BetaNews Staff

In a world where software defines the pace of innovation, organizations must excel at developing, securing, and deploying software. Companies must be experts in all three, or they will be disrupted by those who are. And in our current economic climate, they need to undergo these digital transformations while also cutting costs, being more efficient, and doing more with less.

Value stream management can be the antidote to these challenges, helping teams accelerate time to market, overcome obstacles such as handoffs and broken feedback loops, and improve visibility across the business to deliver high-quality customer experiences.

Continue reading →

The business landscape today includes a highly mobile workforce. A survey by Pew Research found that about a third (35 percent) of workers with jobs that can be done remotely are working from home all of the time and 41 percent of those with jobs that can be done remotely are working a hybrid schedule.

In the UK, according to the latest Chartered Institute of Personal Development (CIPD) report on flexible-hybrid working practices, 83 percent of organizations have a hybrid working approach in place. 45 percent of organizations have a formal policy, while 24 percent take an informal approach, and 13 percent are developing policies through learning and trialing. Overall, the number of people working from home some of the time has grown from 17 percent to 25 percent since the pandemic’s start, meaning a quarter of Brits are hybrid workers. Additionally, the UK Government’s proposal to make the right to request flexible working from day one, rather than after 26 weeks of employment, is likely to further escalate the amount of flexible working requests and likewise the number of employees working remotely.

Continue reading →

With the rollout of Copilot this fall, businesses everywhere are considering moving to Microsoft 365 to reap the benefits of its AI companion function in supporting business operations.

The first step in tackling this transition is for IT teams and Managed Service Providers (MSPs) to understand the new software, evaluate their existing systems and prepare for the intricate migration that lies ahead.

Continue reading →

Businesses are in the early stages of a new era of employee relations as both the workplace and the workforce undergo significant changes. The pandemic accelerated the shift to hybrid work environments, which has, in turn, accelerated the ongoing digital transformations that made hybrid work possible in the first place. Meanwhile, baby boomers are retiring, Millennials are moving into management, and the Gen Z cohorts are just starting their careers.

The digital natives now populating companies have discriminating expectations for how technology works for them. For example, Riverbed’s Global Digital Employee Experience (DEX) Survey found that 68 percent of employees would leave the company if they were unhappy with the DEX. Companies that fail to provide seamless DEX -- which covers the full range of how employees engage with technology at work, from an intranet to email and collaboration platforms to HR systems -- risk frustrating employees when things do not work as expected. This not only increases the chances employees may look for another employer, but a faulty DEX brings losses in productivity and potential damage to a company’s reputation.

Continue reading →

Never trust, verify everything! This is the premise on which the "Zero Trust" approach was founded. This model of cybersecurity involves implementing controls designed to ensure that only verified users can access company resources, and from similarly approved devices.

This strategy is increasingly being adopted in response to the challenges faced by small and medium-sized enterprises (SMEs), such as the continued evolution of hybrid working, the use of Bring Your Own Device (BYOD) and the increase and sophistication in cyber-attacks. Whereas previously SMEs thought they weren’t a target, now they are seen as the weaker link from a hackers’ perspective and increasingly they are falling victims to cyber attacks.

Continue reading →

2023 has been another wild year for cybercrime. In October, Boeing’s systems were breached through a zero-day vulnerability, with hacking group LockBit threatening to publicly release sensitive files if the ransom wasn’t paid in a week. One month prior, MGM Resorts was hit by a ALPHV/BlackCat social engineering attack estimated to impact the company’s third-quarter financial results by about $100 million. That same month, two major hospitals serving thousands of New York patients struggled to recover from a LockBit cyberattack that forced them to reschedule appointments and divert ambulances to other hospitals.

But what is in store for 2024? Let's look at some of these trends from 2023 in more detail to better understand what will be facing us next year.

Continue reading →

In 2023, we witnessed the beginnings of a global AI-driven revolution. With recent studies revealing that one in six UK organizations have already embraced artificial intelligence (AI), these technologies have solidified their position in driving the next wave of digital innovation.

However, until now, organizations have been largely focused on AI experimentation, which has limited the benefits they’ve unlocked. They are now seeking to mature their strategies and embrace AI in a more transformational manner, by embedding these technologies into their core business processes. The launch of solutions like the Open AI GPT Store towards the end of 2023 is set to accelerate this drive for AI maturity, making it easier for organizations to embed ready-built use cases into their operations.

Continue reading →

Web applications remain one of the most targeted areas for threat actors. According to Verizon’s Data Breach Investigations Report, web application attacks were behind 26 percent of all successful attacks during the twelve months covered. Yet while the methods for attacking web applications are well known and understood, as evidenced by the work that the Open Web Application Security Project (OWASP) has done on their Top Ten list over the years, many companies still find hardening their applications challenging.

Authorization and access control describe the biggest set of challenges identified by OWASP in their most recent Top 10 list (2021) -- three out of the top five issues were around broken authorization, while broken authentication and improper access to resources were also common problems. The OWASP Top 10 for 2021 also includes attacks that work on unrestricted access to sensitive business flows, which covers areas like creating fake accounts, and server side request forgery where APIs can send resources to the wrong locations.

Continue reading →

Open-source software (OSS) is now so widely used that it is incredibly difficult to find an organization that doesn’t incorporate OSS in some form or another -- whether that be in a standalone open-source product, or more commonly, in the form of OSS packages. Though its usefulness cannot be doubted, the prevalence of this software is exactly what makes it a major target for cyber-attacks.

A prime example of this is Log4j, a popular logging utility used by scores of organizations for recording events such as status reports and errors. In a situation which came to be known as 'Log4shell', a zero-day vulnerability allowed threat actors to compromise systems using malicious code and take control all while remaining undetected. At the time, its impact was described as "enormous" and the implications of its implementation into countless commercial products underlined the inherent vulnerabilities of some open-source technologies when weak points are exposed.

Continue reading →

Artificial Intelligence, Internet of Things, Cybersecurity, Blockchain: these words have become common terms we hear everyday, dominating the news and business landscapes worldwide under what we have come to know as Deep Tech. According to recent research, in 2021 the deep tech market registered a total revenue of US$431.1 Million, and is expected to grow by 21 percent between 2022 and 2032 for a value of US$ 3,733.8.

Start-ups and companies within the Deep Tech space are all about innovation and advancing technologies, often diving into niche parts of already narrow fields. They run the business side differently, they bring revolutionary approaches to traditional dynamics in the work environment, and even create new roles and job titles not seen in other companies. Staying true to their nature where science and innovation plays an important role, these companies engage in specific activities that best compliment their primary immediate goal of research and development, whether this is about technology, sharing knowledge or growing their community.

Continue reading →

In an era marked by continuously evolving cyberthreats, the significance of automation in the realm of cybersecurity cannot be overstated. Automation has emerged as a potent tool that enables security leaders to effectively address the challenges presented by today's digital environment. It offers numerous advantages, including swift and consistent responses to threats, the mitigation of potential human errors and a reduction in incident response times. 

However, while automation is a vital asset, striking the right balance between automation and human involvement is essential to ensure optimal cybersecurity outcomes. In this article, we will explore how organizations can achieve a harmonious partnership between humans and automation to enhance threat detection, response and decision-making.

Continue reading →

The technology landscape has evolved significantly over the last year with the introduction of technologies such as ChatGPT and other generative AI tools taking the market by storm, while raising concerns about data security and more.

As we move forward into 2024, we anticipate that the impact these new technologies have made this year means they will continue to pave the way forward, with AI remaining a hot topic in the industry, while data security concerns rise around it.

Continue reading →

From governments, to entrepreneurs, to enterprises, organizations are looking to understand and exploit Artificial Intelligence to support data-driven decision making. At the heart of this is knowing how AI, and particularly generative AI, operates. Like so much other technology, effective AI is a matter of data analysis.

Put simply, the more data an AI is fed, and the higher quality, the better its analysis will be. This means that the age-old problem of Garbage In, Garbage Out (GIGO) will always be an issue. But there is another, equally crucial issue to consider -- timeliness. 

Continue reading →

"We really should stop getting hung up about what open source means," a statement repeatedly made by those for whom a lack of understanding of open source is advantageous. Generally those who don’t want to meet the standards that are set out in the Open Source Definition (OSD) which all Open Source Initiative approved license must meet, including the requirement that open source software must be usable by anyone for any purpose. And usually they are in denial of the requirement for open source licenses to be usable for any purpose, which includes commercialization. This really sits at the heart of open source.

In a commercial context open source means enabling your competitors with your own innovation. In a world where companies are driven by shareholder value this simply would not happen if it did not come with clear and measurable advantages, like collaboration, creating a defacto standard or building an ecosystem around it, and where equivalent or greater value than the proprietary royalty model is generated.

Continue reading →

While we all know email is a big target for attackers, it’s important to remember that email is not the only risk vector. As companies use more tools and features, the risks grow too. Email is just one piece of the puzzle, which is why it is crucial to consider a wide range of employee security behaviors to get a holistic view of your risks. By doing so, you can focus resources more efficiently.

Human Risk Management (HRM) is a vital part of cyber security. Even if you have technological safeguards in place, HRM plays a substantial role in your overall security stance. Here I highlight some of the employee cyber risks that often get overlooked and how we can better keep an eye on them in real time.

Continue reading →