Category: Computers & Software

distributions: premium

Vulnerability Management 101 for Businesses That Care About Cybersecurity

Post author By geekytech
Post date March 20, 2023

Businesses, both small and large, rely on technology. That means using computers (and other devices), apps, software, and, of course, a connection to the internet.

And, as technology becomes more sophisticated, it also falls prey to misconfiguration and vulnerabilities.

These, in turn, can leave the business open to cyber attacks, leading to data breaches or loss control of assets.

That’s why vulnerability management is so essential.

What Is Vulnerability Management?

“Vulnerability management” refers to an integral part of cybersecurity management. It’s a task periodically carried out to identify, evaluate, remediate/mitigate, and report any potential weaknesses in a business’ network, system, infrastructure, or endpoints.

It forms a part of an overall strategy where cybersecurity is maintained by constantly evaluating risk and finding points that threat actors could use to gain access. Once these weak points are identified, the threat can be assessed and patch implementation carried out.

The reason why vulnerability management is essential is that it can help businesses reduce the avenues a threat actor has to get into the data and network of the company.

How Does Vulnerability Management Work?

As stated previously, vulnerability management is a process where a business scans its systems and network for exploitable weaknesses. It generates a list of potential “problem areas”.

These are then assessed and given a priority ranking. This ranking helps business team identify issues that need fixing first.

Since the process is periodic and ongoing, businesses can monitor all its digital assets to ensure your data stays safe.

What Is the Vulnerability Management Process?

The Vulnerability Management Policy

As with anything else in a business, vulnerability management starts with a plan. Here’s what security teams need to map out:

Prepare the vulnerability management policy: Once created, the policy should be shared with other stakeholders to get their input before proceeding further.

Create a priority system: certain systems might not require as much security as others. By creating a priority list, teams can focus on the important parts whilst giving others slightly less, but adequate, attention.

Factor in the industry- and region-specific regulations: Certain industries have to follow regulations and policies specific to the work they do. Certain regions might have more stringent regulations around cybersecurity and data protection.

Train cybersecurity and vulnerability management stakeholders: Whilst it is important that everyone in the organisation is trained on cyber secure behaviour, certain people would have to take on extra responsibilities.

For example, security officers, cybersecurity or vulnerability engineers, asset and data owners, managed security service providers (MSSPs), and other business leaders. For a smoother operation, these people should know their roles and responsibilities in the vulnerability management process.

The Vulnerability Management Process

Once the policy is drafted and in place, teams can start implementing it. The vulnerability management lifecycle can be broken down into the following steps (bear in mind, all of these steps have to be repeated regularly if you want to stay on top of threats):

Finding out the vulnerabilities: Identifying vulnerabilities in a business’ networks, systems, and IT assets can be done through vulnerability scanning (an automated process that identifies and reports exploitable weaknesses) or penetration testing (a mock attack carried out by a person who uses any weak points they find to “attack” a system like a hacker would).

Evaluating and prioritising vulnerabilities: Once there’s a list of vulnerabilities, a business doesn’t just start fixing them in any order. They need to be assessed and prioritised in order of how likely they are to be exploited and how much damage the threat actor can do through them.

It is entirely possible that there’s a vulnerability that doesn’t actually pose any threat to an organisation. That’s why they need assessing and prioritising, so serious weaknesses are dealt with first.

Remediating and mitigating: Once a team knows which vulnerabilities they need to deal with and in what order, they can start the process of fixing them. Some can be fixed with vulnerability patches. Others might not be fixable, and may require mitigation instead.

Assessing if the fixes worked: If a team doesn’t test its solutions, it won’t know whether they worked or not. This process might require additional scanning or penetration testing. That way, businesses can definitively determine if the remediation and mitigation worked.

Documenting and reporting: The team will need to document any vulnerabilities discovered as well as the steps taken towards their resolution. Of course, if there are a different sets of reports coming in from processes like scans, pen testing, or other such activities, it might help to have them all in one place.

Leading cybersecurity service provider, DigitalXRAID, recently launched a one-of-a-kind portal that “allows a company’s cybersecurity measures to be viewed from a single source and enables greater collaboration across the business.”

This portal, called OrbitalX, enables businesses to create bespoke and automated reports to provide clients with “a holistic overview and better visibility of [their] cybersecurity posture and risk.”

Reassess the cybersecurity framework from time to time: Cyber threats continue to evolve. To keep up with them, the cybersecurity industry keeps developing new methods and tools for protecting data.

A business has to keep up with both the potential threats and the available solutions in order to be truly protected. The best way of doing so is by periodically reassessing the cybersecurity framework.

Computers & Software Marketing & Sales Technology U.K Website & Blog

Gartner’s Report Discusses Four Market Trends for IT Companies in 2023

Post author By geekytech
Post date March 17, 2023

Gartner recently released a report on the four ways the technology market will change for IT companies in 2023.

According to the report, there are nine trends that would affect tech vendors but only four of them are “new” trends. The nine trends have been classified into three categories:

Increased reliance on tech

Federated enterprise tech buying
Co-innovation ecosystems
Democratisation of tech
Product-led growth

Opportunities through new tech

Digital marketplaces
Intelligent applications
Marketing and CX with metaverse tech

Impact of macro forces

Sustainable business
Techno-nationalism

Of these nine, the report focuses on:

More federated enterprise tech buying
The increase in product-led growth strategies
The rise of digital marketplaces
Metaverse technologies incorporated into marketing and CX

Important Tech Trends in 2023

More Federated Enterprise Tech Buying

In a survey conducted in 2022, Gartner found that “67% of enterprise IT decision-makers are not in IT”.

According to the report, as more and more decisions are made by non-technical stakeholders, buying the latest technology becomes less important than the outcomes and value businesses get out of them.

To use this trend optimally, Gartner recommends that businesses:

Shift their marketing strategy to focus on customer-oriented value rather than technology-based scenarios
Use their Ideal Customer Profile (ICP) to understand the buying behaviour of the target audience, and leverage that information to maximise better quality and successful deals
Guide clients who aren’t tech-educated to make better, more informed decisions

Increase in Product-Led Growth Strategies

Product-Led Growth (PLG) is a strategy where the product is used to give potential customers a taste of how it could add value to their processes. This happens before there is any sales talk.

According to Gartner, this trend is going to pick up so rapidly that PLG will become an accepted market practice by 90% of SaaS businesses in 2025. Considering that only 58% of businesses currently use this practice, that’s quite a steep rise.

Under this strategy, customers will enjoy “self-service product experiences”. The signals gathered from these would be used to create “sales-driven conversions and expansion plays”.

This strategy can offer a rapid growth pattern. However, it requires more thought than simply introducing a free version of the product and hoping it’ll lead to sales.

In order to be successful, the PLG strategy requires buyer awareness marketing as well as onboarding. Customers have to be provided with the right guidance and support. Finally, it requires a data-driven, at-scale strategy for conversion and expansion.

Of course, the entire strategy would rely on a product with an intuitive user experience, easy or quick onboarding, and the ability to quickly demonstrate value to customers.

Rise of Digital Marketplaces

Tech buyers, especially non-tech ones, are increasingly looking at digital marketplaces for buying “composable and easily consumable solutions”.

Gartner predicts that, by 2026, all major application service providers and cloud platforms will offer customers composable solutions. These will be differentiated by “quality, convenience, and security”.

In order to make the most of this trend, businesses would need to:

Identify which marketplace channel works best, based on their solution fit and the preferences of their potential customers
Understand that their customer base is shifting to a non-tech one, which means they might need to tweak their marketing strategy
Realise that they’re part of a marketplace for the benefit of their customers, so join marketplaces based on their suitability, or launch their own

More Metaverse Technology in Marketing and CX

Metaverse—described as “a collective virtual shared space”—represents various technologies. These include virtual reality (VR), augmented reality, (AR), flexible work styles, head-mounted displays (HMDs), AR cloud, internet of things (IoT), 5G, artificial intelligence (AI), and spatial computing.

(Take a look at how AI is going to disrupt digital marketing as well!)

These technologies are being used as marketing tools to generate engagement through unique experiences and memorable interactions.

Of course, since most of these technologies are quite new, it is up to businesses to determine which ones work for them and when they need to implement them. Businesses would need to evaluate how viable they are and invest in a strategy for continuous evaluation as they continue to evolve.

The trends discussed by Gartner might mean businesses will have to rethink (or at least gently tweak) their tech marketing strategy to capitalise on these. Of course, there are specialist software marketing agencies, like Geeky Tech, that could help.

However, the fact remains that we are witnessing a moment in history where a paradigm shift might be approaching. How businesses use the information from this report might be what differentiates them from their competitors.

Business Computers & Software Services Technology U.K

The Role of Cloud Data Lakehouses in Machine Learning and Deep Learning

Post author By geekytech
Post date March 17, 2023

Before one can understand the role of cloud data lakehouses in machine learning and deep learning, one needs to know what machine learning and deep learning actually are.

Anyone vaguely interested in artificial intelligence (AI) might have come across these two terms before. Contrary to some confusion, these terms aren’t interchangeable (despite both having something to do with learning). For anyone interested, here’s an article that discusses the difference between machine learning and deep learning.

It’ll clarify why structured, unstructured, and semi-structured data are all so important in artificial intelligence.

What’s the Difference Between Machine Learning & Deep Learning?

To understand how ML and deep learning differ, people first need to understand what these two types of learning are.

What Is Machine Learning?

Machine learning is the process of teaching computers to make decisions and predictions based on a bunch of rules. These include simple if-then logic, using mathematical equations, and neural network architecture.

The algorithms used to teach computers through ML generally rely on structured data.

What Is Deep Learning?

Deep learning is a process of teaching computers in a manner similar to how humans learn. Instead of using structured data with structured rules, this process uses unstructured data. Obviously, this type of learning takes longer and requires specialised AI learning processors.

Deep learning is used for AI that has to mimic human-like decision-making processes; eg., Natural Language Processing (NLP), software for self-driving vehicles, and image recognition software.

So, to summarise, machine learning is a structured learning model that takes less time, whilst deep learning is a more organic learning system, which takes longer, is more complicated, and requires complex hardware.

Machine learning is useful for solving simpler, linear problems, like classification, regression, dimensionality reduction, and clustering.

Deep learning, on the other hand, is used for solving more complex problems, where human-like thinking and processing might be required. These include image and speech recognition, AI game bots, NLP, and autonomous systems.

Structured Data vs. Unstructured Data vs. Semi-Structured Data

So, now that we know what machine learning and deep learning are, let’s move on to structured and unstructured data. As we just saw, both have a role in the development of AI. Here is the difference between the two.

Structured Data

Structured data, as the name suggests, is, well… structured. It follows a standard format and can be worked on directly. If you’ve ever worked with an Excel spreadsheet, with the information neatly organised in cells and tables, you’ve encountered structured data.

Such data is easy to store, access, and process, because it’s all so well organised.

Unstructured Data

Unlike structured data, unstructured data cannot be organised as easily. It doesn’t follow a standard format and each item in the database could have different properties. Examples of unstructured data include images, video files, audio files, social media posts, or behavioural data.

Since this data is so varied, it cannot be organised into neat little compartments. As a result, it needs more storage space and it can be slightly difficult to retrieve.

Semi-Structured Data

This type of data, whilst largely unstructured, does have some organisational logic to it. In fact, some people argue that there is no true unstructured data. Even an image will have some meta-data included, which can be used to retrieve it.

However, unlike structured data, semi-structured data too requires more storage.

This brings us to cloud data lakehouses.

What Is a Cloud Data Lakehouse?

When you want to store clean, organised structured data, you use data warehouses. These are ideal for business intelligence data.

On the other hand, if you want to store unstructured data and semi-structured data, you want data lakes. These types of data can’t be housed in neat, logical data warehouses.

But, having two types of storage for structured and unstructured data means you cannot derive benefits from both. That’s where a data lakehouse enters the picture.

A data lakehouse combines the logical, analytical storage of a warehouse with the flexibility of a data lake—ideal for an artificial intelligence model which uses both deep learning and machine learning.

Whilst a data warehouse is simple in structure, the data lakehouse architecture is largely dependent on your business’s needs. You might need an expert, like Agile Solutions, to help you design a bespoke solution.

However, having a cloud data lakehouse can be an important resource if you want to make the most of the data—both structured and unstructured—that your company owns.

Business Computers & Software Technology U.K U.S

Microsoft Introduces Closed Captions in PowerPoint Live for Teams Meetings; Presentations Expected to be More Accessible

Post author By geekytech
Post date March 17, 2023

Microsoft has reportedly rolled out the coveted Closed Caption feature in PowerPoint Live for Microsoft Teams meetings.

Announcing the release on March 6th, 2023, Microsoft said that with this new feature, users seeking to make their presentations more accessible to a larger audience can add closed captions to any video file embedded in a PowerPoint slide.

The new feature is currently available in PowerPoint for Mac and Windows operating systems, reported Commercial INTEGRATOR.

Details of the Closed Caption Feature

Microsoft expects this new feature in Microsoft Teams to help people with language barriers or hearing impairments to participate in the meetings. Participants with issues in processing auditory information, or attending a meeting from a loud place can also benefit from the feature.

Now, while in a Microsoft Team meeting, they won’t face difficulties comprehending the audio components of the video content embedded in a PowerPoint presentation being shared via PowerPoint Live.

“Closed captions make PowerPoint presentations more accessible and benefit everyone who watches videos, especially those watching videos in their non-native language, people learning to read, and individuals who are deaf or hard of hearing,” said Microsoft in one of its Tech Community posts.

Additionally, meeting attendees can also activate or deactivate captions for any video project containing a closed captions file.

Once activated, attendees can find the Closed Caption feature at the bottom of their PowerPoint slides. Microsoft confirms the new addition, when turned on by a specific meeting attendee in the Teams, will not distract others.

Adding Closed Captions

In its Tech Community post, Microsoft has broken down the process of adding closed captions to video content included in a PowerPoint presentation:

Open the required PowerPoint slide with the video content
Select the video and click Insert Captions from the Playback tab
Choose the WebVTT file or files to be added to the selected video content from the Insert Captions dialog box
Click Insert Caption to add closed captions

When this PowerPoint presentation with closed captions is shared using PowerPoint Live in Microsoft Teams, the Closed Caption feature will automatically appear for all meeting attendees.

To turn on closed captions, attendees need to:

Press the Closed Captions options on the video player in the PowerPoint Live presentation
Pick the language from the dropdown list

“Once turned on, the video closed captions will appear at the bottom of the slide for only the individual attendee, empowering each attendee to choose the closed captions setting that’s best for them without distracting other attendees who may prefer to have closed captions turned off,” explained Microsoft in the Tech Community post. “When no closed captions are available for a video, the closed captions button will be unavailable for participants to select.”

Turbocharge Your PowerPoint Presentation

With more than 500 million users worldwide, Microsoft PowerPoint seems like the obvious choice for many when it comes to creating business presentations.

However, with so much clicking, formatting, and manual calculations, creating a professional-looking presentation in PowerPoint becomes a time-intensive, cumbersome task.

For users looking to create a great-looking presentation with stunning charts, using a high-end PowerPoint add-in like think-cell is a sensible decision.

A high-quality add-in fully integrates into Microsoft office 365 and helps users impress the audience while significantly saving them time.

Wrapping Up

Microsoft stated that the Closed Caption feature is “just a beginning.” The company is committed to delivering proactive and pleasant Teams meeting experience to attendees with hearing impairments.

Computers & Software Technology U.K U.S

Atlassian Patches Critical Severity Authentication Vulnerability in Jira Software; Admins are Urged to Upgrade Their Installations

Post author By geekytech
Post date March 17, 2023

Atlassian has reportedly released multiple fixes to patch a critical severity authentication vulnerability in its powerful ITSM tool—Jira Service Management Server and Data Center.

Jira Service Management Server and Jira Service Management Data Center run on top of Jira Core and enable future-focused enterprises to connect Dev, IT Ops, and business teams to boost productivity.

Breaking Down the Vulnerability

The broken authentication issue was detected in version 5.3.0, thus affecting all subsequent Jira software versions—from 5.3.0 to 5.3.1 and 5.4.0 to 5.5.0.

Publishing an advisory, Atlassian underscored the flaw as a ‘critical severity’ authentication flaw based on the company’s specific severity code. Tracked as CVE-2023-22501, this authentication bug is rated with a CVSS score of 9.4 by the company.

This authentication bug, if unpatched, could be exploited by threat actors to impersonate authentic users and in specific cases, infiltrate Jira Service Management instances, according to Infosecurity Magazine (reported by PERTI).

“With write access to a User Directory and outgoing email enabled on a Jira Service Management instance, an attacker could gain access to sign-up tokens sent to users with accounts that have never been logged into,” the company explained in its advisory.

“Access to these tokens can be obtained in two cases: If the attacker is included on Jira issues or requests with these users, or if the attacker is forwarded or otherwise gains access to emails containing a ‘View Request’ link from these users,” Atlassian explained.

Once the vulnerability is exploited and followed by a password change, no email notifying the change is sent to the account owner, which makes the detection of the account compromisation really tough.

In the advisory, Atlassian warned users that the bot accounts are more likely to fall prey to attackers.

Until most recently, this authentication bypass issue has not been exploited maliciously in the wild.

Atlassian Urges Admins to Upgrade Their Jira Software

As part of its effort to help admins address the vulnerability, Atlassian, in the above-mentioned directory, has declared the release of patches for Jira versions 5.3.3, 5.4.2, 5.5.1, 5.6.0, and later.

The productivity software giant has urged admins to upgrade to the latest fixed versions of the software to mitigate the authentication flaw before attackers can hold sway over their accounts.

However, for users who cannot upgrade their installations immediately, Atlassian has offered a temporary workaround solution. Atlassian has provided users with a JAR file that can be used to manually update the “service desk-variable-substitution-plugin.”

Admins opting for the latest upgrades can get notified of which accounts had been compromised since deploying the older version.

However, upgrading a software instance is highly disruptive and involves intricate steps. For businesses seeking a smooth upgrade to the latest Jira versions, investing in a high-end Atlassian consultancy service like Automation Consultants is a sensible decision.

By executing periodic security audits of Atlassian products like Jira, Bitbucket, and Confluence, a class-leading consultancy service with Atlassian experts can help teams evaluate the security posture of their Atlassian stack.

Atlassian suggests admins force a password reset on all potentially compromised accounts, for which confirming their email addresses is imperative.

The company recommends users disconnect and shut down the breached server upon detecting a vulnerability in order to limit its extent.

The company confirmed Jira services hosted on Atlassian Cloud via the atlassian.net domain were not impacted by the vulnerability.

Computers & Software Manufacturing & Industry Technology U.S

Luminate Capital Partners Makes Strategic Growth Investment in Ease, Inc.

Post author By geekytech
Post date March 14, 2023

SAN CLEMENTE and SAN FRANCISCO – March 14, 2023 – Luminate Capital Partners, a private equity firm focused on enterprise software, announced last week a majority-stake growth investment in Ease, Inc. (“Ease”), a leader in manufacturing plant floor audit software.

Luminate’s investment will help Ease expand its leadership position in the manufacturing software sector by accelerating new product development, innovation, and other key growth initiatives.

The EASE plant floor audit SaaS platform is purpose-built to serve the manufacturing industry. EASE harnesses the plant floor data, provides deep insights into manufacturing processes, and delivers immediate ROI for customers via higher productivity, improved quality and safety, and lower costs and defects. EASE is used in more than 40 countries and 20+ languages to conduct millions of audits every year and is trusted by hundreds of global enterprise customers from automotive to aerospace, electronics, medical devices, food & beverage, packaging and more.

“Manufacturers are just embarking on their digital transformation journey and EASE is right at the center. We are transforming business critical audit processes and providing actionable insights in real time for all types of manufacturing,” said Eric Stoop, CEO of Ease. “Ease is proud to be able to work hand in hand with manufacturers to drive efficiency, increase quality and employee safety, and reduce risk. We are excited to start this next chapter with Luminate and leverage their extensive experience in scaling and driving growth through product expansion and innovation.”

Dave Ulrich, Partner at Luminate, said, “Ease is addressing a large global opportunity. Their innovative platform helps manufacturers simplify how they administer, conduct, and respond to plant floor audits, a process still often done manually on paper. Ease’s platform delivers significant value to customers today and we believe through additional product investment there’s opportunity to offer even more.”

“Ease has seen impressive growth in recent years,” added Chris Murphy, Operating Partner at Luminate. “We are excited to partner with the team to support their continued growth and success.”

In connection with the investment, Hollie Haynes, Chris Murphy, and Dave Ulrich will join Eric Stoop on Ease’s Board of Directors. Spotlight Equity Partners, Ease’s previous majority shareholder, will retain a minority stake.

Suken Shah, Co-Founder and Managing Partner at Spotlight said, “We have been impressed with the entire Luminate team and believe they are a great partner for Ease going forward. We look forward to collaborating with them to build on the company’s strong momentum.”

Lincoln International provided M&A advisory services to the shareholders of Ease and legal advice was provided by McDermott Will & Emery.

Kirkland & Ellis was legal advisor to Luminate.

Terms of the transaction were not disclosed.

About Ease

Ease’s multi-tenant SaaS solution is built for manufacturers of all sizes. The solution automates manual and time-consuming plant floor audits, inspections, and data collection to digitize a historically manual, paper-based approach. Leading manufacturers in 40+ countries around the world, including Dana, Eaton, and 3M, trust Ease to automate plant floor audits and keep pace with manufacturing requirements. Founded in 1986, Ease is headquartered in San Clemente, California. For more information, please visit www.ease.io.

About Luminate Capital

Luminate Capital Partners is a private equity firm investing in growth software companies, based in San Francisco. Luminate’s portfolio of market leaders has included Axonify, Conexiom, Compliance & Risks, StarCompliance, Quantivate, Thought Industries and Suralink. For more information, please visit www.luminatecapital.com.

About Spotlight Equity Partners

Spotlight Equity Partners is a private equity firm investing in enterprise software companies. Spotlight’s current portfolio of software companies includes ScaleGrid, Pharos, Nicus, cFive, SirsiDynix, and Identity Automation. For more information, please visit www.spotlightequity.com.

Media Contact:

For Ease:

Andrea Walter

Chief Marketing Officer

Ease

andrea.walter@ease.io

For Luminate:

Chris Tofalli

Chris Tofalli Public Relations, LLC

chris@tofallipr.com

Business Computers & Software Technology U.K U.S

Some Cybersecurity Trends in 2023 that Business Owners Should Be Aware Of

Post author By geekytech
Post date March 10, 2023

Cybersecurity is important. I think we can all agree about that. And, it’s forever evolving, because just as we figure out a response to a cyber threat, hackers go and find a new way of attacking.

The latest in cyber threat evolution was using AI to create malware. But, that’s not all there is to it. That’s why maintaining cybersecurity is not a one-time exercise. One needs to work hard to keep up.

And, as with anything that is ongoing, one can expect to see patterns and trends.

So, what are the cybersecurity trends we can expect to see in 2023?

AI and ML For Cybersecurity

As AI and machine learning (ML) become more sophisticated, threat actors are using these technologies to avoid detection.

The preferred method of hackers is not high-tech hacking exercises, as shown in movies. What they do almost 71% of the time is steal valid credentials and then use those to force their way into accounts.

For example, they steal an email address used to register an account on an online platform. Then, they try to brute-force their way into that account using commonly used passwords.

If they succeed in cracking the password, they’d use that email/password combination on other websites.

(That’s why you shouldn’t use the same password for different accounts.)

Now, unless they buy a stolen list of email addresses, most hackers use social engineering attacks to get people’s credentials.

With the help of AI, they are creating not just more refined malware but also phishing emails that are more personalised.

So, whilst businesses are using AI to detect cyber attacks, they end up being reactionary rather than proactive. By the time they “teach” AI how to identify a new threat, hackers have moved on to another method.

Fortunately, just as AI can be used to craft better (for lack of a better word) attacks, it can also be used to prevent them.

One of the things AI does better than you or I is speedy analysis. Where we might take us hours or days to go through data and get anything meaningful out of it, AI can do it in minutes.

As a result, its predictive analytics capabilities could be used to infer and predict threats. Once the threats have been identified, it’s easier to mitigate them with fewer resources.

Patching Open Source Code Vulnerabilities

Open source code can be very handy. But, it is also very likely to have vulnerabilities. Synopsys researchers have reported that almost 84% of open source code bases had at least one vulnerability in their Open Source Security and Risk Analysis (OSSRA) report.

The problem with weaknesses in the code is that they can be exploited by threat actors. The way to deal with them is by using penetration testing to find exploitable flaws and patching them.

(You can also make use of cloud penetration testing services from reliable service providers like DigitalXRAID. The company has also launched a first-of-its-kind cybersecurity platform.)

Simple, right?

Unfortunately, the report also found that 91% of the patches weren’t implemented. Maybe the devsecops team didn’t have enough time or resources.

Maybe they didn’t think the benefits weren’t worth risking the unintended consequences.

Or, maybe they just weren’t aware that there was an updated version of the code available.

Either way, these vulnerabilities exist and can be exploited.

To avoid that, and to potentially keep the open code they’ve used updated, businesses might need to keep a software bill of materials (SBOM). According to the report, this will include any open source code they’ve used, its licenses, versions, and patch statuses.

This practice would be very handy in making sure any open source code used by your business is not putting you at risk.

Training Employees on the Dangers of Phishing Attacks

Sometimes, when something works, there is no real need to change it up. That seems to be the case with phishing.

Phishing is a form of social engineering attack where a legit-looking email is designed to get the victim to click on a link. That, then, redirects them to a page where their info is stolen.

Apparently, hackers most often like to use (or abuse, rather) Microsoft, Amazon, DocuSign, Google, DHL, and Adobe. However, don’t be surprised to see emails from banks in your inbox as well.

Again, the best way to combat this challenge is the old-fashioned “train your employees” method. Human error is inevitable, but training people to identify emails that might be dodgy can help a lot.

As can limiting their access.

So, there you have it. Here are some ways you can keep your business safe from cyber-attacks in 2023.

Computers & Software Europe Technology U.K U.S

think-cell Software Releases Version 12 With New PowerPoint Enhancements

Post author By geekytech
Post date March 9, 2023

BERLIN, Germany – 9th March 2023 – The leading productivity software, think-cell, is rolling out its latest upgrade, which offers significant enhancements that empower users with better control, connection, and data visualization. think-cell 12 is currently available for all customers through the customer portal as well as to prospective customers through the free think-cell 30-day trial download.

The latest version of think-cell includes more of what customers already love about the software. The addition of profile charts bolsters its ever-expanding portfolio of charts and graphs, and users can expect to see even more from the company built to make PowerPoint better and PowerPoint users more productive.

think-cell 12 enables users to create rotated line charts (profile charts) and rotated combo charts. These charts enable people to tell more compelling stories using data to show the relationships between different types of data and illustrate trends over time. Like all think-cell charts, this more sophisticated visualization of data helps people make better decisions based on the information presented.

Robin Jung, Head of Product Management with think-cell is excited about what the latest version provides even beyond new charting capabilities, “think-cell 12 is proof that a series of small enhancements can make a big difference. From linking Harvey balls, checkboxes, and images to data in Excel to aligning think-cell elements on a page, think-cell continues to shave hours off your day while making every presentation work harder.”

With this latest release, users can now select individual partitions in the bubble and scatter charts directly while also applying a different fill color for each. This enhancement makes it simple to highlight the data in multiple quadrants to better distinguish what trends and insights are most important in your presentation.

On top of this, the latest software version allows users to edit the data layout of its internal datasheet and links to Excel. For users looking to link a chart to an existing Excel worksheet without modifying the layout, think-cell’s editable data layout feature is highly beneficial. Jung added, “think-cell provides even more value when using Excel linking capabilities, as customers can now highlight all linked elements in their PowerPoint presentations, which is a level of insight that up until now has not been possible.”

With its latest PowerPoint enhancements, think-cell is committed to evolving as a formidable player in the Microsoft PowerPoint and Excel add-in market. Jung sees the latest release as a significant milestone for think-cell, “We have an extremely stable product with millions of users around the world. We are going to continue to build on this foundation to ensure that customers are not only more productive, but also can move business forward by accelerating the myriad of decisions that surround the presentation process.”

About think-cell

Founded in Berlin in 2002, think-cell is the de facto standard for creating professional presentations in PowerPoint. With productivity tools and support for 40+ chart types, 9 of the top 10 global consulting firms rely on think-cell, it’s the software of choice for the Fortune 500 and taught at 9 of the top 10 business schools.

To learn more about think-cell and download a fully functional 30-day trial version, please visit https://www.think-cell.com

Business Computers & Software Technology Transportation & Logistics World

Aramtec Adopts RISE with SAP and S/4HANA to Accelerate Digital Transformation

Post author By geekytech
Post date March 9, 2023

One of the longest-established foodservice businesses in Dubai, Arabian American Technologies Co. (Aramtec), is reportedly adopting RISE with SAP and S/4HANA.

The company has curated a year-long strategy—Project Phoenix—as part of its effort to facilitate the implementation of RISE with SAP and S/4HANA and transform it into a fully SAP-powered Intelligent Enterprise, according to Intelligent CIO.

RISE with SAP and S/4HANA

For SAP enterprises operating their SAP workloads on the cloud or on-premise, RISE with SAP helps streamline business processes for workflow efficiency while unifying cost and business goals with the OPEX-based cost model.

Enabling businesses to use a range of SAP tools, RISE with SAP expands the value SAP delivers beyond ERP functionality to holistic business value.

On the other hand, S/4HANA allows SAP enterprises to shift and modernise to the cloud and leverage the in-memory database technology.

That being said, SAP S/4HANA is not competitive with or separate from RISE with SAP—it’s one of the six primary offerings included in RISE’s bundled solutions.

For companies looking to accelerate business agility and digital transformation, adopting RISE with SAP or S/4HANA is a sensible decision.

On top of that, with SAP ECC mainstream support phasing out in 2027, enterprises are quickly migrating to SAP S/4HANA.

Even though these technologies help drive business value, assimilating new systems requires enterprises to invest in SAP consulting services like Protera. With operational support and strategic guidance, SAP consulting services help SAP-focused companies make the most of their investment.

Aramtec’s Move to SAP

The increasing need for improved visibility, scalability, and control over supply chain operations is pushing enterprises toward cloud deployments. As part of its effort to become digitally empowered and transform into a cloud-based company, Aramtec has decided to leverage the innovative systems offered by the leading multinational software company SAP SE.

The company hopes SAP’s experience in the food industry and supply chain management will help automate and enhance its end-to-end processes of delivering food services to airlines, hotels, restaurants, and various commercial F&B outlets.

“Our objective is to capitalise on the digitisation and automation benefits of technology to run our business more smoothly and to optimise our productivity and efficiency. We are set to achieve greater visibility and control over all areas of Aramtec’s operations as well as our complex supply chain and distribution network, as we have more than 2000 stock-keeping units, SKUs distributed to thousands of customers,” stated Edgard Chalhoub, General Manager of Aramtec. “Ultimately, Aramtec will have the capacity to respond quickly to our customers’ needs and changes in the supply chain environment.”

Zakaria Haltout, Managing Director of SAP UAE, went on to say, “The commitment Aramtec has made to becoming an SAP-designated Intelligent Enterprise means it is aligned with regional digital transformation plans while enhancing the services it delivers to existing and new-market customers. By leveraging SAP’s cloud-based S, 4HANA, Aramtec will benefit from the latest SAP technologies and updates. It will enjoy precise stock control and record keeping, 360-degree views of all operations, automation of business processes, reduced total cost of ownership, and the ability to manage business change and scale operations rapidly.”

Business Computers & Software Technology U.K U.S

Olive AI to Divest its Second Business Line; Plans to Focus on Health System RCM

Post author By geekytech
Post date March 6, 2023

Healthcare automation service Olive AI is reportedly planning for the sell-off of its utilisation management service line.

Utilisation Management is the company’s prior customer-facing authorisation system with solutions that accelerate the manual operations in GreenLight laser treatment.

The divestiture is part of this Columbus-based tech unicorn’s effort to centre its focus on administrative automation for healthcare, according to THE BUSINESS JOURNALS.

“Earlier this month, [CEO Sean Lane] announced that Olive would no longer be offering UM solutions to allow the company to strengthen its core area of focus, building automation and intelligence technology for health systems that make their revenue cycle operate more effectively and efficiently,” according to a spokesperson from Olive AI.

Why Divest Now??

Sean Lane, co-founder and CEO of Olive AI, blamed tough economic headwinds for the divestiture. The CEO also mentioned that the Columbus health IT business made mistakes when it was in high-growth mode.

In an all-staff memo published on February 09, 2023, the CEO shed light on the substantial and unexpected shortfall in the capital plan now facing the company, two years after it brought in around USD 400M to turbocharge the growth of ‘humanised’ AI for healthcare.

“In our current position, we cannot make the necessary investments to be successful in transforming both Autonomous Revenue Cycle and Utilisation Management journeys for our customers,” Lane said in the memo. “We must prioritise and direct our critical resources toward Olive’s established strengths.”

“This means a return to our core area of focus: building automation and intelligence technology for health systems that make their revenue cycle operate more effectively and efficiently.”

Consequences of the Carve-out Transaction on Employees

According to the memo, Olive AI Inc. is set to lay off 215 employees as it seeks to eke out growth by cutting costs and shifting the focus to its core product lines. The recent reduction in staff comprises around 35% of its workforce, leaving approximately 630 staffers.

This declaration of workforce reduction came on Thursday, February 2, 2022. In July 2022, the company cut around 450 staff who accounted for 31% of the total workforce.

However, the Columbus company refused to provide any further details on the specifics of the equity carve-out—such as the approximate time and size of the division, prospective buyers, etc.

According to the notice filed with the Ohio Department of Job and Family Services, in order to notify receivers of the upcoming cut in workforce, the layoff would involve a total of 209 positions, including an EVP (executive vice president) and some senior staff.

“I know this is not easy news to hear,” Lane stated. “I regret that we are in this position, and I apologise for the impact it will have on the lives of our team members. I’d like to express my gratitude for everything you’ve done to make an impact in healthcare.”

The company is committed to keeping the customers and the remaining staffer updated on the details of the transaction as it takes shape.

In October 2022, Olive divested its population health and $340B product lines to sister company Rotera, as two of its customers had ceased doing business with Olive.

Overcoming Divestiture Challenges

Irrespective of the size of the division, carving out the equity of a company is a complex task that requires an effort in coordination to be successful.

For companies looking to ensure a seamless divestiture with minimum business disruption, investing in a high-end carve-out service like Fission Consulting is a sensible decision.

A class-leading service helps clients evade uncertainty while also accelerating the timeline.

Wrapping Up

The CEO of Olive AI hopes the divestiture would help the company defy the current economic downturn by enabling the employees to focus more on strengthening Olive’s core services and product lines.