner program as a gold member.

  1. Preferred Networks (IoT Middleware & Software Infrastructure)

Preferred Networks is one of Japan’s IoT hotshots, focused on applying real-time machine-learning technologies to new Internet of Things applications. The company has seen a 100%+ employee growth in the last two years and now collaborates with world-leading organizations incl. Toyota Motor Corporation, Fanuc, and the National Cancer Center. The company is also very active in developing the deep-learning framework Chainer™ together with IBM, Intel, Microsoft, Nvidia.

  1. READY Robotics (IoT Hardware)

READY Robotics is a rare robotics startup that is looking to benefit from the increasing automation and flexibility of manufacturing processes around the world. The company emerged from the cutting-edge robotics research at Johns Hopkins University to develop its industrial robotic software called Forge.  The company has seen a 150%+ growth in headcount in the last two years and is now producing roughly 15 robot systems per month.

  1. SparkCognition (IoT Middleware & Software Infrastructure)

SparkCognition excels in AI-powered analytics, particularly in manufacturing and related verticals. SparkCognition has seen a 100%+ growth in headcount over the last two years. The company has launched Skygrid, a joint venture with Boeing and it has partnered with Siemens as part of its Mindsphere program. The company is also a Google Cloud Technology Partner and works with IBM as a trusted partner.

The full 62-page report (+ 1,018 line-item database) titled “IoT Startups Report & Database 2019” is available for purchase here.

Why AI Is The Future Of Cybersecurity

These and many other insights are from Capgemini’s Reinventing Cybersecurity with Artificial Intelligence Report published this week. You can download the report here (28 pp., PDF, free, no opt-in). Capgemini Research Institute surveyed 850 senior executives from seven industries, including consumer products, retail, banking, insurance, automotive, utilities, and telecom. 20% of the executive respondents are CIOs, and 10% are CISOs. Enterprises headquartered in France, Germany, the UK, the US, Australia, the Netherlands, India, Italy, Spain, and Sweden are included in the report. Please see page 21 of the report for a description of the methodology.

Capgemini found that as digital businesses grow, their risk of cyberattacks exponentially increases. 21% said their organization experienced a cybersecurity breach leading to unauthorized access in 2018. Enterprises are paying a heavy price for cybersecurity breaches: 20% report losses of more than $50 million. Centrify’s most recent survey, Privileged Access Management in the Modern Threatscape, found that 74% of all breaches involved access to a privileged account. Privileged access credentials are hackers’ most popular technique for initiating a breach to exfiltrate valuable data from enterprise systems and sell it on the Dark Web.

Key insights include the following:

  • 69% of enterprises believe AI will be necessary to respond to cyberattacks. The majority of telecom companies (80%) say they are counting on AI to help identify threats and thwart attacks. Capgemini found the telecom industry has the highest reported incidence of losses exceeding $50M, making AI a priority for thwarting costly breaches in that industry. It’s understandable by Consumer Products (78%), and Banking (75%) are 2nd and 3rd given each of these industry’s growing reliance on digitally-based business models. U.S.-based enterprises are placing the highest priority on AI-based cybersecurity applications and platforms, 15% higher than the global average when measured on a country basis.

  • 73% of enterprises are testing use cases for AI for cybersecurity across their organizations today with network security leading all categories. Endpoint security the 3rd-highest priority for investing in AI-based cybersecurity solutions given the proliferation of endpoint devices, which are expected to increase to over 25B by 2021. Internet of Things (IoT) and Industrial Internet of Things (IIoT) sensors and systems they enable are exponentially increasing the number of endpoints and threat surfaces an enterprise needs to protect. The old “trust but verify” approach to enterprise security can’t keep up with the pace and scale of threatscape growth today. Identities are the new security perimeter, and they require a Zero Trust Security framework to be secure. Be sure to follow Chase Cunningham of Forrester, Principal Analyst, and the leading authority on Zero Trust Security to keep current on this rapidly changing area. You can find his blog here.

  • 51% of executives are making extensive AI for cyber threat detection, outpacing prediction, and response by a wide margin. Enterprise executives are concentrating their budgets and time on detecting cyber threats using AI above predicting and responding. As enterprises mature in their use and adoption of AI as part of their cybersecurity efforts, prediction and response will correspondingly increase. “AI tools are also getting better at drawing on data sets of wildly different types, allowing the “bigger picture” to be put together from, say, static configuration data, historic local logs, global threat landscapes, and contemporaneous event streams,” said Nicko van Someren, Chief Technology Officer at Absolute Software.

  • 64% say that AI lowers the cost to detect and respond to breaches and reduces the overall time taken to detect threats and breaches up to 12%. The reduction in cost for a majority of enterprises ranges from 1% – 15% (with an average of 12%). With AI, the overall time taken to detect threats and breaches is reduced by up to 12%. Dwell time – the amount of time threat actors remain undetected – drops by 11% with the use of AI. This time reduction is achieved by continuously scanning for known or unknown anomalies that show threat patterns. PetSmart, a US-based specialty retailer, was able to save up to $12M by using AI in fraud detection from Kount. By partnering with Kount, PetSmart was able to implement an AI/Machine Learning technology that aggregates millions of transactions and their outcomes. The technology determines the legitimacy of each transaction by comparing it against all other transactions received. As fraudulent orders were identified, they were canceled, saving the company money and avoiding damage to the brand. The top 9 ways Artificial Intelligence prevents fraud provides insights into how Kount’s approach to unsupervised and supervised machine learning stops fraud.

  • Fraud detection, malware detection, intrusion detection, scoring risk in a network, and user/machine behavioral analysis are the five highest AI use cases for improving cybersecurity. Capgemini analyzed 20 use cases across information technology (IT), operational technology (OT) and the Internet of Things (IoT) and ranked them according to their implementation complexity and resultant benefits (in terms of time reduction). Based on their analysis, we recommend a shortlist of five high-potential use cases that have low complexity and high benefits. 54% of enterprises have already implemented five high impact cases. The following graphic compares the recommended use cases by the level of benefit and relative complexity.

  • 56% of senior execs say their cybersecurity analysts are overwhelmed and close to a quarter (23%) are not able to successfully investigate all identified incidents. Capgemini found that hacking organizations are successfully using algorithms to send ‘spear phishing’ tweets (personalized tweets sent to targeted users to trick them into sharing sensitive information). AI can send the tweets six times faster than a human and with twice the success. “It’s no surprise that Capgemini’s data shows that security analysts are overwhelmed. The cybersecurity skills shortage has been growing for some time, and so have the number and complexity of attacks; using machine learning to augment the few available skilled people can help ease this. What’s exciting about the state of the industry right now is that recent advances in Machine Learning methods are poised to make their way into deployable products,” said Nicko van Someren, Chief Technology Officer at Absolute Software.

Conclusion

AI and machine learning are redefining every aspect of cybersecurity today. From improving organizations’ ability to anticipate and thwart breaches, protecting the proliferating number of threat surfaces with Zero Trust Security frameworks to making passwords obsolete, AI and machine learning are essential to securing the perimeters of any business.  One of the most vulnerable and fastest-growing threat surfaces are mobile phones. The two recent research reports from MobileIronSay Goodbye to Passwords (4 pp., PDF, opt-in) in collaboration with IDG, and Passwordless Authentication: Bridging the Gap Between High-Security and Low-Friction Identity Management (34 pp., PDF, opt-in) by Enterprise Management Associates (EMA) provide fascinating insights into the passwordless future. They reflect and quantify how ready enterprises are to abandon passwords for more proven authentication techniques including biometrics and mobile-centric Zero Trust Security platform.

Passwords Are The Weakest Defense In A Zero Trust World

  • 90% of security professionals have witnessed security incidents stemming from the theft of credentials, according to a recent MobileIron study conducted by IDG.
  • 86% of CIO, CISO and Security VPs would abandon password authentication if they could.
  • Another survey by EMA found that mobile devices secured by biometric authentication methods present the best option for replacing passwords.
  • There is a direct correlation between the number of times a user authenticates and the number of user access problems that need to be addressed.

These and many other fascinating insights make it clear that passwords are now the weakest defense anyone can rely on in a Zero Trust world. Two recent research studies quantify just how weak and incomplete an IT security strategy based on passwords is, especially when the need to access mobile apps is proliferating. Combined, these two MobileIron reports pack a one-two punch at passwords, and how they’re not strong enough alone to protect mobile devices, the fastest proliferating threat surface in a Zero Trust world.

The first, Say Goodbye to Passwords (4 pp., PDF, opt-in) by IDG, is based on interviews with 200 IT security leaders in the US, UK, Australia, and New Zealand working in a range of industries at companies with at least 500 employees. The survey’s goal is to uncover and quantify the major authentication pain points facing enterprises.  The second, Passwordless Authentication: Bridging the Gap Between High-Security and Low-Friction Identity Management (34 pp., PDF, opt-in) by Enterprise Management Associates (EMA), is based on interviews with 200 North American-based IT professionals who are knowledgeable about their organization’s use of identity and access management services. Please see page 4 of the study for additional details regarding the methodology.

The two studies provide insights into the perils of passwords and the merits of mobile when it comes to enterprise security, user experiences, and workforce productivity:

  • 90% of respondents to the EMA survey have experienced significant password policy violations in just the last year. The most frequently reported was that identical passwords are being used to support multiple accounts (39.06%). The following graphic from the EMA study reflects password management worst practices that put an organization at a high risk of a breach. A recent survey by Centrify found that 74% of all breaches involved access to a privileged account. Hackers aren’t breaking into systems; they’re obtaining privileged access credentials and walking in the front door as the graphic below shows.

  • 88% of global security leaders believe that mobile devices will soon serve as a digital ID for accessing enterprise apps and data. In the US, the percentage rises to 91%. With cyberattacks on the rise and the disadvantages of passwords and Multi-Factor Authentication (MFA) apparent to security leaders—from both a user and a security standpoint— it’s clear that new authentication methods are needed. Hardware tokens, seen by many security leaders as a more secure option for authentication than passwords, take a hit on user-friendliness compared to biometrics on a mobile device according to the survey’s results. Among the security leaders, 72% see biometrics as more user-friendly than passwords, versus just 58% favoring tokens over passwords for ease of use.

  • Four of the top five authentication technologies IT leaders prefer over passwords are biometrics-based. What’s encouraging from the EMA study is that the majority of IT departments are actively evaluating biometrics with 82% of respondents identifying at least one of the four basic biometric approaches as a passwordless solution.

  • 87% of enterprises anticipate an increase in users needing business app access over the next 24 months. 85% of respondents reported seeing an increase in the number of users who need to access business apps from a mobile device over the past 12 months. Mobile apps dominate enterprises’ internal software development efforts according to 91% of respondents to the IDG study.

  • Eliminating passwords reduces the friction or hassles required to gain access to apps and resources while improving organization-wide security. The paradox of how to improve productivity and increase security is solved when passwords go away. Low-friction identity management approaches improve user experiences while simultaneously enhancing security and reducing management efforts as the graphic below shows:

Conclusion

Hackers would instead find ingenious ways to steal passwords and privileged access credentials than spend time attempting to hack into an organization’s systems. Mobile devices and the apps they use are the fastest growing and most unprotected threat surface there is for businesses today, making them a high priority for hackers. Relying on passwords alone to protect mobile devices makes them the weakest defense in a Zero Trust World. Eliminating passwords for more effective authentication and security approaches that are more consistent with Zero Trust is needed now.

%d bloggers like this: