Connect with us

Technology

Why businesses need to start focusing on cloud computer security

Published

on

Share this:

Cloud computing is providing businesses with many advantages and the technology is one of the fastest growing, led by the likes of Amazon Web Services and Microsoft. Businesses also need to be mindful of security matters, according to a new report.

The deep dive into the security matters impacting on the cloud computing market and the way that businesses are implementing comes from Bitglass. The company has released a report titled “Guardians of the Cloud”, which represents its latest (and the 2019 edition) of its Cloud Security Report. The reports series focuses on key trends and common vulnerabilities across the economy.

The report’s strapline is that as organizations migrate increasing volumes of data and operations to the cloud, it is important that they maintain a strong and well-developed cybersecurity system.

How well businesses are achieving security for cloud is varied, as uncovered in the Bitglass report. To gather data across a range of industrial sectors, Bitglass has partnered with a cybersecurity community and surveyed IT professionals about the status of cloud security inside their organizations.

The 2019 reports finds that 75 percent of organizations leverage multiple cloud solutions. This is a sign of the rapid take-up of cloud solutions. However, just 20 percent of companies are monitoring cross-app anomalous behavior. This is important and becomes even more pressing with the growing number of organizations who are electing to store sensitive information in the cloud (such as customer data, stored by 45 percent of the survey respondents); employee data (captured by 42 percent of the firms surveyed) and intellectual property (noted by 24 percent of those polled). Consequently, this level of personal data means that putting in place robust cloud security measures is essential.

Security remains a high consideration for companies, it is just a question of how effective they are at putting appropriate measures into place. The top priorities for businesses in relation to cloud computing are: defending business systems against malware, achieving regulatory compliance (such as GDPR), and securing major apps in current use.

Malware represents a major data leakage vector. A secondary data loss concern is with unsanctioned cloud apps, although the weaknesses around these is not felt to be as great as with previous surveys.

According to Rich Campagna, chief marketing officer of Bitglass: “This report found that 93 percent of respondents are at least moderately concerned about their ability to use the cloud securely, and that the adoption rates of basic cloud security tools and practices are still far too low. Many organizations need to rethink their approach to protecting data, as traditional tools for safeguarding data on premises are not capable of protecting data in the cloud.”

Applying access control (52 percent of respondents) and anti-malware (raised by 46 percent) are the most commonly used cloud security options. Further down the list are single sign-on (26 percent) and data loss prevention (20 percent). While a number of firms have or are implementing such security solutions, these are not deployed often enough. One reason for this is cost. This is followed by ease of deployment and then with cross-cloud security policies.

Share this:

Business

What questions should companies ask before going all-in on AI?

Problem-solving, data sets, and the consequences of getting it wrong.

Published

on

Share this:

From chatbots that answer our questions to emails that write themselves, AI is increasingly present in our lives — and the advent of startlingly sophisticated and headline-making tools like ChatGPT suggest that presence is likely to grow.

As it stands, the technologies are advancing at a seemingly breakneck pace, impacting sectors as diverse as public health and transportation. Given the spread, it’s easy to assume AI could be used by just about any company — and there are plenty of adoptees. 

The 2022 McKinsey Global Survey on AI reported in December that although it has stabilized in recent years, the proportion of organizations adopting AI in at least one business area has more than doubled since 2017.

Furthermore, “the average number of AI capabilities that organizations use has also doubled — from 1.9 in 2018 to 3.8 in 2022,” the report found.

But what are companies actually using AI for? And, what are some critical questions experts say companies should ask themselves before going all-in?

Let’s take a closer look.

Why AI is becoming increasingly useful

One reason AI is becoming especially useful is because by definition, it is the ability of machines to learn and make decisions based on data and analytics. And it should come as no surprise that companies now have access to more data than ever before. 

How much more? Well, Gil Press — a senior contributor with Forbes — reported toward the end of 2020 that in the 10 years that came before, “the amount of data created, captured, copied, and consumed in the world increased from 1.2 trillion gigabytes to 59 trillion gigabytes.”

That’s almost 5,000 per cent growth, Press said.

And with the help of emerging technologies like AI, the University of Pennsylvania’s Wharton Online explained, companies are now able to capture user data that can help them make informed business decisions.

“AI is no longer an experimental technology only used by select brands,” it said. “For many companies around the world, it has become a core part of their operations.”

AI: What is it used for?

So, how is AI being used by companies and organizations?

Common applications cited by Business News Daily include the detection of cyberattacks and threats, digital personal assistants that manage calendars, and customer service chatbots.

The latter is also where some companies are using ChatGPT. Bloomberg reported on March 1 that the technology has already found a home on apps for Instacart, where customers will be able to ask it questions about recipes; Shopify, where it will offer suggestions; and Quizlet Inc., where it will provide users with a “tutoring experience.”

In more specialized fields like healthcare, AI’s uses include helping to make potentially life-saving cancer diagnoses. The New York Times reported on March 5 that AI known as “computer-assisted detection” is helping to detect breast cancer missed by mammograms.

More generally, some popular uses for AI include service operations optimization, contact centre automation, customer service analytics, sales and demand forecasting, and risk modeling and analytics, according to the 2022 McKinsey Global Survey on AI.

And when it comes to deciding how to apply AI, Wharton Online reported that companies often focus on driving growth. 

That growth, according to Entrepreneur’s Auria Moore, is focused on three central areas: 

  • AI-powered analytics, which can allow businesses to gather information about users for better product creation.
  • Customer service satisfaction, where AI chatbots can provide answers to users faster.
  • Targeted digital marketing campaigns, which has AI granting marketers the ability to “enhance personalization at an individual level.”

Meanwhile, supply-chain management is where the highest-reported cost benefits from AI were identified in the McKinsey survey — while “the biggest reported revenue effects are found in marketing and sales, product and service development, and strategy and corporate finance.”

“The bottom-line value realized from AI remains strong and largely consistent,” the report said.

“About a quarter of respondents report this year that at least 5 percent of their organizations’ [earnings before interest and taxes] was attributable to AI in 2021, in line with findings from the previous two years.”

What to consider before going all-in

Given its vast possibilities for application and seemingly limitless potential, investing in AI could seem like a no-brainer for businesses. But some experts warn that it shouldn’t be.

“The first question to ask yourself when considering AI is what problems might be solved with the technology,” Inc.’s Ben Sherry reported last May.

While some companies would find AI genuinely useful — for example, Sherry said, an e-commerce company could use it to market specific products to customers based on data — others could wind up with an unnecessary expense.

“Ask yourself if automating part of your business has an easily identifiable benefit, or whether you have routine tasks that could easily be automated,” he suggested.

AI’s algorithms also need a lot of high-quality data to deliver valuable insights, Open Data Science (ODSC) explained in November 2021, and machine learning needs varied data to build its intelligence.

So before investing in AI, ODSC said, it’s critical to make sure your company has access to a sufficient amount of high-quality data sets.

“Without data and specifically, high-quality data, your AI investment is useless,” ODSC said. 

“It’s essentially like purchasing an expensive car with an incredibly powerful motor without any access to a fuel source.”

Finally, some experts say a critically important question for companies considering AI to ask themselves is: what are the consequences if it fails?

“AI models work through very sophisticated algorithms and statistical correlations, but there is always a margin of error. Does the company want to implement AI in a process with high variability and a low accuracy rate, or the opposite? What risks and how much investment would be lost if it didn’t work out?” industrial IoT company Nexus Integra asked in a blog post.

“Depending on which systems and data are available, the company must evaluate whether the accuracy of these models is expected to be high enough to proceed.”

And Ricardo Baeza-Yates, director of research at the Institute for Experiential AI at Northeastern University, wrote in an August 2021 piece for Forbes that “as the usage of AI grows exponentially, so have the number of AI incidents.

As such, Baeza-Yates said companies looking to use AI should first ask themselves if they have deeply considered the direct, and indirect, impact of their product or service.

“Here, the accuracy of your model is irrelevant. What matters is the impact of the mistakes you make, even if they are few,” he wrote.“In cases where people were falsely accused by facial recognition systems, killed by driverless cars or unethically targeted for fraud, the damage was severe and lasting.”

Share this:
Continue Reading

Business

How to prevent a cyberattack on your organization

“Organizations need to brush up on security hygiene,” says one expert. “Companies need to incentivize following the protocols.”

Published

on

Share this:

You wouldn’t expect cyber-criminals to target a lifestyle and bookstore.

In February, Canada’s much-beloved bookstore chain Indigo fell prey to ransomware threats — specifically to pay up, or its employee data would be released.

The attack also left the retailer’s website not working at full capacity, and its brick-and-mortar stores briefly unable to process any debit or credit payments. The effects of the attack even lingered into March

But none of this surprised cyber-security experts, who all said at some point, “it’s not if, but when,” a company is hit with a security breach.

Shira Rubinoff — who provides cybersecurity guidance to numerous Fortune 100 companies, and serves on the board of Pace University’s Cybersecurity Program — said whether the ransom was paid or not, the data could invariably be sold to another bad actor anyway. 

“Organizations need to brush up on security hygiene,” noted Rubinoff, who has built two cybersecurity product companies, and currently serves as president of the New York-based technology incubator, Prime Tech Partners, and the social-media-security firm, SecureMySocial. “Companies need to have a security process, trained people, and the right technology. But the glue in the middle is the training; make people cyber-aware within the organization. Companies need to incentivize following the protocols.”

She said the worst attacks to spot are phishing attacks, which attempt to deceive people into revealing sensitive information. “They look real. It might be end-of-day, and a worker clicks on it, and it’s from a nefarious bad actor that’s trying to penetrate the organization,” Rubinoff explains.

“It might be from someone who pretends to be from another company, offering them a rise in their position. But it’s really someone trying to get information.”  

In the wake of several Canadian hospitals seeing their data hacked, the CEO of Canadian Internet Registration Authority Byron Holland, noted that a third of organizations have seen some kind of security breach. 

“Lack of focus and money” were the reasons behind poor security protocols, Holland outlined in a Globe and Mail webinar on cybersecurity in Canadian healthcare, adding that necessary tools must include multi-factor authentication, firewalls, security training, among others. 

Watch the webinar:

Toronto’s Hospital for Sick Children, Ross Memorial Hospital (Lindsay, Ontario), Newfoundland and Labrador’s provincial health data, and California-based Regal Medical Group have all fallen victim to breaches in recent months. In 2019, LifeLabs — Canada’s largest medical lab — was hacked, leaving vulnerable the personal information of fifteen million people.

Recognizing the growing problem, last year the Canadian government announced it was taking further measures to “bolster cybersecurity across the financial, telecommunications, energy, and transportation sectors.” The proposed legislation aims to “amend the Telecommunications Act to provide the Government with the legal authority to mandate any necessary action to secure” exposure from high-risk suppliers. In addition, the legislation introduced the Critical Cyber Systems Protection Act, that among many things, will help organizations better prevent and prevent cyberattacks.

Some 45% of small businesses in Canada have experienced a cyberattack in the past year, according to the Canadian Federation of Independent Business. One in ten experienced a phishing attack with someone impersonating a CEO or business leader. In the first half of 2020, attacks on web applications were up eight hundred per cent over the year before. 

It should come as no surprise, then, that about one in ten staff have completed mandatory cybersecurity training, and eight per cent, optional training, according to the same report. 

Alex Plotkin, CEO of Cyberwall Defence, explains that three-quarters of the time, a bug comes through email, and it’s a simple fix as buying al filter that any IT company can provide. 

Most companies aren’t aware there are regulations they’re supposed to follow, he noted. 

“Half of SMB CEOs have no clue about these regulations. They likely know anti-spam regulation, but nothing about cyberattack regulation to protect the information you have already.”

Finally, his advice is that employees not reveal too much about themselves on social media, such as their dog’s name, kids’ names, or hobbies. Attackers know that these are often password answers to private information.

Ben Rothke is a New York City-based Senior Information Security Manager for Tapad, a company that analyzes internet and device data for marketing. He is responsible for information security, data privacy, compliance, and risk management. He advises every company to have a documented and tested incident response plan, for before, during, and after an information security incident. 

“Most responses tend to be haphazard,” he said.

Jeff Goldenberg, who has over three decades of security and fraud prevention experience, concurs. “Most companies, especially companies not in the financial services or health services — which are heavily regulated — simply don’t give a crap about security.” 

This is especially true of SMEs, who have little budget to spend on security, and unwisely think they’re never on hackers’ radar. 

“The biggest mistake that everyone makes, big or small, is that security is the security team’s responsibility,” he added. It’s actually everyone’s responsibility.” 

To make matters worse, in recent years workers have come with their own computers, rather than a corporate-issued device curated by IT with certain controls and software. “It’s a mess waiting to happen. At a bare minimum, you should be running anti-virus software, and that includes Apple users. You absolutely need it for Macs too, because the idea that they’re immune is nonsense.”   

Goldenberg adds that every staffer of every company should be “forced to take annual cyber-security training,” a resource widely available. “Even Visa and Wells Fargo use these external third-party sources, because they’re really good and effective. It’s a twenty minute course, so you know how not to be the cause of your own company’s breach.”

Some security tips are obvious, he says — for example, don’t give out your password, don’t open strange attachments, and don’t answer emails from people you don’t know. But an under-utilized security feature is multi-factor authentication, which provides an extra line of defense. Bluntly speaking, Goldenberg adds: “Passwords are useless.”

Share this:
Continue Reading

Business

mesh conference launches showcase program to shine the spotlight on underrepresented innovators

The mesh innovation showcase will recognize innovation and digital transformation leaders from underrepresented communities across Canada

Published

on

mesh innovation showcase
Share this:

Today the mesh conference announced a new program intended to recognize innovation and digital transformation leaders from underrepresented communities across Canada. Called the mesh innovation showcase, the program is being launched in collaboration with The51, The A100, and Platform Calgary.

The mesh innovation showcase will provide a platform to amplify innovators, including speaking and demo opportunities, media spotlights, and networking opportunities for members of underrepresented communities including: Women (female-identifying), Indigenous Peoples (First Nations, Inuit, and Métis), persons with disabilities, members of visible minority/racialized groups, members of LGBTQQIP2SAA communities and Immigrants/newly landed residents, as defined in the Tri-Agency Equity, Diversity and Inclusion Action Plan.

“We are so excited to highlight the brilliance of innovators across the country — startups and scaleups, sole practitioners, corporate innovators, as well as transformation leaders in not-for-profit and government,” says Alicia Kalozdi-MacMillan, partnership lead with the mesh conference. “We are committed to fostering a more diverse and inclusive innovation ecosystem, and we look forward to shining a spotlight on the incredible talent that exists in communities across Canada.”

Companies and individuals can nominate innovation leaders, and selected companies will be featured at mesh events across Canada and profiled in the media by mesh conference media partners, DX Journal and Digital Journal, who collectively reach millions of readers.

“Innovation is about unlimited thinking, which is why the mesh innovation showcase is such a valuable opportunity and one that we’re honoured to support,” says Tamara Woolgar, Executive Director, The A100. “Founders from underrepresented communities will have a chance to share their stories and solutions, grow their networks, and inspire a broader sense of belonging and possibility.”

The mesh innovation showcase will highlight innovators across the four mesh threads — Business, Society, Media, and Marketing — and will put a spotlight on people who think outside the box, break and fix, solve problems, and those who pursue innovation that solves real-world problems. 

The mesh innovation showcase is open to entrepreneurs and intrapreneurs from across Canada, and selected companies will be featured at the mesh conference in April 2023, as well as in Toronto later this year. 

“At The51, we’re dedicated to amplifying the voices of underrepresented founders, investors and ecosystem champions, and we’re thrilled to partner with mesh conference, an organization that shares our commitment to diversity and inclusion,” says Shelley Kuipers, Co-CEO and Chief Growth Officer of The51. “We’re excited to join forces to showcase the untapped potential of Canada’s innovation ecosystem.”

Nominations are open until March 31 for the first wave of the mesh innovation showcase and selected companies will be hand-picked, recommended, and qualified by mesh, The51, The A100 and Platform Calgary to be showcased at the mesh conference April 12-13 in Calgary. 

Selected companies and founders will be invited to participate in the program free of charge, and be offered amplification through the event and its digital channels.

“When a founder has the opportunity to share their story, it has a profound impact not only on the growth of the entrepreneur personally, but more importantly for their venture,” says Madeline Kendrew, Director of Founder Success at Platform Calgary. “Showcasing their product-market fit and traction to date can accelerate the rate of attracting co-founders, customers, partnerships, and investors.”

Nominees will have the opportunity to meet with the partners involved in this program who will be on hand to offer advice, support and their services.

To nominate someone for the mesh innovation showcase, visit meshconference.com/mesh-showcase/

Share this:
Continue Reading

Featured