Where are you on your company’s journey to personalize the customer’s experience? Are you one of the 89% of digital businesses that are investing in personalization – companies like Coca-Cola, Fabletics, Netflix, Sephora, USAA, and Wells Fargo. What’s new now? Businesses need to evolve their definition of personalization – from tactical segmentation, to stra […]
Dear Marketers, I know how important it is to you to grow revenue. I also know how that focus will help expand your remit — to align with your organization’s strategic priorities and rally around an explicit path to revenue. Any of these 20 examples (and countless more) are more substantial, manageable, and productive than an […]
To provide great CX reliably and efficiently, companies must master the six competencies of customer experience management (CXM): research, prioritization, design, enablement, measurement, and culture. Unfortunately, common misconceptions can cause even the most experienced CX professionals to stumble along the path to CXM maturity. In our new report, Avoid […]
WHAT DO EMOTIONS HAVE TO DO WITH BRANDING STRATEGY? I sat as a silent observer at an internal marketing workshop of a multi-billion-dollar consumer brand. They spoke for three hours about being customer-obsessed. They never spoke about the customer. That’s the old way of marketing. As a profession, we’ve talked the talk about customer […]
Rik Reppe, advisory partner at PwC’s The Difference, summarizes the crux of most CX practices today by saying, “[As a CX pro] you may have 1,000 projects you could do, 100 projects you should do, and 10 projects you can do.” So which ones do you do – and more importantly, which ones do you say no to? For a customer experience (CX) […]
It’s painful to watch marketers struggle with social network updates. Despite the struggle, executing the latest Facebook or Instagram format seems to occupy more mind share than the due diligence of ascertaining whether consumers want the content in the first place. This is one of the reasons brand value and customer experience remain front and […]
A few weeks ago, the China Industrial Internet Summit — the country’s leading industrial internet conference — was held in Beijing. Dozens of leading manufacturing firms and technology vendors from the US, Germany, and Japan shared their latest achievements and future strategies with thousands of participants. The weather was cold, but the industrial interne […]
There’s a lot of talk about the digital twin in the business world these days, but the definition remains murky. Think of the digital twin as a virtual mirror. If you move one way – so does your reflection. Your reflection is also unique to you. If someone else stepped in front of the mirror, even a sibling, what appeared in the mirror […]
Your current market position is no guarantee for transforming into a successful digital business. To enhance their innovation capabilities and boost the necessary culture change, many traditional businesses are looking to startups as one option to drive service differentiation. Transformative innovation supports the shift toward a customer-obsessed strategy. […]
Palo Alto Networks (PAN) today announced plans to acquire Evident.io, a predominantly API-based cloud monitoring vendor for $300 million in cash. Evident.io has a large mind share among Forrester’s end user clients and is also regularly mentioned by other cloud workload security management (CWS) vendors as a viable competitor. With PAN expanding Aperture int […]
By leveraging the increasing interest among women in technology today and inspiring teenagers and young girls into the sector through education, industry leaders could dramatically reduce the workforce deficit.
Chatbots are a recent trend in marketing automation, designed to enhance customers’ digital journeys and elicit more information from consumers. This report evaluates the impact of GDPR will have on the use of chatbots and provides an overview of topics to be considered in order to ensure compliance.
by Alexei BalaganskiRecently, Microsoft has announced general availability for another addition to their cybersecurity portfolio: Azure Advanced Threat Protection (Azure ATP for short) – a cloud-based service for monitoring and protecting hybrid IT infrastructures against targeted cyberattacks and malicious insider activities. The technology behind this serv […]
Pressured by the Digital Transformation, corporate networks are becoming increasingly complex, spanning across multiple geographical locations and technology platforms. Unfortunately, even as companies are becoming more open to the outside world, different business units within the same company still remain essentially isolated when it comes to consistently […]
by Mike SmallThe cloud provides an alternative way of obtaining IT services that offers many benefits including increased flexibility as well as reduced cost. This document provides an overview of the approach that enables an organization to securely and reliably use cloud services to achieve business objectives.
by John TolbertThe Revised Payment Service Directive (PSD2) mandates thatservice providersevaluatetransaction requests for signs of malware infection. In order for transactions to be considered low-risk, there must be no signs of malware infection in any sessions of authentication events.
Obwohl der Markt mit einer großen Anzahl von Sicherheitslösungen reagiert und die Budgets für Cybersicherheit ständig wachsen, scheinen sich viele Unternehmen immer noch auf den Schutz von Endgeräten und Netzwerken zu konzentrieren. Sie übersehen dabei das kritischste Ziel in ihren Reihen - die Menschen. Aktuelle Studien zeigen deutlich, dass Hacker sich dav […]
by Anmol SinghCyberArk, an overall leader in privilege management according to KuppingerCole Leadership Compass on Privilege Management, announced yesterday that it has acquired certain assets in a privately held America-based Israeli cloud security provider, Vaultive. Data encryption has emerged as a key inhibitor for organizations seeking to adopt cloud se […]
With only weeks to go until the EU GDPR (General Data Protection Regulation) takes effect on May 25th, global businesses are scrambling to figure out how to avoid the hefty fines that loom for companies failing to achieve compliance. Sanctions for non-compliance are very severe with penalties of up to 4% of annual worldwide turnover.
Traditionally, security was about cost avoidance. It was thought of like insurance – something you have to have in case something bad happens, but not something that would boost the bottom line or attract customers. But in today’s environment, we are increasingly seeing that security is about more than cost avoidance; done right, it creates a competitive adv […]
Are you struggling to respond to customer and prospect concerns about the security of your application? Do you know what good application security looks like, or how to get there? CA Veracode is pleased to announce the CA Veracode Verified program. With CA Veracode Verified, you prove at a glance that you’ve made security a priority, and that your security p […]
We talk a lot about the need for development teams to create security champions. With the shift to DevOps – and the intersecting of development, security, and operations teams – development and security teams can no longer operate in their traditional silos. Each team needs to not only work closely together, but also have a much deeper understanding of each […]
Spring Break, the latest named vulnerability, is more serious than the moniker implies. Spring Break is a critical remote code execution vulnerability in Pivotal Spring REST, one of the most popular frameworks for building web applications, and the effects of this vulnerability are widespread. A patch for Spring Break has been available since September of la […]
The complexities of developing secure software aren't lost on anyone in the business world. One tool development teams have used to adapt to today's challenging environment is software containers, which allow applications to run reliably on different platforms and systems. Today, organizations use containers to address a wide range of development […]
The discussion surrounding which is superior – binary or source code scanning – has plagued the static analysis market since its inception. A source code scanner analyzes un-compiled code, whereas a binary scanner analyzes compiled code, but in the end, the result is the same. They are simply two engineering solutions for the same problem. However, as a fund […]
Our economy is almost entirely digitized. Modern businesses rely on software to run their day-to-day operations, and, as such, innovation must meet the demands of an ever-evolving market. However, business leaders are at a crossroads when it comes to securing their digital assets. As organizations migrate towards development practices like DevOps, the need t […]
The speed and scope of software development today is creating new challenges in ensuring the security of software. But they also create the opportunity to finally get application security right. Both the challenge and the opportunity stem, in part, from the fact that security is “shifting left.” The responsibility for ensuring the stability and security of s […]
March 1, 2018 marks the end of the one-year transition period for the New York Department of Financial Services (NYDFS) cybersecurity regulation. The passage of this date means affected organizations — including banks, insurance companies, and other financial services companies licensed by or operating in New York State — must be in compliance with a raft of […]
The shift to DevOps and DevSecOps has already happened, it's only a question of when we all catch up. Organizations in all industries are creating software not only faster, but also in more precise, collaborative and incremental ways than ever before. In fact, we’ve seen the shift in our own customer base, where the percentage of applications scanned fo […]
Leverage next generation cyber security technology to curtail lateral movement should hackers gain a foothold inside your network. The post Limiting Losses from Cyber Attacks with Privileged Identity Management appeared first on Identity Week.
RED Systems Management can quickly block access to the files NotPetya intends to use to infect you. With patented Access Control List (ACL) management technology, RED Systems Management can lockout NotPetya from executing on client systems. The post Battling the NotPetya (Petna) Ransomware appeared first on Identity Week.
It’s been said that speed kills. But in cyber warfare, speed heals. That’s because with today’s advanced cyber attacks, you need to move faster than the attackers to minimize damage. The post In Cyber Warfare, Speed Heals appeared first on Identity Week.
Stolen passwords are the leading cause of hacking-related data breaches. To discuss what can be done to mitigate this security vulnerability, Identity Week spoke with Steve Tout, CEO of VeriClouds. The post Protecting Against Stolen Passwords – a Q&A with Steve Tout of VeriClouds appeared first on Identity Week.
Two years removed from the announcement of the attack, we can now take a look at the lessons we learned from the OPM data breach. The post Lessons Learned from the OPM Data Breach – Two Years Later appeared first on Identity Week.
The security of your entire network is only as good as your least secure server. And, relegating the Unix/Linux infrastructure to a status of any lesser degree is the attack surface that hackers are looking to exploit. The post Securing Identities – Don’t Forget Unix and Linux Servers appeared first on Identity Week.
Watch this FedScoop video interview of IT security expert Philip Lieberman to find out how federal government agencies can redesign their networks for better resilience against cyber attacks. The post Video: Cyber Defense for the Federal Government appeared first on Identity Week.
Now we’ll take a look at the three practices we regularly see in the most mature Privileged Identity Management programs. The post Best Practices in Privileged Identity Management – Part Four appeared first on Identity Week.
Your organization has been breached. What do you do now? Philip Lieberman explains in this 4-minute Game Changers Silicon Valley interview. The post Video: Cyber Security Detection appeared first on Identity Week.
I am reading a fascinating book, “Identity is the New Money,” by David Birch. The book was published three years ago, but I find it extremely relevant today. I just read this paragraph: Identity becomes the key to transactions and a crucial individual resource that needs to be looked after by responsible organizations. We all need to […]
As I read a recent Risk Management Monitor article “Companies Must Evolve to Keep Up With Hackers,” I couldn’t help but think – at what cost? Perhaps you can calculate the amount a company spends on tools and processes to defend against cyberattacks, and perhaps even justify that expense by attempting to estimate the cost of a […]
Yesterday, I blogged about the inherent conflicts of interest that exist with most current or potential Identity Providers. Is it just coincidence that today I would read a post on LinkedIn by Gary Rowe, CEO/Principal Consulting Analyst at TechVision Research, highlighting the TechVision Research report, “Banking on Identity?” The report offers a compelling […]
After uploading yesterday’s blog post, I realized that I had again made a statement about a problematic “conflict of interest” inherent in many Identity providers. What do I mean by that? For many years, I have dreamed of the concept of a broadly used Identity Provider enabling each of us to leverage one set of […]
Following a blog post recommendation by Emma Firth, Communications Director of Digi.me, I just read an insightful article, “Transforming the Digital Identity Landscape,” in the June 2017 issue of Leo, an e-magazine published by Luxembourg for Finance. It was particularly interesting to read the viewpoints of four Digital Identity thought leaders who spoke at […]
How critical is Identity and Access Management to GDPR Compliance? The somewhat radical, but underlying philosophy of GDPR is that enterprises must enable individual data subjects (EU citizens) to control their own Personally Identifiable Information (PII), and grant or withdraw permission to store and use such data. Certainly, appropriate processes and tech […]
May 25, 2018 is bearing down on us like a proverbial freight train. That is the date when the European Union General Data Protection Regulation (GDPR) becomes binding law on all companies who store or use personal information related to EU citizens. (Check out the count down clock on the GDPR website). Last week, Oracle published a new white […]
This morning I read a short article stating, “Arizona businesses lead the nation in malware detections.” Wouldn’t you know — Arizona leads the nation — but not in some fun way like an NBA Championship. I immediately thought of another dubious distinction for our state – the Arizona bark scorpion is the most venomous scorpion in North America. […] […]
Lots of nostalgia this week … yesterday and today, my meetings have been on the Oracle Santa Clara Campus. It is always enjoyable to come here and remember the many meetings I attended here prior to the Oracle acquisition of Sun Microsystems in 2010 and with Oracle colleagues since then. It is fun to meet in the […]
This week, I am staying in the Santa Clara Marriott hotel for a few days while attending some corporate meetings. As I drove to Santa Clara from the San Francisco Airport yesterday, I began to reminisce about times in my early career when I spent a lot of time in this part of the world. I […]
If you are unaware, the security standard HTTP Strict Transport Security (HSTS) can be abused as a 'supercookie' to surreptitiously track users of almost every modern web browser online without their knowledge even when they use "private browsing." Apple has now added mitigations to its open-source browser infrastructure WebKit that under […]
Adrian Lamo, the hacker who tipped off the FBI about Wikileaks whistleblower Chelsea Manning, dies at the age of 37, according to a Facebook post by his father Mario Lamo-Jiménez. "With great sadness and a broken heart I have to let know all of Adrian's friends and acquaintances that he is dead. A bright mind and compassionate soul is gone, he was […]
Whether you're a developer, designer or a writer, a good text editor always help you save time and make you work more efficiently. For example, I use Sublime a lot while programming because it includes some useful tools like 'syntax highlighting' and 'autocomplete' that every advanced text editor should have. Moreover, these advanced […]
Security researchers have discovered a massive continuously growing malware campaign that has already infected nearly 5 million mobile devices worldwide. Dubbed RottenSys, the malware that disguised as a 'System Wi-Fi service' app came pre-installed on millions of brand new smartphones manufactured by Honor, Huawei, Xiaomi, OPPO, Vivo, Samsung and […]
The Information Technology industry has witnessed exponential growth over the years, and if you want to be a part of this growing industry, it's important for you to earn certificates in this field. Organisations always prefer employees with strong internationally-recognized professional certifications that proof your skills, knowledge, and what you kno […]
Researchers found critical vulnerabilities in three popular VPN services that could leak users' real IP addresses and other sensitive data. VPN, or Virtual Private Network, is a great way to protect your daily online activities that work by encrypting your data and boosting security, as well as useful to obscure your actual IP address. While some choose […]
A massive malware outbreak that last week infected nearly half a million computers with cryptocurrency mining malware in just a few hours was caused by a backdoored version of popular BitTorrent client called MediaGet. Dubbed Dofoil (also known as Smoke Loader), the malware was found dropping a cryptocurrency miner program as payload on infected Windows comp […]
A critical vulnerability has been discovered in Credential Security Support Provider protocol (CredSSP) that affects all versions of Windows to date and could allow remote attackers to exploit RDP and WinRM to steal data and run malicious code. CredSSP protocol has been designed to be used by RDP (Remote Desktop Protocol) and Windows Remote Management (WinRM […]
Security researchers claimed to have discovered 13 critical Spectre/Meltdown-like vulnerabilities throughout AMD's Ryzen and EPYC lines of processors that could allow attackers to access sensitive data, install persistent malware inside the chip, and gain full access to the compromised systems. All these vulnerabilities reside in the secure part of the […]
Samba maintainers have just released new versions of their networking software to patch two critical vulnerabilities that could allow unprivileged remote attackers to launch DoS attacks against servers and change any other users' passwords, including admin's. Samba is open-source software (re-implementation of SMB networking protocol) that runs on […]