InsightBrief

07/03/2023

Investors, customers, and regulators are urging technology companies to reduce their carbon footprint and adopt more sustainable practices.

For certain tech hardware companies, enhancing the circularity of their products by repairing, reusing, and recycling materials offers a way to create additional value and achieve their sustainability objectives.

However, most of these plans lack clearly defined targets.

Nearly two-thirds of technology companies don’t have specific circularity goals.

Read more on how reselling and recycling products can offer tech hardware providers a competitive advantage - http://bit.ly/3mA7DBq by Bain & Company

02/03/2023

In the age of digital transformation and cloud computing, protecting an organization is harder than ever.

Evolving threats, agile software development, and hybrid computing make security policy consistency difficult.

Cloud security services are now crucial for application and data center protection. They reduce costs, provide scalability, and offer frictionless security for innovation.

Consider these nine capabilities when evaluating cloud security services 👉 http://bit.ly/3KJAv46 by Radware

21/02/2023

The Business Value of Identity

👉 Research HQ’s Key Takeaways:
• Businesses are often hesitant to invest in Identity solutions, failing to understand the high-costs and man-hours associated with running and maintaining legacy in-house Identity and Access Management (IAM).

• Failure to invest in modern, sophisticated and secure identity solutions exposes organisations to regulatory fines and the costs associated with data breaches.

• Modern IAM solutions open the door for greater innovation through a centralised single source of truth on user identities and help foster streamlined user experiences.

Read more on how IAM is either making your business money or draining resources by Auth0 - http://bit.ly/3Z28RTC

14/02/2023

It is projected that the annual amount of e-waste will exceed 120 million metric tons by 2050, which is more than double the current amount.

The adoption of environmentally sustainable IT disposal practices by organisations today can play a crucial role in determining the impact of e-waste on the environment and the potential benefits they may reap for their business.

Organisations can benefit the environment and unlock the immense business value of e-waste by changing their approach to IT disposal and entering out-of-use hardware into the circular economy.

Data erasure plays a dual role in security and second-hand life and is essential in complying with data protection and privacy regulations.

Read more on CSR & Data Erasure: A Greener Future for IT Asset Disposal - http://bit.ly/3E8QVyN by Blancco Technology Group

The World Economic Forum predicts the amount of e-waste will more than double by 2050 to 120 million metric tons annually. Organizations that put in place

07/02/2023

Ensure a successful Merger and Acquisition (M&A) deal by putting identity and access management (IAM) at the center of your strategy. Avoid the scalability nightmares and streamline post-merger integration with a modern IAM solution.

• M&A deals often fall apart due to disarray in one company's operations.

• Extensible and centralized IAM allows administrators to manage disparate applications from a single location, ensuring that IAM integration doesn’t slow down the M&A process.

• Modern IAM platforms provide frictionless access across multiple brands, ensuring that customer experience doesn’t suffer during the M&A process.

• Outsourcing IAM to a trusted IAM platform can prove a company’s commitment to data privacy and security, which are increasingly important to potential M&A partners.

Read more 👉 http://bit.ly/3ACElUw

If you’re looking to put together a successful M&A deal, you need to prove from the outset that you can integrate your operations with a new partner

01/02/2023

Threat modeling is a crucial aspect of cloud security that helps organizations identify, prioritize and mitigate potential security threats in the cloud.

A comprehensive threat model should outline the built-in risk factors, threat agents, attack roadmaps, and business impact assessments to help organizations develop an effective security strategy.

Here are the best steps:

1. Choose the right team for your cloud security

2. Understand the boundaries of the system

3. Consider risk factors to cloud security

4. Execute a remediation plan

5. Audit and monitor workloads

Read more 👉 https://bit.ly/3P3rCBl by IBM Security

Today’s cloud security requires a new way of looking at threat models. Making a threat model can support your security teams before problems start. It helps

25/01/2023

Protecting sensitive consumer information should be a top priority for organisations. However, this becomes increasingly challenging when dealing with subsidiaries, partners, and third-party contractors.

With cloud identity and access management (cloud IAM), organisations can authenticate users wherever they are, at any time, and secure access to resources across clouds, SaaS, on-premises, and APIs.

Insurers can use IAM solutions to increase speed, agility, and efficiency while providing a complete solution for customers, employees, and partners.

Read more about Identity and Access Management (IAM) for Insurance Companies - http://bit.ly/3N5q6h8 by Ping Identity

17/01/2023

Companies are facing new challenges and opportunities in managing e-waste in today's technology-driven world.

By implementing solutions such as revising internal policies, overseeing vendors, and redesigning products, companies can set themselves apart and gain a competitive edge by addressing the e-waste issue.

Here are some ideas to get started:
👉 Quantify the e-waste stream and related expenses.

This includes determining the amount and types of e-waste generated and the costs incurred in managing these waste streams.

👉 Understand how e-waste is handled and processed to end-of-life.

As electronics contain valuable components that can be reused or recycled, the secondary market for e-waste is crucial.

Therefore, ensure transparency in the end-of-life management of electronics to guarantee that e-waste is being handled and recycled responsibly without creating additional hazards for workers or the environment.

👉 Assess options for circularity. In the shift from linear to circular economy, technology companies are exploring ways to redesign products to enable the recovery of valuable components for reuse in future products.

Assess the life cycle of products, measure the emissions related to e-waste recycling practices, and investigate how adjustments to vendors or business operations can decrease the overall environmental impact.

👉 Investigate the role of e-waste management in achieving your company's sustainability objectives.

Determine whether e-waste is a significant concern for your organization.

Fully comprehend the challenges and opportunities that can significantly impact the attainment of corporate goals such as zero-waste, carbon neutral, and climate change.

👀 Read more about E-waste: Turning a challenge into business advantage - http://bit.ly/3ZJsalO

11/01/2023

Almost everyone has a few obsolete or broken electronics in their drawers.

The problem of e-waste (electronic waste) is on the rise and it's important that we all do our part to address it.

From old televisions to mobile phones, laptops to children's toys, these discarded electronics contain valuable non-renewable resources such as gold, silver, copper, platinum, aluminum, and cobalt.

When not disposed of properly, toxic substances like lead and mercury can leach into the soil and water, contaminating our environment.

Furthermore, existing e-waste recycling solutions are often slow and inefficient, and may export the problem to countries with inadequate labour laws and safety regulations.

Take these four steps to give them a new lease on life and keep as much as possible out of landfill:

1. Postpone upgrading for as long as you can.

2. Find opportunities for reuse.

3. Try returning the item to the manufacturer.

4. Take them to a dedicated e-waste recycling facility.

What steps are you going to take this year to reduce the environmental impact of your e-waste?

Read more on what is e-waste and what can we do about it 👉 https://bit.ly/3vSB4Qz

Prof Richard Herrington, Head of Earth Sciences at the Museum, shares some tips for how to dispose of unwanted electronics and tells us about an innovative

03/01/2023

In a world where environmental sustainability is only increasing in importance, the ability to reuse IT equipment — instead of destroying or even recycling it — plays a critical role in companies’ sustainability strategies.

This is where IT asset disposition (ITAD) comes in: where asset life spans are extended by redeploying them for alternate uses.

According to Market Research Future, the global ITAD market is anticipated to reach $27Bn at a 12% compound annual growth rate by 2025.

Find out why IT asset disposition is critical to sustainability goals 👉 https://bit.ly/3Ps1GRh by Mission Critical Magazine

According to the World Economic Forum, e-waste is the fastest-growing waste stream in the world, with about 50 million tons of electronic and electrical

27/12/2022

We’re so close to 2023. Private citizens can now go to outer space. We have self-driving cars and self-driving vacuums. Drones can deliver our dinner. We do retinal scans at the airport.

It’s almost like we’re living in a sci-fi movie. And yet, when it comes to protecting our personal data, the most popular password of 2021 was, wait for it… ‘123456’. Only to be surpassed this year by guess what ― ‘password’. 🤦‍♂️

Multi-factor authentication (MFA) is estimated to prevent 99.9% of account takeover incidents, but use of MFA isn’t universal.

A small number of organisations continue to support forms of basic authentication that can’t be protected by MFA, leaving them inherently more vulnerable.

Learn more about how organisations and people work today—exploring workforces and customers, and the applications and services they use to be productive - https://bit.ly/3jfvIbK by Okta

20/12/2022

We’re creating a tsunami of e-waste. The material value of our spent devices amounts to $62.5Bn globally.

This is three times more than the annual output of the world’s silver mines.

More than 120 countries have an annual GDP lower than the value of our growing pile of global e-waste.

Read more on how a circular approach can turn e-waste into a golden opportunity - https://bit.ly/3VUQcIz by World Economic Forum

13/12/2022

What's your post-breach remediation plan?

39% of businesses reported a cyber attack in 2022, therefore data compromise events are just a matter of when for most organisations.

Here is a checklist of things you should do during the first 24 hours after a data breach has been discovered:

• Document the date and time of breach.

• Assess the scale and severity of the breach and whether it was caused by a cyber attack or employee error. Investigate what data has been accessed and is potentially at risk of exposure.

• Establish which areas of the business have been affected.

• Ensure the incident response team have been notified.

• Understand whether a risk assessment has been conducted by identifying the associated risks of the breach and assessing whether your company followed due diligence following the discovery of the breach.

Check out this blog from Defense.com™ to learn how your business can manage security incidents more effectively and plan appropriately to prevent future data breaches from occurring - http://bit.ly/3U4OT7U

Data breaches are something that in most recent years seems inevitable. Of the 39% of businesses that reported a cyber attack in 2022, 31% estimate being

06/12/2022

How much progress have organisations made in the past two years, in terms of cybersecurity?

👉 46% of organisations reported they have increased engagement of CEO in cybersecurity matters.

👉 43% of organisations have increased employee report rate on phishing tests.

👉 43% of organisations improved management of security policy exceptions.

👉 42% of organisations increased alignment of cyber strategy to business strategy.

These insights from the PwC report are from a survey of C-Suite officers from 3,602 business, technology and security executives. It focuses on working together from top to bottom, as security concerns everyone in the business.

Read more 👉 http://bit.ly/3fR2mlU

28/11/2022

The evolution of cyber incidents patterns over time.

Denial of service accounted for 40% of incidents in the last year.

👀 Read more on the Data Breach Investigations Report 2022 👉https://bit.ly/3wHWGjp

🔍 This report comprises Verizon and 87 partners and collaborators from across the globe who make this report possible.

📊 Verizon has collected and analysed a total of over 914,547 incidents, 234,638 breaches and 8.9 TBs of cybersecurity data to bring readers the best possible analysis and results.

22/11/2022

15% of employees are transferring business-critical data to their personal cloud accounts.

Business critical data doesn’t always stay in sanctioned cloud services. Employees often transfer data to rogue cloud services — including personal accounts. At best this means the data resides outside of your security team’s control, and at worst is an indicator that the data has been stolen.

👉 Security teams need to enforce usage policies that prevent documents from being transferred out of sanctioned apps to private accounts.

Read more about trends and challenges organisations face when trying to control unsupervised identities and shadow privileges that can put data at risk across a fragmented SaaS & IaaS environment - https://bit.ly/37D7OEo by Varonis

15/11/2022

Cyber attacks have effects that go beyond their direct financial impact.

Businesses are discovering a broader impact from 2021 to 2022:

• Increased costs of notifying customers

• Impact on brand and reputation

• Loss of customers

• Greater difficulty attracting customers

• Solvency was threatened

• Received a substantial fine

• Loss of business partners

Read more in this Hiscox report to learn about the significant rise in attacks through cloud servers as firms settle into hybrid working - https://bit.ly/3CkosUQ

09/11/2022

What can be done better for future cyber investments?

Prioritizing cybersecurity investments has yielded few benefits for organisations.

These insights from the PwC report are from a survey of C-Suite officers from 3,602 business, technology and security executives. It focuses on working together from top to bottom, as security concerns everyone in the business.

Read more 👉 http://bit.ly/3fR2mlU

01/11/2022

What are the personal cybersecurity concerns of cyber leaders?

• 42% Infrastructure breakdown due to a cyberattack

• 24% Identity theft

• 20% Ransomware attack

• 10% Loss of personal assets by cyberattack

• 4% Other

Read more on WEF Global Cybersecurity Outlook 2022 - https://bit.ly/3IRPyUw

25/10/2022

The Cyber Resilience Framework (CRF) provides a clear and malleable foundation from which an organization can clearly define and understand what it means to have robust organizational cyber resilience.

This can amplify the awareness of cyber resilience best practices across industries and serve as a guidebook for those designing or strengthening their cyber-resilience approaches.

Read more in World Economic Forum’s white paper ― The Cyber Resilience Index: Advancing Organizational Cyber Resilience 👉 https://bit.ly/3TCiS82

12/10/2022

There is a high business value associated with privacy investments.

More than 5300 security professionals were asked to rate the potential benefits of their privacy investments in different areas:

• Loyalty and trust - 71%

• More attractive company - 69%

• Operational efficiency - 68%

• Agility and innovation - 68%

• Mitigating security losses - 68%

• Reducing sales delays - 63%

Read more in Cisco 2022 Data Privacy Benchmark Study - https://bit.ly/3epvf7w

04/10/2022

The evolution of breach patterns over time.

System intrusion accounted for 40% of breaches in the last year.

A system intrusion is a complex attack that leverages malware and/or hacking to achieve its objectives including deploying Ransomware.

👀 Read more on the Data Breach Investigations Report 2022 👉https://bit.ly/3wHWGjp

🔍 This report comprises Verizon and 87 partners and collaborators from across the globe who make this report possible.

📊 Verizon has collected and analysed a total of over 914,547 incidents, 234,638 breaches and 8.9 TBs of cybersecurity data to bring readers the best possible analysis and results.

27/09/2022

3 out of 5 privileged cloud users are shadow admins.

Shadow Admins are privileged users who have unauthorized privileged access acquired outside of the security team’s purview. They can perform admin-level changes that can cause damage across a cloud service.

Recommendation: Shadow Admins should be monitored the same way that you monitor your regular admins, though in most cases their privileges need to be right-sized to their role and aligned with the privileges of the non-privileged user group to which they are assigned.

Read more about trends and challenges organisations face when trying to control unsupervised identities and shadow privileges that can put data at risk across a fragmented SaaS & IaaS environment https://bit.ly/37D7OEo by Varonis

20/09/2022

What are the relations between cyber risk, cyber resilience and cybersecurity?

Cyber resilience is defined as the ability of an organisation to transcend (anticipate, withstand, recover from, and adapt to) any stresses, failures, hazards and threats to its cyber resources within the organisation and its ecosystem, such that the organization can confidently pursue its mission, enable its culture and maintain its desired way of operating.

In the next two years, cyber resilience will be a crucial development and objective.

Resilience is the key to any future-proof cybersecurity strategy.

Leaders must assume that today there is a greater likelihood of cyber incidents. Moreover, adversaries are now more capable of compromising or breaching systems or organisations.

Read more on World Economic Forum's Global Cybersecurity Outlook 2022 - https://bit.ly/3IRPyUw

13/09/2022

66% of IT decision makers responsible for their organisation’s networking, public cloud, and security said their organisation’s employees must use company-issued devices.

However, 39% of them also said Bring Your Own Device (BYOD) is allowed in some cases.

Although working from home is not unusual anymore, there are some organisations that have yet to adapt to the new work environment.

❓Does your organization require its employees to work from company-issued devices (rather than personal/BYOD devices)?

• 27% - Yes, and we exclude any BYOD usage.

• 39% - Yes, but we tolerate BYOD for some use cases e.g.: email.

• 13% - No, we require employees to sign-in to minimum BYOD security standards, but we do not actively enforce them.

• 13% - No, we require employees to sign-in to minimum BYOD security standards, and actively enforce them only at the time of use (e.g., via Zero Trust Network Access only allowing access if device is healthy).

• 5% - No, we require employees to sign-in to minimum BYOD security standards, and we actively enforce those standards all of the time through health monitoring or other solutions.

• 2% - No, and we do not require employees to sign-in to minimum BYOD security standards.

Take an in-depth look at cloud adoption, working from home, and related cybersecurity challenges 👉 https://bit.ly/3K1KvSP



Source: Barracuda, The state of network security in 2021 [n=750 IT decision makers]

06/09/2022

As privacy becomes more integrated into organisational priorities, investment continues to rise.

The average privacy budget was up by 12.5%, from $2.4M in 2020 to $2.7M last year.

👉 Spending at smaller organisations of 50-249 employees increased from $1.1M to $1.7M in 2021 (54% increase).

👉 Organisations with 250-499 employees increased from $1.6M to $2.1M (31% increase).

👉 Organisations with 500-999 employees increased from $2M to $2.3M (15% increase).

👉 Organisations with 1,000-9,999 employees increased from $2.8M to $3M (7% increase).

👉 The largest organisations (10,000+ employees) saw a slight decrease in spending
from $3.7M to $3.5M (5% decrease), after a steep increase in 2020.

Read more in Cisco 2022 Data Privacy Benchmark Study - https://bit.ly/3epvf7w

31/08/2022

Human error remains a driving force behind breaches.

This year 82% of breaches involved the human element. Whether it is the Use of stolen credentials, Phishing, Misuse, or simply an Error, people continue to play a very large role in incidents and breaches alike.

Read more on Verizon’s Data Breach Investigations Report 👉https://bit.ly/3wHWGjp

23/08/2022

For organizations that are leveraging the Continuum by using cloud and cloud-based technologies in more significant ways, the benefits include bottom-line savings such as cost reduction and increased speed to market, and top-line growth in sales via cross-sell and/or up-sell.

The percentages are based on responses regarding adoption of 25 technologies enabled by the Cloud Continuum and six Continuum practices.

Read more on how to unleash competitiveness on the Cloud Continuum by Accenture 👉https://bit.ly/3sGkJx2

16/08/2022

Top industries affected by ransomware attacks in 2021:
• Government
• Education
• Healthcare
• Technology
• Services

Check out this blog by BlackFog about the 2021 publicised ransomware attacks each month 👉 https://bit.ly/3zYKYRg