BetaNews Staff

From governments, to entrepreneurs, to enterprises, organizations are looking to understand and exploit Artificial Intelligence to support data-driven decision making. At the heart of this is knowing how AI, and particularly generative AI, operates. Like so much other technology, effective AI is a matter of data analysis.

Put simply, the more data an AI is fed, and the higher quality, the better its analysis will be. This means that the age-old problem of Garbage In, Garbage Out (GIGO) will always be an issue. But there is another, equally crucial issue to consider -- timeliness. 

Continue reading →

"We really should stop getting hung up about what open source means," a statement repeatedly made by those for whom a lack of understanding of open source is advantageous. Generally those who don’t want to meet the standards that are set out in the Open Source Definition (OSD) which all Open Source Initiative approved license must meet, including the requirement that open source software must be usable by anyone for any purpose. And usually they are in denial of the requirement for open source licenses to be usable for any purpose, which includes commercialization. This really sits at the heart of open source.

In a commercial context open source means enabling your competitors with your own innovation. In a world where companies are driven by shareholder value this simply would not happen if it did not come with clear and measurable advantages, like collaboration, creating a defacto standard or building an ecosystem around it, and where equivalent or greater value than the proprietary royalty model is generated.

Continue reading →

While we all know email is a big target for attackers, it’s important to remember that email is not the only risk vector. As companies use more tools and features, the risks grow too. Email is just one piece of the puzzle, which is why it is crucial to consider a wide range of employee security behaviors to get a holistic view of your risks. By doing so, you can focus resources more efficiently.

Human Risk Management (HRM) is a vital part of cyber security. Even if you have technological safeguards in place, HRM plays a substantial role in your overall security stance. Here I highlight some of the employee cyber risks that often get overlooked and how we can better keep an eye on them in real time.

Continue reading →

Our modern business landscape transforms constantly, yet the value of data endures. However, thriving companies don’t merely amass data -- they cultivate meaningful data.

Leaders must have trustworthy data to unlock organizational insights, but inaccurate data is still rampant in most organizations. This data costs leaders far more than missed opportunities. According to industry research, bad data costs U.S. enterprises $3.1 trillion annually. Still need convincing about the benefits of data quality? Let’s discuss the benefits of high-quality data and explain how leaders can adopt a leading data management strategy today.

Continue reading →

The artificial intelligence revolution is here to stay, and a large part of the reason is the massive economic impact of the technology on the industries it has touched. Effectively implementing AI into a business’s operation requires an incredible amount of planning and precision, as well as consideration of all of the ethical and regulatory challenges associated with the use of the technology.

One of the primary reasons AI has become such an exciting and dominant technology is its ability to process data faster than human workers. In many industries, we have seen efficiency increase by allowing AI and automation to take over simpler and more labor-intensive tasks, enabling human workers to spend more time on tasks that require a more human quality.

Continue reading →

AI has officially taken off, yet organizations are squarely divided on their use in the workplace.  Organizations that encourage the use of AI and Large Language Model (LLM) tools for productivity are willing to accept the security risk but often lack the policies, education, and controls required to mitigate potential security risks, including those posed by insiders.

On the other hand, companies that take a hard line against the tools by implementing strict rules against any installation or use of AI-LLMs may cause their employees to be less productive. Fortunately, there is a middle ground that balances productivity with security and, importantly, with insider risk management.

Continue reading →

With the development of new technologies, cyber threats are becoming more sophisticated, and personal data remains one of the most desirable targets. The Verizon Data Breach Investigations Report states that 49 percent of hacks use credentials.  

Traditional authentication methods, such as username and password with standard Multi-Factor Authentication (MFA), are no longer sufficient to protect sensitive information and systems from unauthorized access. According to Microsoft, there are 1287 password attacks every second. Consequently, businesses must adopt more sophisticated and layered methods of user authentication. One of these methods is Advanced Authentication.

Continue reading →

Digital twins are growing in leaps and bounds. These virtual representations of real-world devices are essentially digital proxies for enterprises -- delivering insights into an asset’s data, processes, operation states, and lifecycle. This is particularly beneficial in achieving better visibility in smart factories, or accurately predicting how devices might perform in connected healthcare.

In creating digital twin simulations and running models, however, there’s a problem. Doubling the data and doubling the digital assets of any company is, in effect, doubling the cybersecurity surface area. This increases the chances of exposure and sensitive company information falling into the wrong hands. Without proper safeguards, the risk is that digital twins can be turned against their owners. Amidst a landscape of record growth in the Internet of Things (IoT), let’s look at how to safely leverage the power of digital twins.

Continue reading →

As the recent hype and excitement around Generative AI (GenAI) begins to settle somewhat, we are entering a critical phase where innovation must be more closely aligned with ethical considerations. The impact of AI is already evident in various aspects of life, pointing to a future where, ideally, its use is not only widespread but also guided by principled decision-making. In this context, the emphasis should be on using AI to address appropriate problems, not just any problem.

In particular, the early iterations of GenAI platforms have demonstrated their potential but also the need for careful application. In many organizations, GenAI has already improved both customer and employee experiences, with advanced chatbots capable of mimicking human interaction taking automated customer service to a whole new level by providing quick and relevant responses. In an ideal world, this use case highlights AI’s dual purpose: to enhance human capabilities while maintaining a focus on human-centred experiences.

Continue reading →

As we look ahead to the coming year, Trellix Advanced Research Centre recently shared its predictions for 2024. Among them, it highlighted that as connected devices continue to proliferate, and hybrid and remote workforces persist, insider threats will only continue to grow.

This expected increase is especially worrying as research has already shown that breaches caused by employees have seen a 47 percent increase over the last two years, whether accidental or malicious. Annually, 34 percent of all businesses will suffer an insider threat incident, costing an estimated eye-watering $15.38m per occurrence, so the predicted increase is particularly frightening.

Continue reading →

We all know the saying: you can’t have it all. The same applies to the cloud providers -- a single one cannot give and be everything you need. 

Increasingly we are seeing customers demand higher standards from their cloud services in an effort to reduce savings and security risks, as well as enhance their flexibility. In a landscape that is always changing, many sectors are feeling the need to keep up with technology or even try to be one step ahead of it. To meet these complex requirements, companies may want to look a little wider than their single cloud provider set-up and into the world of multicloud. 

Continue reading →

Alongside traditional approaches like software vulnerabilities and misconfigurations in applications, hackers are constantly looking for new ways to get into devices and corporate networks. Two of the biggest growing threats are Search Engine Optimization (SEO) poisoning and Malvertising.

SEO Poisoning is where hackers lure victims to legitimate websites by populating them with content on topics of interest to potential victims. For example, Gootloader, an Initial-Access-as-a-Service operation, targets law professionals because they handle sensitive business data that can be extremely valuable. Hackers use Gootloader to get a foothold into an organization’s IT environment and then spread laterally through the entity’s IT network to implant ransomware or exfiltrate data.

Continue reading →

2023 looks set to be yet another record-breaking year for ransomware attacks. According to Statista, over 72 percent of businesses worldwide have already been affected by ransomware attacks this year, with LockBit3.0 and CI0p Ransomware claiming the bulk of victims last quarter.

The scourge of modern digital businesses everywhere, the proliferation of ransomware shows no sign of slowing down thanks to the rise of ransomware-as-a-service (RaaS) platforms -- so much so that it has become the most prevalent issue confronting organizations today.

Continue reading →

While we all know email is a big target for attackers, it’s important to remember that email is not the only risk vector. As companies use more tools and features, the risks grow too. Email is just one piece of the puzzle, which is why it is crucial to consider a wide range of employee security behaviors to get a holistic view of your risks. By doing so, you can focus resources more efficiently.

Human Risk Management (HRM) is a vital part of cyber security. Even if you have technological safeguards in place, HRM plays a substantial role in your overall security stance. Here I highlight some of the employee cyber risks that often get overlooked and how we can better keep an eye on them in real time.

Continue reading →

When we want to secure something highly valuable, say, a bag of ancient Spanish coins worth millions, we think of locking it behind as many layers as possible. For example, you might put it in a safe deposit box in a bank vault, nestled safely inside the institution that is itself blanketed with redundant physical security controls.

As organizations have become increasingly complex, so too have their associated layers of security around application access. Enterprises have tremendous amounts of applications and data, as well as users and devices with differing levels of permissions trying to access that data. To provide a consistent, IT-vetted method of creating, managing, storing, and authenticating the complexity of application access, we have arrived at Identity Provider (IdP) tools. IdPs are (typically) cloud-hosted services that store unique information used to identify users, organizations, and devices ("digital identities"), authenticate access requests, add/remove users, and provide security around these functions. Popular examples of solutions often used for IdP functionality include Okta, Microsoft Azure AD, and Duo.

Continue reading →