Skip to content

Posts tagged ‘COVID-19’

Why Cybersecurity Is Really A Business Problem

Why Cybersecurity Is Really A Business Problem

Bottom Line: Absolute’s 2020 Endpoint Resilience Report illustrates why the purpose of any cybersecurity program needs to be attaining a balance between protecting an organization and the need to keep the business running, starting with secured endpoints.

Enterprises who’ve taken a blank-check approach in the past to spending on cybersecurity are facing the stark reality that all that spending may have made them more vulnerable to attacks. While cybersecurity spending grew at a Compound Annual Growth Rate (CAGR) of 12% in 2018, Gartner’s latest projections are predicting a decline to only 7% CAGR through 2023. Nearly every CISO I’ve spoken with in the last three months say prioritizing cybersecurity programs by their ROI and contribution to the business is how funding gets done today.

Cybersecurity Has Always Been A Business Decision

Overcoming the paradox of keeping a business secure while fueling its growth is the essence of why cybersecurity is a business decision. Securing an entire enterprise is an unrealistic goal; balancing security and ongoing operations is. CISOs speak of this paradox often and the need to better measure the effectiveness of their decisions.

This is why the findings from Absolute’s 2020 State of Endpoint Resilience Report​  are so timely given the shift to more spending accountability on cybersecurity programs. The report’s methodology is based on anonymized data from enterprise-specific subsets of nearly 8.5 million Absolute-enabled devices active across 12,000+ customer organizations in North America and Europe. Please see the last page of the study for additional details regarding the methodology.

Key insights from the study include the following:

  • More than one of every three enterprise devices had an Endpoint Protection (EP), client management or VPN application out of compliance, further exposing entire organizations to potential threats. More than 5% of enterprise devices were missing one or more of these critical controls altogether. Endpoints, encryption, VPN and Client Management are more, not less fragile, despite millions of dollars being spent to protect them before the downturn. The following graphic illustrates how fragile endpoints are by noting average compliances rate alongside installation rates:
  • When cybersecurity spending isn’t being driven by a business case, endpoints become more complex, chaotic and nearly impossible to protect. Absolute’s survey reflects what happens when cybersecurity spending isn’t based on a solid business decision, often leading to multiple endpoint security agents. The survey found the typical organization has 10.2 endpoint agents on average, up from 9.8 last year. One of the most insightful series of findings in the study and well worth a read is the section on measuring Application Resilience. The study found that the resiliency of an application varies significantly based on what else it is paired with. It’s interesting to see that same-vendor pairings don’t necessarily do better or show higher average compliance rates than pairings from different vendors. The bottom line is that there’s no guarantee that any agent, whether sourced from a single vendor or even the most innovative vendors, will work seamlessly together and make an organization more secure. The following graphic explains this point:
  •  60% of breaches can be linked to a vulnerability where a patch was available, but not applied. When there’s a compelling business case to keep all machines current, patches get distributed and installed. When there isn’t, operating system patches are, on average, 95 days late. Counting up the total number of vulnerabilities addressed on Patch Tuesday in February through May 2020 alone, it shows that the average Windows 10 enterprise device has hundreds of potential vulnerabilities without a fix applied – including four zero-day vulnerabilities. Absolute’s data shows that Post-Covid-19, the average patch age has gone down slightly, driven by the business case of supporting an entirely remote workforce.
  • Organizations that had defined business cases for their cybersecurity programs are able to adapt better and secure vulnerable endpoint devices, along with the sensitive data piling up on those devices, being used at home by employees. Absolute’s study showed that the amount of sensitive data – like Personal Identifiable Information (PII), Protected Health Information (PHI) and Personal Financial Information (PFI) data – identified on endpoints soared as the Covid-19 outbreak spread and devices went home to work remotely. Without autonomous endpoints that have an unbreakable digital tether to ensure the health and security of the device, the greater the chance of this kind of data being exposed, the greater the potential for damages, compliance violations and more.

Conclusion

Absolute’s latest study on the state of endpoints amplifies what many CISOs and their teams are doing today. They’re prioritizing cybersecurity endpoint projects on ROI, looking to quantify agent effectiveness and moving beyond the myth that greater compliance is going to get them better security. The bottom line is that increasing cybersecurity spending is not going to make any business more secure, knowing the effectiveness of cybersecurity spending will, however. Being able to capable of tracking how resilient and persistent every autonomous endpoint is in an organization makes defining the ROI of endpoint investments possible, which is what every CISO I’ve spoken with is focusing on this year.

Remote Recruiting In A Post COVID-19 World

Remote Recruiting In A Post COVID-19 World

Bottom Line: Virtual career fairs and events, fully-remote recruiting, more personalized career paths, and greater insights into candidate experiences are quickly becoming the new normal in a post-COVID-19 world.

The COVID-19 pandemic is quickly changing how every organization is attracting, recruiting, and retaining employees on their virtual teams, making remote work the new normal. Recruiting systems, Applicant Tracking Systems (ATS), and talent management systems were designed for one-on-one personal interactions, not virtual ones. Legacy Human Resource Management (HRM) systems are already showing signs of not being able to scale and meet the challenges of the brave, new post-COVID-19 world. The majority of legacy systems are built for transaction scale and can’t see candidate potential. Closing the gaps between legacy talent management systems and new virtual event recruiting and AI-based talent management platforms are changing that by putting candidate potential at the center of their architectures.

Closing The Virtual Event Recruiting Gap Needs To Happen First

Many organizations during this time of year prioritize recruiting the best and brightest college seniors they can attract during in-person interviews on campus. That’s no longer an option today. College recruiters are resorting to individual Skype or Zoom sessions with candidates while attempting to keep track of interviews the best they can with Excel, Google Sheets, and e-mail. Recruiters trying to recruit for mid-level and senior positions are under increasing pressure from hiring managers to arrange interviews with the highest quality candidates possible.

Seeing an opportunity to help organizations find, engage, and recruit using online events, Eightfold.ai has created and launched Virtual Event Recruiting. Eightfold.ai is best-known for its Talent Intelligence Platform™, the first AI-powered solution and most effective way for companies to identify promising candidates, reach diversity hiring goals, retain top performers, and engage talent. Eightfold.ai’s recent webinar How To Hold Virtual Recruiting Events is worth checking out if you’re interested in how Virtual Event Recruiting is evolving..

What Does Success Look Like In Virtual Event Recruiting?

The table stakes for any Virtual Event Recruiting solution need include support for students just starting their careers, veterans, return-to-work mothers, and experienced professionals. For a solution to be effective, it also needs to enable companies and job seekers to connect, giving companies greater scale than is possible for physical recruiting events. Ideally, any virtual event recruiting system needs to provide the following:

  • The ability to upload resume books and use AI to find the highest quality matches for open positions in real-time. Machine learning algorithms excel at pattern matching and can save recruiters thousands of hours of drudgery by immediately seeing the highest quality matches for open positions.
  • Provide a planning center that also serves a company’s specific talent community and provide tools to grow it by tailoring events to their specific interests while seeking the best-qualified candidates for open positions. Creating, launching, and tracking recruiting campaigns from the same dashboard that tracks invitations, registrations, and open positions being filled gives recruiters the end-to-end visibility they need to succeed with a virtual event. It’s important to have Assessments included in every virtual event to measure candidates’ experiences and see what’s going well and which areas need to improve. The following is an example of what Eightfold’s planning center looks like:

Remote Recruiting In a Post COVID-19 World

  • Rely on AI to match high-potential candidates with the best possible virtual events to increase opt-in and participation rates. For a virtual event recruiting solution to be effective, high-potential candidates need to be matched with positions they will most excel in. A first step to making this happen is using AI to understand every candidate’s strengths and inviting them to the virtual events that will help them the most in choosing the best position given their potential.

Remote Recruiting In a Post COVID-19 World

  • Guide candidates to the positions that best match their existing capabilities and future potential. Instead of relying on keyword matching from resumes alone, virtual event recruiting applications need to suggest those positions high-potential candidates have the greatest potential to excel at. Using AI to combine all available data on a candidate, so their existing capabilities and future potential are taken into account is key to making more successful hires. Integrating job recommendations with virtual event recruiting is a must-have for any organization looking to add staff in 2020 and beyond.

Remote Recruiting In a Post COVID-19 World

  • After the virtual event, all potential candidates for an open position need to be stacked-ranked so recruiters can prioritize who they contact. By providing personalization at scale to every candidate by providing them recommendations for the positions they are the strongest match for, recruiters will find following-up is easier to accomplish than cold-calling a candidate found on LinkedIn, for example. Stack ranking needs to include members of the existing talent community and organization is cultivating as well. An excellent example of how this could work is shown below:

Remote Recruiting In a Post COVID-19 World

Conclusion

University campuses need to consider partnering with Eightfold.ai to make it easier for their graduating students to find best available careers, perhaps across a much broader range of companies than ever visited any individual campus. And there is no reason this paradigm can’t be applied to other job fairs and recruiting events like Grace Hopper.

Improving event virtual recruiting needs to be the priority recruiters and HR professionals take action on first to stay competitive from a talent management standpoint. Organizations that will win the war for talent in this new remote, distributed workforce era are already looking at how to excel at virtual recruiting. Having a talent intelligence platform that can provide end-to-end visibility and personalization at scale is the future of talent management.

 

COVID-19’s Impact On Tech Spending This Year

COVID-19's Impact On Tech Spending This Year

The human tragedy the COVID-19 pandemic has inflicted on the world is incalculable and continues to grow. Every human life is priceless and deserves the care needed to sustain it. COVID-19 is also impacting entire industries, causing them to randomly gyrate in unpredictable ways, directly impacting IT and tech spending.

COVID-19’s Impact On Industries

Computer Economics in collaboration with their parent company Avasant published their Coronavirus Impact Index by Industry that looks at how COVID-19 is affecting 11 major industry sectors in four dimensions: personnel, operations, supply chain, and revenue. Please see the Coronavirus Impact Index by Industry by Tom Dunlap, Dave Wagner, and Frank Scavo of Computer Economics for additional information and analysis.  The resulting index is an overall rating of the impact of the pandemic on each industry and is shown below:

Computer Economics and Avasant predict major disruption to High Tech & Telecommunications based on the industry’s heavy reliance on Chinese supply chains, which were severely impacted by COVID-19. Based on conversations with U.S.-based high tech manufacturers, I’ve learned that a few are struggling to make deliveries to leading department stores and discount chains due to parts shortages and allocations from their Chinese suppliers. North American electronics suppliers aren’t an option due to their prices being higher than their Chinese competitors. Leading department stores and discount chains openly encourage high tech device manufacturers to compete with each other on supplier availability and delivery date performance.

In contrast to the parts shortage and unpredictability of supply chains dragging down the industry, software is a growth catalyst. The study notes that Zoom, Slack, GoToMyPC, Zoho Remotely, Microsoft Office365, Atlassian, and others are already seeing increased demand as companies increase their remote-working capabilities.

COVID-19’s Impact On IT Spending  

Further supporting the Coronavirus Impact Index by Industry analysis, Andrew Bartels, VP & Principal Analyst at Forrester, published his latest forecast of tech growth today in the post, The Odds of a Tech Market Decline In 2020 Have Just Gone Up To 50%.

Mr. Bartels is referencing the market forecasts shown in the following forecast published last month, New Forrester Forecast Shows That Global Tech Market Growth Will Slip To 3% In 2020 And 2021 and shown below:

Key insights from Forrester’s latest IT spending forecast and predictions are shown below:

  • Forrester is revising its tech forecast downward, predicting the US and global tech market growth slowing to around 2% in 2020. Mr. Bartels mentions that this assumes the US and other major economies have declined in the first half of 2020 but manage to recover in the second half.
  • If a full-fledged recession hits, there is a 50% probability that US and global tech markets will decline by 2% or more in 2020.
  • In either a second-half 2020 recovery or recession, Forrester predicts computer and communications equipment spending will be weakest, with potential declines of 5% to 10%.
  • Tech consulting and systems integration services spending will be flat in a temporary slowdown and could be down by up to 5% if firms cut back on new tech projects.
  • Software spending growth will slow to the 2% to 4% range in the best case and will post no growth in the worst case of a recession.
  • The only positive signs from the latest Forrester IT spending forecast is the continued growth in demand for cloud infrastructure services and potential increases in spending on specialized software. Forrester also predicts communications equipment, and telecom services for remote work and education as organizations encourage workers to work from home and schools move to online courses.

Conclusion

Every industry is economically hurting already from the COVID-19 pandemic. Now is the time for enterprise software providers to go the extra mile for their customers across all industries and help them recover and grow again. Strengthening customers in their time of need by freely providing remote collaboration tools, secure endpoint solutions, cloud-based storage, and CRM systems is an investment in the community that every software company needs to make it through this pandemic too.

%d bloggers like this: