Connect with us

BizNews

Security response planning on the rise, but containing attacks remains an issue – IBM

While organizations surveyed have slowly improved in their ability to plan for, detect and respond to cyberattacks over the past five years, their ability to contain an attack has declined by 13% during this same period.

Published

on

IBM announced the results of a global report examining businesses’ effectiveness in preparing for and responding to cyberattacks. While organizations surveyed have slowly improved in their ability to plan for, detect and respond to cyberattacks over the past five years, their ability to contain an attack has declined by 13% during this same period.

The global survey conducted by Ponemon Institute and sponsored by IBM Security found that respondents’ security response efforts were hindered by the use of too many security tools, as well as a lack of specific playbooks for common attack types.

While security response planning is slowly improving, the vast majority of organizations surveyed (74%) are still reporting that their plans are either ad-hoc, applied inconsistently, or that they have no plans at all. This lack of planning can impact the cost of security incidents, as companies that have incident response teams and extensively test their incident response plans spend an average of $1.2 million less on data breaches than those who have both of these cost-saving factors in place.

The key findings of those surveyed from the fifth annual Cyber Resilient Organization Report include:

  • Slowly Improving: More surveyed organizations have adopted formal, enterprise-wide security response plans over the past 5 years of the study; growing from 18% of respondents in 2015, to 26% in this year’s report (a 44% improvement).
  • Playbooks Needed: Even amongst those with a formal security response plan, only one third (representing 17% of total respondents) had also developed specific playbooks for common attack types — and plans for emerging attack methods like ransomware lagged even further behind.
  • Complexity Hinders Response: The amount of security tools that an organization was using had a negative impact across multiple categories of the threat lifecycle amongst those surveyed. Organizations using 50+ security tools ranked themselves 8% lower in their ability to detect, and 7% lower in their ability to respond to an attack, than those respondents with less tools.
  • Better Planning, Less Disruption: Companies with formal security response plans applied across the business were less likely to experience significant disruption as the result of a cyberattack. Over the past two years, only 39% of these companies experienced a disruptive security incident, compared to 62% of those with less formal or consistent plans.

“While more organizations are taking incident response planning seriously, preparing for cyberattacks isn’t a one and done activity,” said Wendi Whitmore, Vice President of IBM X-Force Threat Intelligence. “Organizations must also focus on testing, practicing and reassessing their response plans regularly. Leveraging interoperable technologies and automation can also help overcome complexity challenges and speed the time it takes to contain an incident.”

Updating Playbooks for Emerging Threats
The survey found that even amongst organizations with a formal cybersecurity incident response plan (CSIRP), only 33% had playbooks in place for specific types of attacks. Since different breeds of attack require unique response techniques, having pre-defined playbooks provides organizations with consistent and repeatable action plans for the most common attacks they are likely to face.   

Amongst the minority of responding organizations who do have attack-specific playbooks, the most common playbooks are for DDoS attacks (64%) and malware (57%). While these methods have historically been top issues for the enterprise, additional attack methods such as ransomware are on the rise. While ransomware attacks have spiked nearly 70% in recent years, only 45% of those in the survey using playbooks had designated plans for ransomware attacks.

Additionally, more than half (52%) of those with security response plans said they have never reviewed or have no set time period for reviewing or testing those plans. With business operations changing rapidly due to an increasingly remote workforce, and new attack techniques constantly being introduced, this data suggests that surveyed businesses may be relying on outdated response plans which don’t reflect the current threat and business landscape.

More Tools Led to Worse Response Capabilities
The report also found that complexity is negatively impacting incident response capabilities. Those surveyed estimated their organization was using more than 45 different security tools on average, and that each incident they responded to required coordination across around 19 tools on average. However, the study also found that an over-abundance of tools may actually hinder organizations ability to handle attacks. In the survey, those using more than 50 tools ranked themselves 8% lower in their ability to detect an attack (5.83/10 vs. 6.66/10), and around 7% lower when it comes to responding to an attack (5.95/10 vs. 6.72/10).

These findings suggest that adopting more tools didn’t necessarily improve security response efforts — in fact, it may have done the opposite. The use of open, interoperable platforms as well as automation technologies can help reduce the complexity of responding across disconnected tools. Amongst high-performing organizations in the report, 63% said the use of interoperable tools helped them improve their response to cyberattacks.

While security response planning is slowly improving, the vast majority of organizations surveyed (74%) are still reporting that their plans are either ad-hoc, applied inconsistently, or that they have no plans at all.

Better Planning Pays Off
This year’s report suggests that surveyed organizations who invested in formal planning were more successful in responding to incidents. Amongst respondents with a CSIRP applied consistently across the business, only 39% experienced an incident that resulted in a significant disruption to the organization within the past two years  compared to 62% of those who didn’t have a formal plan in place.

Looking at specific reasons that these organizations cited for their ability to respond to attacks, security workforce skills were found to be a top factor. 61% of those surveyed attributed hiring skilled employees as a top reason for becoming more resilient; amongst those who said their resiliency did not improve, 41% cited the lack of skilled employees as the top reason.

Technology was another differentiator that helped organizations in the report become more cyber resilient, especially when it comes to tools that helped them resolve complexity. Looking at organizations with higher levels of cyber resilience, the top two factors cited for improving their level of cyber resilience were visibility into applications and data (57% selecting) and automation tools (55% selecting). Overall, the data suggests that surveyed organizations that were more mature in their response preparedness relied more heavily on technology innovations to become more resilient.

BizNews

Shopee improves platform to help MSMEs embrace digital transactions

Shopee continues to expand its workable digital platform to help retailers future-proof their businesses, embrace digitalization, and establish a successful online presence. Shopee proves its commitment to support MSMEs by developing the Shopee Seller Education Hub, maintaining a robust digital infrastructure, and reinforcing partnerships with various organizations.

Published

on

Shopee, an e-commerce platform in Southeast Asia and Taiwan, continues to enhance its robust e-commerce ecosystem to help entrepreneurs and MSMEs go digital more seamlessly and effectively. 

With most physical stores forced to close due to the pandemic, there has been a steady increase of online sellers onboarding the platform. With this, Shopee continues to expand its workable digital platform to help retailers future-proof their businesses, embrace digitalization, and establish a successful online presence. Shopee proves its commitment to support MSMEs by developing the Shopee Seller Education Hub, maintaining a robust digital infrastructure, and reinforcing partnerships with various organizations. 

Martin Yu, Director at Shopee Philippines, points out how important it is for businesses to embrace digitalization. “The global situation has accelerated digital transformation, as more brands and MSMEs explore the opportunities of e-commerce to reach a wider audience. As the marketing landscape changes at a rapid pace, Shopee will continue to offer improved in-app features and initiatives to cater to the growing demand for e-commerce here in the Philippines.” 

Shopee Seller Education

The Shopee Seller Education Hub hosts modules on how to cultivate an online presence and boost sales. It helps MSMEs ease their way into the digital world through seller masterclasses tackling various e-commerce topics. These include sharing how-tos on running effective campaigns and growing the business, proper guidelines on handling return and refund requests, managing listing assets, boosting sales using available marketing tools, and creating awareness of the target market through activity and business insights.

Strong Marketing Tools

Shopee continues to help sellers maximize the features of its platform, engage with customers online, and understand the industry as a whole. With in-app features such as Shopee Live and  ShopeePay, sellers can enjoy a smooth and engaging selling experience on the platform. 

Shopee Live is an in-app feature where sellers can interact with their customers and answer real-time questions and inquiries regarding a product. This feature gives the seller and the consumer a more connected shopping experience. 

Shopee Live added three new features to make online shopping more engaging and drives sales for businesses. 

  • The ‘Mine’ Feature 

Users can reserve an item during a live stream by tapping the ‘Mine’ button. It will generate the usernames of the first ten tappers so that the seller can contact the buyers to make the sale*. 

  • The Poll Feature Guide

Sellers can create engaging polls about trivia and questions. The Poll Feature also helps sellers decide which items are requested by the viewers. 

  • The Co-streaming Feature

Sellers can invite their viewers to join them in the stream and is best used when a seller wants to increase their engagement through games and interactions. 

Seamless and convenient digital payments 

ShopeePay, Shopee’s in-app e-wallet, on the other hand, allows shoppers to pay for purchases and sellers to withdraw earnings conveniently. Recently, ShopeePay also added more billers to its lineup. Users can now top-up RFID stickers, pay for NBI clearance applications, and pay for their Smart mobile plans, Meralco electricity bills, Maynilad bills, and many more.

Reinforced Partnerships

Through strategic partnerships with government agencies and various organizations, Shopee can reach more MSMEs effectively and help them expand their businesses on Shopee’s platform. Joint initiatives with the government include CTRL + BIZ: Reboot Now!, a series of webinars where MSMEs can learn how to transform their businesses digitally.

Shopee also partnered with regional and provincial DTI offices in providing masterclasses to sellers. Shopee assisted in onboarding sellers from Regions III, IV, and XII, and provinces such as Nueva Ecija and Zambales. Shopee partnered with foreign organizations such as USAID to provide more than 500 women entrepreneurs with integrated digital marketing training. These programs help sellers maximize the use of digital platforms to expand and boost their businesses.

Yu said, “Shopee wants to make e-commerce accessible for everyone. Our goal is to evolve quickly to cater to our customers’ and sellers’ needs. Shopee continuously provides different initiatives that enable our retailers to go digital easily and quickly. It is a commitment that we take seriously, and we will continue to connect people and businesses, support MSMEs’ transition to a digital economy, and power the next wave of growth in the industry.”

Download the Shopee app for free on the App Store or Google Play Store. 

Continue Reading

BizNews

COVID-19 accelerating skills gap, raising employee expectations of their employers – IBM

71% of high performing companies surveyed report they are widely deploying a consistent HR technology architecture, compared to only 11% of others.

Published

on

Photo by fauxels from Pexels.com

As many business leaders look to close the skills gap and cultivate a sustainable workforce amid COVID-19, a new IBM Institute for Business Value (IBV) studyreveals less than 4 in 10 human resources (HR) executives surveyed report they have the skills needed to achieve their enterprise strategy.

Pre-pandemic IBM research in 2018 found as many as 120 million workers surveyed in the world’s 12 largest economies may need to be retrained or reskilled because of AI and automation in the next three years. That challenge has only been exacerbated in the midst of the COVID-19 pandemic – as many C-suite leaders accelerate digital transformation, they report inadequate skills is one of their biggest hurdles to progress.

Ongoing IBM consumer research also shows surveyed employees’ expectations for their employers have significantly changed during the COVID-19 pandemic but there’s a disconnect in how effective leaders and employees believe companies have been in addressing these gaps. 74% of executives surveyed believe their employers have been helping them learn the skills needed to work in a new way, compared to just 38% of employees surveyed, and 80% of executives surveyed said their company is supporting employees’ physical and emotional health, but only 46% of employees surveyed agreed.

“Today perhaps more than ever, organizations can either fail or thrive based on their ability to enable the agility and resiliency of their greatest competitive advantage – their people,” said Amy Wright, managing partner, IBM Talent & Transformation. “Business leaders should shift to meet new employee expectations brought on by the COVID-19 pandemic, such as holistic support for their well-being, development of new skills and a truly personalized employee experience even while working remotely. It’s imperative to bring forward a new era of HR – and those companies who were already on the path are better positioned to succeed amid disruption today and in the future.”

The new IBV study, “Accelerating the journey to HR 3.0,”conducted in partnership with global independent analyst Josh Bersin of the Josh Bersin Academy, includes insights from more than 1,500 global HR executives surveyed in 20 countries and 15 industries. Based on those insights, the study provides a roadmap for the journey to the next era of HR, with practical examples of how HR leaders at surveyed “high-performing companies” – meaning those that outpace all others in profitability, revenue growth and innovation – can reinvent their function to build a more sustainable workforce.

Additional highlights from the study include:

  • Nearly six in 10 high performing companies surveyed report using AI and analytics to make better decisions about their talent, such as skilling programs and compensation decisions. 41% are leveraging AI to identify skills they’ll need for the future, versus 8% of responding peers.
  • 65% of surveyed high performing companies are looking to AI to identify behavioral skills like growth mindset and creativity for building diverse adaptable teams, compared to 16% of peers.
  • More than two thirds of all respondents said agile practices are essential to the future of HR. However, less than half of HR units in participating organizations have capabilities in design thinking and agile practices.
  • 71% of high performing companies surveyed report they are widely deploying a consistent HR technology architecture, compared to only 11% of others.

“In order to gain long-term business alignment between leaders and employees, this moment requires  HR  to operate as a strategic advisor – a new role for many HR organizations,” said Josh Bersin, global independent analyst and dean of the Josh Bersin Academy.  “Many HR departments are looking to technology, such as the cloud and analytics, to support a more cohesive and self-service approach to traditional HR responsibilities.  Offering employee empowerment through holistic support can drive larger strategic change to the greater business.”  

Report findings suggest three core elements to promote lasting change

According to the report, surveyed HR executives from high-performing companies were eight times as likely as their surveyed peers to be driving disruption in their organizations. Among those companies, the following actions are a clear priority:

  • Accelerating the pace of continuous learning and feedback
  • Cultivating empathetic leadership to become a more health-oriented company and support employees’ holistic well-being
  • Reinventing their HR function and technology architecture to make more real-time data-driven decisions

Burger King Brazil is an example of a company who rapidly responded to new employee expectations and needs presented by this moment. Burger King Brazil worked with IBM to create a new virtual assistant based on IBM Watson Assistant, which helped during the pandemic to provide its workforce with self-service support and more transparent communications and connection to each other and company leadership. The solution supports its 16,000 employees, and on average responded to 1,100 questions per day in April alone.

Continue Reading

BizNews

Empowering employees through tech can supercharge returns – Lenovo

IT leaders are reporting a 5x return (USD $1 spent on these programs yields USD $5 of increased staff productivity, organizational agility and customer satisfaction), with many expecting to increase their investment by nearly 25 percent in two years.

Published

on

A new Lenovo and Intel commissioned study, “Empower Your Employees with the Right Technology,” conducted by Forrester Consulting, has found that the impact of technology in improving the employee experience (EX), or an employee’s full journey in an organization, is much more than anticipated — highlighting opportunities for organizations’ IT decision makers (ITDMs) in today’s remote and hybrid work environment.

The key insight points out that while companies on average see a 5x return on investment in the EX driven by increased productivity, organizational agility and customer satisfaction, ITDMs and employees disagree on technology priorities. While ITDMs are prioritizing strategic IT integration, software and service needs, employees are more focused on their fundamental daily technology experience.

This suggests that business leaders have room to collaborate more closely with employees on their IT purchase decisions to elevate team engagement, increase customer satisfaction and improve the bottom line.

Bridging the divide between employees and IT decision makers

With organizations now shifting their focus toward remote and hybrid work, ITDMs are upgrading devices, software and services as part of EX initiatives to improve team engagement and satisfaction. Based on the research findings, this has led to more tech spending. IT leaders are reporting a 5x return (USD $1 spent on these programs yields USD $5 of increased staff productivity, organizational agility and customer satisfaction), with many expecting to increase their investment by nearly 25 percent in two years.

Yet employees still report that they’re frustrated with their PC hardware and software experience:

  • Fifty (50) percent of respondents say their PC devices are out of date or insufficient (e.g. not fast enough, reliable enough or powerful enough)
  • Forty-six (46) percent note their software frequently malfunctions and disrupts their work
  • Only 33 percent are extremely satisfied with the current laptop provided by the company
  • Only 30 percent said their laptops or desktop work well for cross-collaboration.

Importantly, ITDMs and employees both define employee satisfaction with technology as a crucial goal. Satisfaction with technology also has the greatest observable positive impact: nearly 60 percent of ITDM respondents noted a more than 10-percent increase in EX scores by improving employee satisfaction with technology. It’s evident that IT departments and the technologies they offer are instrumental to driving EX, beyond conventional factors such as human resources, worker benefits and more.

Yet again, there is a clear disconnect between employees and these ITDMs, whose primary concerns are the longevity of their technology investments rather than its impact on team engagement. According to the study, whereas 84 percent of ITDMs believe employees can easily switch to a different PC device if their current one needs to be replaced, only half of employees agree that’s an available solution. Ultimately, both ITDMs and employees agree that refresh cycles can be improved and better aligned. In addition, ITDMs believe the integration of hardware and software will impact EX the most, whereas employees simply want devices that work consistently.

Prioritizing employees to better leverage technology investments

The study outlines a few key recommendations on how business leaders can better improve employee engagement and business outcomes through technology investments.

  • Realign investments. While many ITDMs are investing resources into exploring newer, emerging technologies such as 5G, augmented and virtual reality (AR/VR), and artificial intelligence (AI) or machine learning tools, based on worker respondents’ feedback there is an opportunity to focus first on immediate employee priorities—building a strong foundation of collaboration tools and PC devices—while IT departments explore more advanced technology tools in parallel.
  • Reorganize priorities. Decision-makers should also focus on improving EX vs only focusing on specific productivity metrics. In fact, according to the study nearly 80 percent of ITDMs plan to focus on improving employee engagement over the next few months.
  • Focus on PCs. PCs have become critically important to employees, with 77 percent of full-time employees saying that PC devices are a critical factor in their daily work and collaboration with one another. A renewed focus on PCs can make the greatest impact on the bottom line and customer satisfaction, with most respondents agreeing that PC devices are critical to increasing customer satisfaction (69 percent), revenue growth (62 percent) and employee retention (55 percent).
  • Involving employees in PC investment decisions. Overwhelmingly (72 percent) of employees responded that listening to workers or getting clarity on what they need ranks in the top three of what companies should do to improve EX. This feedback is important, as employees understand their work devices’ value in driving business outcomes, based on technology factors such as performance, connectivity, reliability, portability, size/weight, battery life and more. Listening to employee feedback can go a long way towards making the case for better technology options.

“Our new study findings further affirm our belief in the strategic importance of technology as critical investments, and not as simple transaction costs. The right deployment of technologies delivering returns can far exceed the initial expense of new business models and opportunities,” said Christian Teismann,  President, Commercial PC and Smart Devices Business, Lenovo. “Given employees are a company’s greatest asset, the study further maps out opportunities to uplift the return on technology investment by focusing on PC devices and collaboration tools, while better involving employees in purchase decisions. In today’s new remote and hybrid work set-up, these steps are pivotal for companies in yielding opportunities that go far beyond the initial spend on their technology.”

Continue Reading

Trending