BIS Delays Implementation of New Cybersecurity Items Interim Final Rule

January 26th, 2022 Tony Busch, Cortney O'Toole, and Grant Leach Leave a comment

In an October 21, 2021 interim final rule (“IFR”), the Bureau of Industry and Security (“BIS”) published long-awaited “cybersecurity items” controls in Categories 4 (Computers) and 5, Pt. 1 (Telecommunications) of the Commerce Control List (“CCL”) and followed the IFR up on November 12, 2021 with relevant FAQs. The IFR will impose new export controls on certain “cybersecurity items” that relate to “intrusion software” or “IP network communications surveillance.” The IFR, originally scheduled to become effective on January 19, 2022, will now become effective on March 7, 2022. In the January 12, 2022 notice announcing the delay, BIS stated it “may consider some modifications for the final rule” and indicated it would “provide the public with additional guidance.” Below we describe the IFR as it currently stands. We will update readers when BIS implements any additional edits to the IFR and/or updates its guidance.

The IFR establishes two (2) new export control classification numbers (“ECCNs”) and expands the control text of several additional ECCNs within the CCL. The IFR collectively defines the items falling under these CCL modifications as the “cybersecurity items.” Each “cybersecurity item” covered in the IFR will be destination-controlled for National Security (“NS”) and Anti-Terrorism (“AT”) reasons. The modifications fall under two (2) broad topics: (i) expanded control text in Category 4 for hardware, software, and technology providing the infrastructure for managing “intrusion software”; and (ii) expanded control text in Category 5, Pt. 1 related to “IP network communications surveillance” items. The IFR also includes notes which clarify that, in the event any commodities or software which qualify as “cybersecurity items” also incorporate “information security” functionality described in any Category 5, Pt. 2 ECCNs (which will often involve encryption or cryptanalysis), then those Category 5, Pt. 2 ECCN classifications will prevail. However, those notes do not cover technology (which has a special definition under the EAR). The notes also specifically state that elements of source code implementing functionality not controlled by Category 5, Pt. 2 may still be subject to the “cybersecurity item” controls implemented by the IFR. “Cybersecurity items” controlled for Surreptitious Listening (“SL”) reasons under pre-existing ECCNs will also remain under those ECCNs.

The new “intrusion software”-related parameters will control hardware and software specially designed or modified for the generation, command and control, or delivery of “intrusion software,” as well as technology for the “development” or “production” of that hardware or software. The EAR’s pre-existing definition of “intrusion software,” will remain. It is primarily designed to describe exploits or payloads that do not involve encryption but that are nonetheless specially designed or modified to avoid detection by ‘monitoring tools’ or to defeat ‘protective countermeasures’ for the purpose of extracting data or modifying a standard software program execution to allow the execution of externally provided instructions. Importantly, the IFR does not impose export controls on the “intrusion software” itself. “Intrusion software,” when designed for military offensive cyberspace operations, would more appropriately be considered for classification purposes under the International Traffic in Arms Regulations (“ITAR”) as clarified by BIS FAQ #5.

The new “IP network communications surveillance” parameters will control telecommunications equipment capable of servicing a carrier class Internet Protocol (“IP”) network, performing application layer analysis, indexing extracted data, and being “specially designed” to execute searches based on “hard selectors” (i.e., personal data) and mapping relational networks of individuals or groups of people (hereafter referred to in this post as the “Telecommunications Surveillance Equipment”). The new and expanded control text will also control the software equivalents of the Telecommunications Surveillance Equipment as well as the test equipment, software, and technology specially designed or modified for the “development,” “production,” or “use” of the Telecommunications Surveillance Equipment.

The IFR also creates a new License Exception Authorized Cybersecurity Exports (“License Exception ACE”). Although LE ACE is similar to the EAR’s existing License Exception Encryption Commodities, Software, and Technology (“License Exception ENC”), there are some key differences between License Exceptions ACE and ENC. Exporters hoping to use the new License Exception ACE’s authorizations will need to consider the full range of U.S. export controls represented in its terms and conditions: destination, end-user, and end-use. For instance, License Exception ACE lays out a multi-layered approach where the nature of the end-user (e.g., “U.S. subsidiary,” “non-government end user,” “government end user,” and/or “favorable treatment cybersecurity end user”) must be considered alongside the destination and any knowledge or “reason to know” of an illegitimate end-use (which, without citing the EAR definition, is what is commonly understood as black hat and/or state-sponsored “hacking”). “Deemed” exports to Country Group D foreign nationals of any Country Group D destination are presumptively not authorized under LE ACE. However, when an exporter can determine the end-user of the export or “deemed” export is a “non-government end user,” then License Exception ACE will provide authorization to certain Country Group D destinations for (i) exports to “favorable treatment cybersecurity end users”; (ii) exports for “vulnerability disclosure” or “cyber incident response”; and (iii) “deemed” exports to foreign nationals.

A final note on License Exception ACE, especially for those proficient in License Exception ENC, is that License Exception ACE’s definition of “government end user” is far broader than the parallel definition in License Exception ENC.

Some heightened areas of risk under the IFR will include exports and reexports to non-U.S. subsidiaries in Country Group D countries and proper due diligence to meet BIS’ “reason to know” standard for end-use restrictions in License Exception ACE.

___________________________________________________________________

Tony Busch is an attorney in Husch Blackwell LLP’s Washington, D.C. office and is a member of the firm’s International Trade & Supply Chain practice team.

Cortney O’Toole Morgan is a Washington D.C.-based partner with the law firm Husch Blackwell LLP. She leads the firm’s International Trade & Supply Chain group.

Grant Leach is an Omaha-based partner with the law firm Husch Blackwell LLP focusing on international trade, export controls, trade sanctions and anti-corruption compliance.

Archives, Features, Global Trade Daily, Ocean Ports

COMMERCIALLY AVAILABLE REAL-TIME INFORMATION IS TRANSFORMING PORTS AND MARITIME TRANSPORT

December 24th, 2021 Gordon Feller and Matt Coker Leave a comment

“Accelerating Digitalization: Critical Actions to Strengthen the Resilience of the Maritime Supply Chain,” a report that the World Bank and International Association of Ports and Harbors (IAPH) issued in January, describes how collaborative use of digital technology can help streamline all aspects of maritime transport, from cross-border processes and documentation to communications between ship and shore.

The joint report, with its special focus on ports, argues that a better digital collaboration between private and public entities across the maritime supply chain will result in significant efficiency gains, safer and more resilient supply chains and lower emissions.

“The report’s short and medium-term measures to accelerate digitalization have the proven potential to improve supply chain resilience and efficiency whilst addressing potential risks related to cybersecurity,” says Dr. Patrick Verhoeven, the IAPH managing director of Policy and Strategy. “However, necessary policy reform is also vital. Digitalization is not just a matter of technology but, more importantly, of change management, data collaboration and political commitment.”

How big a deal is big data? According to StockApps.com, the global big data and business analytics market is valued at $215.7 billion this year and will grow by more than 27% to exceed $274 billion by the end of next year.

However, recent IAPH survey revealed that only a third of more than 100 responding ports complied with a mandatory International Maritime Organization (IMO) requirement that all member countries exchange key data electronically. The main barriers to digitalization cited by the ports did not involve the technology but the legal framework within their countries or regions and the inability to persuade multiple private-public stakeholders to collaborate.

Fortunately, as you will learn if you read on, there are governments, port authorities and economic development entities that are embracing big data.

Bottlenecks along the supply chain

Among the key chokepoints in the global maritime system are some of the world’s most critical transport gateways. Consider the significance of just two of them: The Strait of Malacca and the Strait of Hormuz. As the U.S. Department of Energy’s website makes quite clear about the importance of the latter, “The Strait of Hormuz is the world’s most important oil transit chokepoint.”

More than 90% of the world’s total trade volume is moved by the maritime shipping industry. Every year, it transports more than $4 trillion of goods. An immense pressure is placed on shipping companies to remain on schedule, protect the cargo ship and crew, and ensure profitability. And one can’t say that it’s easy.

It is hard to visualize the world’s main shipping routes or to glimpse the industry’s complexity. As they transport goods from one continent to another, approximately 90,000 vessels cross paths.

The maritime industry involves an intricate system of transportation. To complicate things, ports and vessels are also subject to the forces of nature, which are becoming harder and harder to predict. Thus, shipping companies must be able to adapt to changing situations and act fast.

With real-time big data analytics, however, the maritime industry can better navigate these unexpected challenges.

Big data is a field that extracts and analyzes data from data sets that are too large or complex to be dealt with by traditional data-processing application software. Real-time capabilities mean that those insights are delivered immediately after collection.

How exactly does real-time big data help?

Maritime companies generate data from different sources and in several formats. Traditionally, these insights are fixed, siloed and inconsistent. Actioning this information is time-consuming and a major pain point for shipping companies.

With big data tools, this inflow of data is collated and organized in a cloud-based system. It then analyzes and spits out the relevant data in real-time, which promotes better decision making. Nothing is left to intuition or chance—unlocking opportunities to drive greater efficiencies.

According to the recent World Bank report “Reforming and Rebuilding Lebanon’s Port Sector: Policies and Solutions for Digitalizing the Port of Beirut,” digitalization must be key in the reconstruction and modernization of the facility that was rocked by chemical explosions in August 2020.

“Rapidly evolving technology is creating the digital ports of the future and Lebanon should not be left out,” maintains Saroj Kumar Jha, World Bank Mashreq regional director. “Through an all stakeholder approach, Lebanon should immediately enact special port institutional framework to reform the port sector and to launch transformation process toward a structured and systematic technological upgrade of the Port of Beirut to support Lebanon’s economic recovery.”

Efficient maritime operations and logistics

Overall operations and logistics become much more efficient with real-time data. Companies can obtain information through GPS and RFID tags to help locate containers and ships immediately. Data technology also helps synchronize communication to manage ship arrivals, berthings, and departures safely and efficiently. And in case of an emergency, non-availability of labor or terminal allocations, real-time data helps ships plan their routes and speeds accordingly.

Due to climate change, this ability to pivot has never been so relevant. Although the global maritime industry is a well-oiled machine, the ocean’s weather—currents, waves and wind—are more unpredictable than ever. Real-time data streamlines decision making and supports ad hoc navigation to ensure companies maximize returns.

After a yearlong trial period, the Greater Houston Port Bureau officially partnered in June with PortXchange Products, a Netherlands-based digital solutions provider for predictable and sustainable shipping. The five-year deal is allowing for the adoption and further development of PortXchange’s collaborative vessel and terminal planning platform.

“Digitization and data are key for the port of Houston region to increase predictability, improve efficiency and remain globally competitive,” says Capt. Bill Diehl, U.S. Coast Guard (retired), president of the Greater Houston Port Bureau. The non-profit trade organization operates the Maritime Exchange of Texas, which maintains critical vessel movement data for the Lone Star State’s deep draft ports.

The agreement came as a result of Diehl’s agency embracing “the idea that digitalization and scheduling transparency is the future of any port,” according to Sjoerd de Jager, PortXchange’s managing director, who adds, “we look forward to extending our collaboration in the Houston port community.”

Big data is helping to identify open berths at the Port of Gothenburg. In September, the largest port in Scandinavia launched Allberth, a smart device developed by Awake.AI of Finland.

“With Allberth, we now have a berth planning tool that can make calls smarter, safer and considerably more efficient for all concerned,” says Fredrik Rauer, traffic coordinator and project leader for Berth Planner at the Gothenburg Port Authority. “And reduced emissions from the vessels are an obvious benefit in climate terms.”

External users, who are gradually being added to the system, can make their own planning decisions based on the same data. “With Allberth,” Rauer says, “we can give mooring personnel, the ship’s agent and the terminal the opportunity to act immediately on the information that we visualize in the application.”

Fuel-efficient routing

By having access to real-time sea state observations—currents, waves and swell—vessel operators can re-route according to current ocean and weather conditions while optimizing fuel efficiency. Inefficient weather routing oftentimes leads to the increased time spent at sea, which not only disrupts and delays the supply chain but can also increase fuel burn and CO2 emissions.

In addition to increasing voyage earnings, fuel-efficient routing also reduces greenhouse gas (GHG) emissions, supporting the latest GHG reduction strategy that the IMO developed in 2018. The initial strategy envisages that the total annual GHG emissions from international shipping should be reduced by at least 50% by 2050 compared to 2008. What does 50% look like? The IMO calculated that vessels released 1.12 billion metric tons of carbon dioxide the year before, in 2007. Emissions need to be reduced by 560 million metric tons. That’s equivalent to the emissions from 102 million cars.

One key conclusion to make about the real-world is that real-time data helps to reduce fuel costs and also helps to reduce GHG emissions.

The Port Authority of New South Wales in Australia is maneuvering very large ships safer and more efficiently thanks to OMC International’s Dynamic Under Keel Clearance (DUKC) system. The Aussie company’s technology is currently being used at the ports of Botany, Newcastle and Kembla.

The DUKC system provides tanker and deep drafter container captains “with near real-time data, taking account of a number of variables, including the height of tide, the speed of the ship, the ship’s maneuverability, tidal streams and the dynamic motions of the vessel–all essential information used by our highly trained team of marine pilots when maneuvering these vessels within port waters,” says Myron Fernandes, the port authority’s harbor master for Sydney and Botany.

Is real-time big data safe from cyber-threats?

The convergence of information technology (IT) and operational technology (OT) onboard ships—and their connection to the internet—creates an increased attack surface that requires greater cyber risk management.

On the IT side, the chances of cyberattacks can be mitigated through proper implementation of encryption techniques such as blockchain technology. From an operational standpoint, IMO maintains that effective cyber risk management should start at the senior management level—embedding a culture of cyber risk awareness into all levels and departments of an organization.

One can read more about this in “Guidelines on Cybersecurity Onboard Ships” from BIMCO, a non-governmental organization that aims to be at the forefront of global developments in shipping. With offices in Copenhagen, Singapore, Shanghai, Athens and London, BIMCO provides expert knowledge and practical advice to members that range from small local port agents and law firms to the largest shipowners in the world.

Knowledge is power

It is possible that the maritime industry can become bigger and better—and more lucrative—while emitting less GHG emissions. By implementing real-time insights in daily operations, shipping companies are well-positioned to navigate anything that comes their way. And how this year has gone, it certainly doesn’t hurt to have an edge on the unexpected.

As the technology evolves, an emerging group of global communications companies are competing with one another to execute on a radical mission statement: to bring connectivity to everyone, everywhere. As these technologists make progress, they enable maritime organizations to connect more efficiently with customers, facilities and systems.

One of those companies, OneWeb, has been busy building a communications network with a constellation of Low Earth Orbit satellites that provide connectivity to people around the world. OneWeb’s method for enabling Internet access for all is starting to become a reality. As a result of OneWeb’s new capacities in space, the company is getting ready to provide low-cost solutions for broadband, government and cellular backhaul. Its high speed, low latency, network will offer new affordable mobility solutions to industries that rely on global connectivity, including ports and the maritime companies that depend upon ports.

OneWeb, which is headquartered in London and has a manufacturing facility in Merritt Island, Florida, successfully commenced launches for its satellite constellation network back in February 2019. As of May of this year, 218 of a planned 648 satellites in the initial constellation had blasted off.

Closer to Earth, the Washington State Community Economic Revitalization Board in July approved more than $15 million in grants for planning, economic development and rural broadband infrastructure construction projects, including awards of $1.7 million to the Port of Whitman County and nearly $1.6 million to the Port of Clarkston in Asotin County for high-speed internet connections. The Olympia-based board’s grants and more than $2.5 million in loans will be matched by over $7.6 million in private investment, and the resulting partner projects will create an estimated 200 jobs.

Big data is a must-have

In today’s world, inland port facilities must view a strong digital infrastructure as “essential” as opposed to “just a value-add,” according to Marc Salotti, managing director at Tradepoint Atlantic in Baltimore, Maryland. The modern, 3,300-acre industrial site used to be known as Sparrows Point, which had been one of the world’s largest iron and steel making facilities for 125 years before closing in 2012.

“Think about the target user,” Salotti recently wrote on the Supply Chain Brain forum. “With increasing pressure on global supply chains, the rise of e-commerce, and growth of direct-to-consumer methods, companies aren’t just looking for a storage facility. They want an adaptable environment that maximizes supply-chain optionality and growth, a strong technical infrastructure, and a strategic partner to work through challenges and share innovative solutions.”

Saudi Global Ports (SGP) is incorporating smart port design to two container terminals at King Abdulaziz Port Dammam. The program includes establishing an area called “The Sandbox” to test new technologies in automation and connectivity and develop new processes that will be subsequently deployed across SGP.

“We are taking progressive steps toward transforming Dammam into a leading international container port equipped with digital and smart capabilities, and continue to contribute toward Mawani (Saudi Ports Authority) and the Kingdom’s plans for a transformational transport and logistics sector,” says SGP’s CEO Edward Tah.

The future is also now for the Vancouver Fraser Port Authority, which is working with partners to design a collaborative system to manage marine vessel traffic and optimize the supply chain flow by a March 31, 2022, deadline imposed by the Canadian government, which also provided funding for an electronic conveyor system to transport bulk materials at the Port of Saguenay.

Embracing big data cannot come soon enough, according to Salotti: “If the past year has taught us anything, it’s that we can’t be complacent. We must evaluate. We must evolve. We must commit to real, systemic change in economic development and infrastructure. Then, we won’t just build a more resilient trade pipeline; we’ll create new jobs and sustain the heart of American industry.”

Archives, Global Trade Daily, International Trade

HOW TO GO GLOBAL: WHAT E-COMMERCE SHOPS CAN LEARN FROM THE BEST ENTERPRISES

November 2nd, 2021 Therese Hudak Leave a comment

Organizations face inherent risks and challenges on the path to globalization, due in part to each country’s regulations, inflation rates, currency and currency exchange rates, language and cultural barriers, foreign politics and policies, and consumer behaviors and preferences.

With almost 200 countries participating in international business, worldwide commerce presents an opportunity for enormous organizational growth if these hurdles can be cleared. Several large enterprises have expanded well internationally (Apple, McDonalds, etc.) by following some key touchpoints.

Surprises at checkout can lead to high cart abandonment.

The last thing an online merchant wants is to have a successful purchase in progress, only for additional fees, unaccepted payment methods, or extra taxes to tempt the consumer to abandon the cart. With online shopping cart abandonment estimated to be around 69.8%, it is the responsibility of the merchants to be aware of foreign regulations and payment challenges that could potentially add costs and corrupt the customer experience.

Equally as important is to be forthcoming about this information. All taxes and fees which may be associated with purchasing internationally should be upfront, and merchants must consistently highlight what the entire cost of the product is going to be, even if this includes additional wording in the checkout. Furthermore, e-commerce merchants need to be clear about the payment methods they accept, as this can vary significantly from country to county.

Merchants need to start paying attention to what consumers want to pay with.

When it comes to localization in e-commerce, customizing payment options is essential. Established enterprises and e-commerce merchants alike should not approach payments with a one-size-fits-all mindset. For example, while Americans prefer to pay with credit and debit cards, Europeans favor bank transfers and digital wallets (such as PayPal), and Asian consumers gravitate to QR codes. Narrowing down the scope even further, demographics within those counties play a role.

Therefore, e-commerce merchants need to tailor their payment methods to what will work for their target consumers.

Data breaches are far too common and are only on the rise.

Recently, international enterprise giants such as Microsoft, Estee Lauder, and MGM Resorts suffered security issues. From accidentally exposing confidential customer data online (such as credit or debit card information, home or office addresses, birth dates, buying history, and more) to malware and hacking incidents, these events significantly harmed consumer trust and brand reputation for these businesses. Even more, cybercrime is a substantial financial liability as the cost of patching, compensating victims, and possible litigation leaves many companies unable to recover fully.

The good news is that there has been much investment from established enterprises to create solutions that cross-border e-commerce merchants entering the market can utilize. For example, innovative technology is allowing faster responses to suspicious activity to ensure that transactions remain secure. As e-commerce merchants now realize that they are at risk if they decide to hold sensitive data in-house, they are discovering new ways to safely store information that is susceptible to threats.

Global merchants must take a lot of things into consideration.

The established enterprises that have thrived worldwide do so because they understand their target audiences. They know that the key to success overseas is localization starting from a very high level, such as transparency and communication. It then goes down to payment preferences and choices, followed by assuring security and local compliance.

For global e-commerce merchants, this is a roadmap they can follow. For an e-commerce merchant to grow internationally, they need to identify what they want to accomplish, how local they want to be, what resources they have in-house, how to create the best experience and their KPIs.

This is where the right payments infrastructure partner can be of great value. By helping global merchants discover optimal ways of implementing payment methods, defining the best digital experiences based on preferences by the local consumers, and determining conversion metrics, they help merchants connect with more consumers, whether they’re 10 or 10,000 miles away.

Therese Hudak is the Head of Enterprise Account Management at PPRO

Archives, Banking, Global Trade Daily

Central Banks to Adopt Their Own Digital Currencies to Eliminate Potential Risks

November 1st, 2021 Francois Moreau Leave a comment

Digital currencies backed by central banks, or central bank digital currencies (CBDCs), are becoming a reality for residents in a few countries around the world. The evolution from checks, to debit cards, and now to digital payments give cause to wonder if we really need cash anymore. While economists agree that we still need cash for now, some governments are discussing the effects of implementing a CBDC nationally.

However, not everyone is as interested in the prospect of implementing a nationwide digital currency. Commercial lending and banking would be affected, as the widespread use of CBDCs could take a bite out of commercial deposits and put the industry’s funding in jeopardy. But with China currently developing a digital Yuan, that leaves government and supply chain leaders wondering about the potential trade risks of not competing in the global economy with CBDCs.

Luckily, lawmakers have come up with a slew of solutions that include strict regulations and controls, hard limits on transfers and holdings, and a long-term transition period before the new digital assets could be launched in full effect. In the meantime, central bankers in the US are contemplating adopting their own digital tokens for instant, low friction international transactions.

What is Central Bank Digital Currency?

A CBDC is the virtual form of a certain fiat currency. You can think of it as an electronic record or a digital token of how currency is spent, held, and moved. CBDCs are issued and regulated by central banks and backed by the credit of their issuer. They aren’t really a new kind of money, it just changes the way we track transactions.

While seemingly very similar at first glance, CBDCs are not cryptocurrencies. Cryptocurrencies are digital currencies that are secured by cryptography and exist on decentralized blockchain networks. Bitcoin and other cryptocurrencies are not backed by any government or banking entity and are purely digital currencies. CBDCs, in contrast, are backed by legal tender and are only a digital representation of fiat money.

Part of the draw to create CBDCs is inspired by their crypto-cousins’ distributed ledger technology. DLT, or blockchain technology, refers to the digital infrastructure and protocols that allow access, validation, and continuity across a vast network. This means that, in contrast to fiat currency that exists today, digital currencies can be tracked and verified in real-time, limiting the risk of theft and fraud.

Blockchain technology is usually associated with cryptocurrency, but it has the potential for numerous applications that could help governments organizations and banking entities run more smoothly with accountability and transparency. Another reason why countries are drawn to CBDCs is they have the ability to help increase banking access for otherwise underbanked populations.

Currently, there are 81 countries exploring CBDCs. China is racing ahead of the pack with their development of the digital Yuan, putting pressure on countries that will want to remain competitive. It raises the question of whether China will at some point accept only digital currency, meaning other countries would need their own CBDCs to remain competitive on a global scale.

China’s digital Yuan

China has long been known to resist cryptocurrencies and crypto trading, so when the news broke that their central bank has been developing a CBDC there was some confusion. However, it has now become clear that the Chinese government is creating an environment where citizens who want to use digital currencies like crypto will have to use the digital Yuan, removing any competition from DeFi banking initiatives.

Before their crackdown on Bitcoin and crypto, local investors made up 80% of the crypto trading market. This shows promise when it comes to the adoption of the digital Yuan, with so many Chinese citizens open to adopting and spending digital currency.

They have already started real-world trials in a number of cities and are expecting the digital Yuan to increase competition in China’s mobile payments market. It is still not entirely clear how users will hold and spend the new digital Yuan whenever it is available nationwide. Right now the most popular form of mobile payment in the country relies on QR codes scanned by merchants.

Alipay and WeChat Pay could eventually integrate CBDC functionality, and smartphones could also potentially be used as a digital wallet for CBDCs. There is still a lot to be discussed, tested, and fixed before the digital Yuan can be distributed nationwide, but China is currently the country closest to rolling out its own CBDC.

Where does the United States stand?

Crypto thefts, hacks, and frauds amounted to about $1.9 billion in 2020, so many leaders have reservations when it comes to enforcing and regulating CBDCs in the US. But there is evidence that CBDCs would have no issues being adopted by the American people. Crypto aside, the digital payments sector is booming with about 75% of Americans already using digital payments apps and services.

But there is not yet a single widely accepted infrastructure available that could handle CBDCs, and lawmakers are lagging behind when it comes to regulations for fintechs as it is. The US could take a page from China’s book and explore adding CBDC functionality to existing banking fintechs like Chime, Paypal, and ApplePay. According to online trader Gary Stevens from Hosting Canada, it would also be wise to look at banks that offer trading services as well.

“In the US, banks offering online trading services (such as Merrill Edge through Bank of America) tend to provide a seamless client experience,” says Stevens. “They strive to provide a consistent login interface between the bank and its brokerage arm, making switching between these platforms easier. This also makes other tasks like moving money between these accounts more flexible. Therefore, US residents have come to expect a more integrated, holistic experience with similar core functionality.”

The Future of CBDCs

The onset of the pandemic has created the perfect storm for CBDCs to come to fruition. Telework, online education, and streaming services have experienced growth while brick-and-mortar establishments have suffered. The same is true for the financial services industry. Banks have struggled to compete with fintech solutions, and more people are utilizing digital payments than ever before.

Since CBDCs are such a new technology, there is still much to learn when it comes to implementing CBDCs nationwide and around the globe. Offline accessibility and resilience are only a couple of concerns regarding digital currency adoption worldwide. Other issues include user privacy, using private and public blockchain networks, and how digital currencies will be exchanged on a global scale. Only time will tell how central banks choose to seriously pursue this route to make it more mainstream.

Conclusion

There are a lot of details still up in the air regarding CBDCs, as well as a considerable amount of research, testing, and development left to unfold. But one thing is clear: central bank digital currencies are already under development. Whether you are getting into online trading or just like the convenience of e-payments, they might be coming to a digital wallet near you sooner than you think.

3pls, Archives, Global Logistics, Global Trade Daily, Ocean Ports, Trucking

6 Emerging Challenges for the Supply Chain and How to Address Them

October 15th, 2021 Dylan Berger Leave a comment

The past 18 months have exposed major weaknesses in the global supply chain. For many companies, the pressure from the COVID-19 pandemic stretched logistics to their limits, revealing inefficiencies and areas for improvement.

These existing weaknesses are being compounded by new supply chain challenges and changing market conditions. Here are six of the most important emerging challenges for global logistics — and what businesses can do to address them.

1. Lead Time Expectations

Consumers and business clients both expect increasingly quick turnaround times on new orders. In part due to the rise of ecommerce giants like Amazon, many consumers consider it normal for an item to be delivered a day or two after an order is received.

For the global supply chain, however, this is often unrealistic. International shipment can take weeks or months, depending on the complexity of the item ordered.

These consumer expectations aren’t likely to change any time soon. As a result, more effective demand forecasting and supply planning will be essential for businesses. Flexible supply chains that are capable of expediting orders as needed — for example, taking advantage of backup air freight contracts when land or sea would be too slow — will become an invaluable asset.

Strategies that keep goods close to buyers can also help businesses meet these expectations. Distributing warehouse space, if possible, can make it more likely that items are nearby buyers when ordered, making them quicker to ship.

2. Port Congestion

Port congestion, in part caused by the COVID-19 pandemic, remains a major challenge for logistics. Right now, ports around the world are experiencing record levels of congestion, meaning freight shipped by sea is likely to be delayed significantly.

Businesses are experimenting with different solutions to this problem. In the United States, some major retailers have begun chartering their own ships to import goods ahead of the 2021 holiday season. Chartering these ships allows the retailers to unload at less-congested docks, like those in Portland, Oregon.

Most businesses likely don’t have the resources to charter their own cargo ships. Instead, demand forecasting and carrier choice may help companies keep sea freight moving. Staggering shipment containers across multiple vessels may also help businesses avoid the worst of a port’s congestion while also mitigating risks in other ways.

The diversification of sourcing in a supply chain strategy can also help. If port congestion makes it nearly impossible to obtain a good or raw material from one supplier, there may be other suppliers available via air or land freight.

3. Aging Equipment

As they age, vehicles become less reliable and more prone to failure. Regular replacement of fleet vehicles is essential to keep the supply chain running smoothly, but the high expense of a new truck or tractor-trailer means businesses are continuing to use legacy equipment for longer than they would typically.

Vehicle failures can happen suddenly. Even simple issues can cause massive problems when a part that’s been on the verge of failure begins to break down.

Replacing old vehicles with new ones is one way to minimize downtime due to failures. An upgrade is also an opportunity to investigate alternative fuel vehicles and electric trucks.

For businesses that can’t afford the capital expense of a new fleet, knowledge and careful maintenance can keep vehicles running longer. Preventive maintenance and effective upkeep is the best way to extend the lifespan of a vehicle.

For example, the lifespan of tires that are underinflated by just 20% may decrease by as much as 30%. Proper tire inflation can keep vehicles on the road and decrease maintenance costs over time. Other common semi-truck issues, like brake failures, can also be avoided with the right maintenance practices.

Some businesses may also deal with niche-specific maintenance problems. For instance, transporting crops can put significant strain on the suspension of a vehicle or machine, especially its leaf springs.

Regular inspection and maintenance of these suspension components can help logistics companies avoid costly breakdowns and significant downtime.

4. Aging Infrastructure

A similar, related problem is emerging on the state side of logistics. Dated transportation infrastructure is beginning to show its age. In 2021, the American Society of Civil Engineers (ASCE) gave American infrastructure as a whole a C minus. Roadways fell behind even this low average and were given a D grade.

Bridge closures, roadwork, and infrastructure failures can all create serious difficulties for logistics companies. When essential routes are closed for emergency maintenance, companies may have few options for avoiding delays.

As with port congestion, diversification may be the answer for businesses. Distributing risk by partnering with a larger number of suppliers can help businesses create a more responsive and flexible supply chain network.

5. Digital Transformation and Cyber Vulnerability

Data has become one of the most valuable assets available to logistics companies. With the right customer information, a business can more accurately predict demand, anticipate crises, and mitigate risks.

This same information can also make a company much more vulnerable, however. The value of data stored on business networks makes these networks a more attractive target for hackers.

At the same time, digitalization, the adoption of Industry 4.0 technology and IoT devices, and the pivot to working from home have all increased the number of critical business assets exposed to the internet.

The consequences of a successful breach can be massive. Businesses that suffer a breach may pay multi-million-dollar ransoms, lose critical files, or face a badly damaged reputation. Downtime and fines from government regulators can further increase the cost of a breach.

Effective cybersecurity is the best way to reduce the risk of a breach. Investing in IT, developing best practices, and participating in industry conversations on cybersecurity will help businesses ensure that critical assets and digital infrastructure are kept safe from hackers.

6. Rising Freight Prices

Higher shipping costs are likely here to stay. For logistics providers and vendors, this can be a serious challenge. Already, experts are predicting that businesses will hike prices to offset the growing freight costs. The impact will likely be felt in almost every sector of the economy.

Better technology may help businesses adapt to these higher prices. Transportation management utilities that allow businesses to compare carriers and optimize routes, for example, can help them to both navigate around delays and minimize freight costs.

How Businesses Can Adapt to a Changing Supply Chain

The global supply chain is transforming fast. Businesses that want to develop effective logistics strategies will need to manage both old and new supply chain challenges.

Technology and diversification may both be essential. Partnering with a range of suppliers can help businesses distribute risk and avoid emerging issues like port congestion. New technology can make it easier to optimize routes and identify the most valuable carriers.

Archives, Global Logistics, Global Trade Daily, Software

E-COMMERCE VS. MANUFACTURING CYBERSECURITY: WHAT YOU SHOULD KNOW

September 8th, 2021 Haylle Sok Leave a comment

In the digital world, most of us are constantly immersed in protecting data while ensuring smooth operations that have become increasingly complex in recent years, particularly in the age of COVID-19 for manufacturers and e-commerce leaders. With concerns of maximizing cybersecurity compliance increasing almost as quickly as consumer demand, we decided to take a deeper look at how data protection ties into e-commerce and manufacturing and what companies can do to remain competitive, compliant and trustworthy in the eyes of their customers.

To gain a better understanding, we looked to Bindu Sundaresan, director at AT&T Cybersecurity Consulting. With the firm for the past 12 years, Sundaresan and her organization offer planning and professional services to help customers in retail, healthcare, manufacturing, finance and more reduce cyber risks.

“You name the emerging technology irrespective of customer security maturity, we are there,” Sundaresan says. “We are starting to see some implications of rushed transformation efforts, putting companies at larger risk. They have to take stock of their altered risk profile as the threat surface grows and with the adoption of digital technologies in pursuit of new business models and enhanced customer experiences such as e-commerce in manufacturing.”

She adds that in the modern age, e-commerce is no longer just in sight for retailers or e-tailers. In fact, e-commerce has transformed the way major industries are conducting business from manufacturing, B2B and even shippers.

“It’s a whole function, end-to-end in terms of when the ordering is placed to checking on what stocks are available, to shipping,” Sundaresan says. “This is all happening through front-end e-commerce websites. E-commerce in general is an attractive target for the malicious actor, because that’s where the money is.”

Data protection in the digital space requires a strategic and tedious process–two words some would never think to put in the same sentence when talking technology. For businesses to successfully secure consumer data, company data and overall cybersecurity, all moving parts must be considered, starting with the basics. Sundaresan emphasizes that just because digital applications have been simplified, it does not ensure a successful launch of data-secured applications.

“Follow the data, think about every connection, think about the data flow, think about every connection you are making for every asset within your organization. Web application security must be taken seriously. Application Security 101 is how you should secure your third-party and open-source code because approximately 96 percent of apps today use borrowed code. Sure, it is a great way of standing an application up, making it run fast, and saving development time and resources. But at the same time, it will introduce vulnerabilities into your infrastructure.”

From its inception, web applications present competitive advantages—and significant vulnerabilities if not properly deployed. One must carefully consider the limitations and vulnerabilities of the selected tools over protected information to effectively secure and operate it.

“It’s not just about fraud protection or credit card data behind these applications,” Sundaresan notes. “It is about the denial-of-service attacks that can happen, making your website unavailable. It is not somebody stealing, it is somebody getting availability. It is about using your website and your brand to craft another webpage that looks exactly like your brand, and then do SQL injection on it. E-commerce websites now have sophisticated tools with shielding applications and technologies available. These are all affordable and easily consumable, eliminating the need to go in and actually change the code.”

Whether we realize it or not, almost all of us are using some type of e-commerce platform, IoT device or another form of digital technology enabling connectivity between us and the outside world of products and goods.

“Everyone cares about privacy, and this is a common thread across industry verticals,” Sundaresan explains. “We all use internally built applications, APIs and take payment information. Anyone that takes credit card information needs to comply with the PCI standard. It covers a lot of web applications and e-commerce security controls that are a must. Compliance is not the end goal, but it’s a great starting point for your framework.”

Looking at manufacturing, we see a different story unfold. Data protection measures are approached from a different angle that does not consider coverage for sensitive consumer payment information or personal identification. After all, many manufacturers are not dealing directly with the consumer but still have a need for securing digital transformation in the sector.

“As a manufacturer, you have to think about what the attack surface looks like and what the protection surface looks like,” Sundaresan warns. “It is critical for manufacturers to think of each new connection as a potential vulnerability to their attack surface. Gone are the days where manufacturers are going to look at just safety and well-being as the only priorities–security is now top of mind, and it should be.”

Along with basically every other industry sector across the globe, COVID-19 impacted and changed manufacturing. Sundaresan highlights the changes sparked by the pandemic and how manufacturers are now prioritizing data security.

“COVID propelled smart manufacturing, showing us that security is more about risk and resilience rather than just providing a technological element to operations. We have enough tools out there, and it’s time to initiate the joining of forces and look at how data can be exploited because of unpatched systems in manufacturing.”

Over the past 12 years, Sundaresan and her team at AT&T Cybersecurity Consulting have learned the adage, “you’re only as strong as your weakest link” was more than relevant during the pandemic for the supply chain, challenging the notion that just because a company is not focused on B2C operations does not eliminate risk for data breaches and threatened security.

“In the 20 years I have been working in the industry, there is not one thing that we don’t do at AT&T Cybersecurity. Some assume we might only do large projects or cater to those if they are connected to our network. That is not the case. In relation to the industry as a whole, an important takeaway is to remember that what manufacturing and healthcare are going through now, retail and finance went through this same thing about two, three years ago.”

To learn more about AT&T Cybersecurity and its diverse solutions portfolio, visit: https://cybersecurity.att.com/

____________________________________________________________________

Bindu’s experience, which spans more than 20 years, has been shaped by the opportunity to work with some of the world’s most innovative companies. She has worked with industry frameworks, including NIST/ISO/HITRUST, regulatory requirements including PCI, NERC, and HIPAA. Bindu has led dozens of cyber-risk engagements for Fortune 500 clients from strategy to technology implementation to breach response. She was tapped to lead a complex PCI and HIPAA compliance assessment for a leading global retailer, spearheaded a $1M security assessment, and worked on securing Criminal Justice Information Sharing Networks in NYC. Before AT&T, Bindu was a Senior Manager with Verisign. Before joining Verisign, she was a Senior Consultant with KPMG and a Senior Network engineer. Her love for teaching and mentoring started with her role as an Adjunct Faculty with the State University of New York (SUNY).

Archives, Global Trade Daily, Software

Maintenance Software Myths That Are No Longer True

August 22nd, 2021 Patrick Sim Leave a comment

Software for facility management is nothing new. The underlying technology has been available since the early 2000s. The best facilities management software programs include capabilities for detailed asset tracking, digital checklists, handling service requests, work order requests, and resource management.

Despite the availability of such software, a large segment of maintenance teams has yet to make the switch to utilize facilities management software; instead of relying on manual processes, paper checklists and excel reporting.

In this article, we identify 4 common reasons for not adopting facilities management systems, typically known as Computerized Maintenance and Management Systems (CMMS). We argue that with advances in software delivery, in particular, the availability of cloud-based Software-as-a-Service (SaaS) delivery, these reasons are simply no longer valid.

The 4 Most Common Myths of Facility Management Software

CMMS Is Expensive

For a long time, only enterprise companies could afford online maintenance software. Acquiring a software license for an on-premise system would start from tens of thousands of dollars and all-in costs could end up in the millions.

One key reason behind the high costs is that software providers used to have to hire a small army of expensive enterprise sales staff to travel to the facilities management company to conceptualize a customized software program, decide how the system should be installed on in-house servers, and consult on the setup and implementation process. So each project required significant time and resources to implement. On top of that, organizing on-premise upgrades required substantial client interaction that increased ownership costs.

However, as the industry became more comfortable with cloud-based solutions and as new cloud-native systems emerged, the cost structure for delivering CMMS reduced drastically. Cloud-based SaaS CMMS software is intrinsically scalable. Small facilities can start with a low-cost plan, or sometimes even a free plan. Cloud-based SaaS CMMS systems can be utilized from anywhere in the world without the need to deploy on-premise servers and can literally be implemented in minutes! This means that the software providers need not hire an expensive enterprise sales force and also benefit from economies of scale. These savings are being passed on to the facilities managers.

Cost should no longer be a barrier to CMMS implementation.

Maintenance Management Software Is Hard to Learn

Another misconception about maintenance management software is that it is difficult to learn. That may be true for legacy CMMS as the adoption process may require significant effort to memorize complex digital workflows and may even require paid training. As a result of the cumbersome onboarding experience, many maintenance managers struggle to get their entire team on board.

So, why are many legacy CMMS software so difficult to use? To put it simply, they were developed before the evolution of modern UI / UX design and when complex functionality took precedence over user onboarding and experience. CMMS software developers simply took it as the norm that clients must spend considerable effort to learn their software.

However, as SaaS software became prevalent with a predominantly client self-service model, CMMS SaaS software providers began to realize that ease of deployment and ease of use were necessary pre-conditions to achieve SaaS scalability. With a low-cost subscription model, not only can more long-tail clients be onboarded, they can be onboarded more quickly. Clients could self setup and self-configure, reducing the amount and time for pre-sales and the level of customer support required.

Transitions are Tough

This myth involves not only the need for learning mentioned above but also involves the assumptions that entering the necessary data, such as asset data, to get the CMMS going is time-consuming; and that the new CMMS cannot co-exist besides current processes.

Both assumptions are wrong. Data input nowadays mostly involves a one-time CSV import. Checklists can also be created from available libraries.

Modern SaaS-based cloud CMMS systems also support a gradual transition from manual to digital. Checklists can be exported to PDF for printing. Individual modules can be utilized as and when the team is ready, for example, starting with the low-hanging fruits such as fault reporting, before moving towards more data-intensive processes such as preventive maintenance.

Cloud CMMS is Not Secure

This myth exists not only for CMMS software but also for any other cloud software, including accounting and HR systems. Yet, in almost all software verticals, cloud software is gaining market share. Even in the most sensitive verticals, such as healthcare and banking, regulators have permitted the use of cloud software.

Cloud software is not by definition less secure compared to on-premise deployments. In fact, given the level of physical security at the data centers of most large cloud computing providers, cloud deployments are often more secure compared to on-premise deployments.

The correct approach in analyzing the cybersecurity of CMMS software is not to dismiss all cloud software as insecure, but to check if appropriate cloud security measures have been deployed, including physical, infrastructure, data, application, access control and endpoint security.

Maintenance Management Software Made Easy

Modern CMMS solutions like FacilityBot are leaps and bounds ahead of their early predecessors. By re-imagining how facilities management software should be, we built FacilityBot from the ground up to be affordable, user-friendly, easy to deploy, easy to use and feature-rich.

We believe that giving the easily justifiable Return on Investment for digitizing Facilities Management processes, there should no longer be any reason for facilities managers not to use a CMMS system to manage their operations.

______________________________________________________________

Patrick Sim, Co-Founder of FacilityBot. My interests include creating a messaging-first facilities management system that facilities managers love and building other software systems.

Archives, Global Trade Daily, Software

Why Strategic IT Should be at the Top of Every Executive’s Priority List

August 5th, 2021 Julia Deien and Jason Gotway Leave a comment

To say that technology has been important to business survival in recent years is certainly an understatement. In 2020, 70% of United States employees worked remotely, teams and customers relied on virtual tools to communicate, and a dispersed workforce led to additional concerns about cybersecurity. The result has been not only an increased use of technology, but also a heightened awareness of its role in driving strategic growth – and a long-overdue need for business leaders and executives to add strategic IT experts to their roster of trusted advisors.

From early in the pandemic, technology was inextricably linked to business success; in a world of physical disconnection, there was no longer a choice when it came to digital transformation. The truth, though, is that technology has been influencing the way we do business for decades. Consider the most mission-critical processes in your company; chances are every single one of them involves technology. From client onboarding and team communication to record-keeping and strategic planning, tech is not simply a part of your business – it is the foundation upon which it is built; an essential part of optimizing productivity; and the glue that holds teams, organizations, and customers together regardless of how or where they’re working. As you look towards resurgence and growth, you should be treating your tech just as you do any other foundational pillar – with strategic thoughtfulness and the expert input of business-minded advisors.

Making the Right Business Decisions About Technology: Four Key Considerations

While the importance of technology is more apparent than ever now, the ideal implementation of it within your business may not be so clear. With so many tools, vendors, and applications to choose from, finding the right ones for your company requires not only a willingness to embrace innovation but also the ability to marry technology to overarching business goals. When you do, technology becomes a competitive advantage that lets you work smarter, faster, and more productively: at companies that prioritize making tech highly accessible to their teams, employees spend 17% less time on manual processes, collaborate 16% more often, and make decisions 16% faster. As you consider how to make the right technology choices for your company, here are four key factors to consider:

1. Cybersecurity

Leaders have long known that cybersecurity was a necessary element of their IT support; organizations must have good cyber hygiene, or they could suffer loss of data, money, and reputation. Recently, however, a spike in cyber-attacks has begun to create a heightened awareness of the breadth of cybersecurity – so much so that the Department of Homeland Security recently launched a web page dedicated exclusively to addressing the challenges of increased cyber-threats. Cybersecurity efforts should go much deeper than firewalls and antivirus software; they should be built from a deep view of your entire environment to make sure you are accounting for security in every possible way. How far back should your backups go? Too far and you risk an outdated recovery point. Not far enough and you could lose a swath of critical data in one fell swoop. Is every employee trained in how to spot potential cyber threats? If not, they could easily and unknowingly compromise your company’s security. How many offices does your business have? How many remote employees? How do they need to communicate, and how sensitive is the information they’ll be sharing? All of these questions – and many more – should be at the forefront of your conversations with your technology advisors.

2. Data analytics

Data is the bread and butter of any company. It tells you who your customers are, how your team is functioning, your profit margins, your inefficiencies, the list is practically endless. As your company pursues overall growth goals, there is perhaps no more impactful IT consideration than data analytics. A consumer population that just spent a year and a half reassessing and reprioritizing is already proving unpredictable, and the deeper level of understanding that data analytics can provide will be crucial to ensuring you are addressing what may be brand new pain points – and winning their business. A skilled technology advisor can help you pinpoint the data that will drive your business goals and deliver it to you in a way that helps you make more informed business decisions more quickly. For our clients, we create custom dashboards to relay data about both their company and their industry at large, giving them a multi-layered analytical view of their business that helps them make research-backed decisions that directly drive revenue, productivity, and growth.

3. Automation

Automation can have a huge impact on labor and cost by allowing staff to devote their time and focus to the most complex tasks. In some cases, it can even eliminate the need for additional roles. With a record-high number of businesses reporting trouble hiring right now, this is critical to streamlining operations and progressing toward business goals with fewer staff. The idea of automation is nothing new for executives; it’s likely been discussed among their leadership team for years. What many may not realize, however, is how much it has evolved – and how cost-effective it has become – since those discussions began. The automation tools that used to require expensive, custom development are now simple enough for employees to build them with fairly minimal guidance. It’s estimated that nearly half of all work tasks can be automated by current technology, so working with your advisors to identify opportunities to automate can have a huge impact on your company’s efficiency – and bottom line.

4. Strategic IT consulting

As a business owner, you shouldn’t have to try to keep up with the rapid pace of changes in technology – and with so many other responsibilities on your plate, chances are you couldn’t even if you did try. Your IT team should be more than providers, they should be strategic and holistic advisors in the same way your accounting, financial, and legal advisors are. That means not only keeping you informed about the changing tech landscape, but also helping you connect IT solutions to your overarching business goals by talking to about your company, not just your technology. Do you have plans to expand? What type of growth do you anticipate in your products or services? What are your business goals over the next 12 months? What is your current market share and who are your competitors? What do you wish you were doing better? These are the meaningful, goal-based conversations your IT advisors should be leading to make sure your technology isn’t just working in the background of your business but is actively and strategically driving it forward.

Your Tech is Your Advantage

When you treat technology as a standalone concern – or worse yet, an afterthought – you miss out on the opportunity to leverage it as a major competitive advantage. The technology your company relies on isn’t just about new tools or security or even remote environments; it’s about all of these things working in tandem to move your business forward – not just toward safe and seamless tech, but towards your larger goals for revenue and growth.

__________________________________________________________________

About Anders CPAs + Advisors

For 55 years, Anders has delivered full-service accounting, tax, audit and advisory services to growth-oriented companies, organizations, and individuals. For 26 years, the Anders Technology team has helped businesses across all industries leverage technology to innovate, transform, and improve their bottom lines. Guided by an experienced team of advisors, Anders Technology is a Microsoft Gold Partner, the highest level in the Microsoft Partner Network. For more information on Anders, visit anderscpa.com and follow us on Twitter, Facebook, LinkedIn, and Instagram: @AndersCPA.

About Julia Deien, Microsoft Certified Professional

As a solutions architect and Microsoft Certified Professional, Julia helps organizations achieve their growth by matching technology solutions to business goals. This happens through collaborating with clients and analyzing their technology needs and business processes. Using her expertise in the Microsoft cloud platform and industry knowledge, she consults, designs, and implements technology strategies to help Anders clients not only understand their business’ technology, but maximize its full power.

About Jason Gotway, VSP5, VMTSP, VCP550

Jason is a solutions architect and team lead with over 10 years of experience in technology and cybersecurity. Using his knowledge of methods used by cybersecurity hackers, Jason educates companies and individuals on best practices for staying safe in all things cyber and implementing efforts to avoid cybercrime. He works with businesses to develop customized cybersecurity strategies to keep their company and employees safe and productive, whether they work in-office or remotely.

Archives, Global Trade Daily, Special Reports

5 Tips for Keeping Your Business Data Secure

August 4th, 2021 Gabe Nelson Leave a comment

As a business, you can keep track of data for many customers and from some of the work you have done yourself. Whether it is research or surveys or from other locations, this data is integral to helping you get ahead of the competition.

It can also be personal information from your customers and keeping this secure and safe from hackers who may like to get ahold of the data is so important. But how are you going to keep the data somewhere you can use it while ensuring that it will stay safe?

The good news is that businesses do have options when it comes to keeping their business data as secure as possible. Some of the steps that you can take to keep your business data secure include:

Come Up With Your Strategy

It is never good to have a vague idea of your procedures and policy. You need to have a formally written IT strategy that has all of the details about your plan. This plan needs to lay out how you plan to protect your resources and data along with steps that everyone must take if something goes wrong.

Writing the plan is just the first step. You will need to keep it updated and nearby at all times. When something changes along with your business, you need to bring out that plan and make some of the necessary problems as well.

You may need to sit down with a cybersecurity specialist to help you figure out what steps should be in the plan. This will ensure that nothing is left out of the plan and can help you discover some more of the vulnerabilities that may be present in your network.

Protect Your Network Against Malware

With a plan in place, you are able to take the necessary steps to keep all of the bad stuff out. Come up with a plan that will ward off malware and any other malicious software that could take your data.

Always assume that a hacker is trying to get to your data and be proactive. Some of the ways that you can do this include:

-Apply a firewall: While this is not enough to do on its own, your router’s firewall is going to provide a good line of defense so keep it turned on.

-PC protection: This can include anti-malware and anti-virus protection on your system. You may also need some protection to help protect you against identity theft, suspect websites, and more.

-Clean out the emails: This is often the job of anti-spam software. This can keep the unwanted, unsecured emails out and protects from accidentally hitting one that can cause issues.

Encrypt the Wireless Network

If you are using a wireless network at all, then you need to have some special precautions in place. Encryption is a good place to start, but if it is not done well, hackers are still able to get around it all and can cause trouble. You need to make sure that your router has the right amount of strength to keep others out.

One way is to use encryption here. Another is to turn off the broadcasting function on the router. This will help make your network invisible. When a hacker is not able to see your wireless network, it is a lot harder for them to hack right through it.

Watch the Passwords

Even your password can be strengthened to help safeguard all of the data in your system. This can be a hassle to remember, but the more complexity that you get with the password, the easier it is to protect your data and everything on the system.

There are a few steps that you can take to help safeguard your password. Make sure that it is a minimum of eight characters long and add non-standard characters and numbers as well. This makes it harder for anyone to figure out what the passwords are.

You should also consider changing up the passwords on occasion to make it harder to guess. Using different credentials that are not words and passwords that are random letters and numbers and special characters can be a good option as well.

You may find in this situation that a password manager is going to come in handy. This makes it easier to keep track of these random passwords so you do not need to write them down and risk them being stolen.

For your business, make sure that everyone is on the same page when it comes to passwords. Enforce that these passwords need to be strong to help protect the data by setting up rules that everyone must follow.

Set Up Software Updates

This should be something that is automatic. When you do not complete some of the necessary updates with your software, it makes it much easier for hackers to find some of the vulnerabilities in the system and do what they want inside.

Hackers are more than happy to scan a network or a website to see which version of the software is running at that time. They can then take a look at which vulnerabilities are present for them to explore in some of the older versions.

You should take the time to update your device security settings, any operating system you need, and other software to the newest versions and do any other updates as necessary as you use the system.

You can also set it up so any patches and improvements that come out are going to update for you automatically in the background. This takes out the guesswork on when it needs to be done while protecting your whole network from any potential threats.

Keeping Your Data Safe

As a business, it is your responsibility to keep all of the data that you use as safe as possible. There are different ways to do this but with the help of some of the steps above, you can keep hackers off and keep all of that data as safe as possible.

Archives, Banking, Global Trade Daily, International Trade

Is Saudi Arabia Leading the Race for FinTech Financial Inclusion?

July 8th, 2021 Francois Moreau Leave a comment

It can be hard to keep up with Fintech. Just as the sector appears to be settling into some form of pattern in the UK and USA, where the next notable round of innovation is widely expected to be the automation that is changing the industry, new markets and new centers are emerging.

One of these – and one that was thought to be rather unlikely until fairly recently – is Saudi Arabia. Though the Middle East has long had a promising fintech sector, this has largely been confined to Saudi’s smaller neighbor, UAE.

Now, a range of Saudi startups have raised large sums in seed capital, and seem poised to make a major impact on the industry. In this article, we’ll look at these recent success stories, and explore when they mean for Saudi’s nascent fintech sector.

Saudi Arabia: A New Frontier?

First, let’s take a look at those recent headlines. Back in April, a promising but relatively small Saudi fintech startup, Tamara, announced that it had raised $110 million for its Series A funding. This came as a real shock to industry, and with good reasons – not only was this the largest level of Series A funding ever raised by a Saudi startup, but it was the largest Series A ever raised by a middle eastern startup.

Perhaps the news shouldn’t have come as much of a surprise, though. Observant investors noted that the Saudi fintech sector has been growing steadily over the past few years – from just 10 startups registered under the Fintech Saudi initiative in 2018, to a total of 155 in 2020. And with extra companies comes extra funding – from January to May this year, fintech startups based in Saudi Arabia raised almost $130 million, a whopping jump compared to the $23 million raised by the sector from 2015-2020.

This growth is also likely to continue in the medium term. This level of investment is proving to be an incentive for Western fintech startups, as well, who are now looking to the Middle East as a potential new market for their services. Whether they will be able to take advantage of the size of the market in the region will, however, depend on a number of factors.

As we will see, the biggest problem standing in the way of creating a dynamic Fintech sector in Saudi is not the demand for innovative banking services – that is certainly strong enough. Rather, it is a somewhat traditional banking sector that may be reluctant to open up to technology companies.

Growth Across the Region

Saudi certainly has some well-established models to follow when it comes to catalyzing fintech growth. Bahrain, for instance, is widely regarded as having some of the most fintech-friendly banking regulations in the world, and the sector in that company is growing rapidly. Similarly, Egypt is seen as a real growth market for the sector, given the country’s huge population and a government that seems to be supportive of novel approaches to small business finance.

In both of these countries, government support has been key to encouraging the fintech sector, and Saudi Arabia appears to have recognized this. The Fintech Saudi initiative is the flag bearer for this support, and was launched back in 2018 by the Saudi Central Bank. The bank partnered with the Capital Markets Authority (CMA) in the kingdom, which has played a pivotal role in providing investment funding for fintech startups.

The goals of these investments are certainly ambitious. The mission statement of the CMA states that it is tasked with “transforming Saudi Arabia into an innovative fintech hub with a thriving and responsible fintech ecosystem”. As part of this wide mandate, Fintech Saudi facilitates the licensing process for startups, connects entrepreneurs with investors, service providers, and banks, and has an accelerator program run by Flat6Labs.

This government support is, in turn, part of a broader change across the region, in which governments who were previously averse to change are embracing new ways of doing business. Just as the oil industry is changing, and becoming more transparent, so is the financial sector. And that will have impacts far beyond investors and bank staff because fintech might just be able to make banking truly inclusive.

Open Banking and Inclusion

If, as seems likely, Saudi Arabia becomes a leader in the fintech space, it will act not just as a catalyst for the development of fintech solutions across the region. It will also be the biggest test run yet of one of the central promises of fintech – that this technology can open up banking in a way never seen before.

On the one hand, Saudi Arabia seems like an unlikely place to be at the forefront of inclusive banking. The country is still very conservative and has some of the most secretive banking practices in the world. However, there are signs that the kingdom is open to change – both socially and in regard to the way it does business.

This has been overtly stated by Fintech Saudi, which is developing an open baking framework for the kingdom. Their aim, they say, is to force Saudi banks to be more open, and to share data about their activities more widely. This, in turn, will likely make it easier for under-represented groups in the country – women, most of all – to access banking services.

At the moment, many guest workers and women in the country are under-served by financial institutions, and by allowing them to open accounts it is hoped that the country can become more open generally. In addition, fintech can help these workers to make international payments more easily, sending money back home and sharing the benefits of the strident Saudi economy.

The Challenges

Of course, changing the way in which a conservative country runs its banking system is not going to be easy. The Fintech sector in the country, while attracting a lot of funding, will have to overcome some real challenges if it is going to succeed.

One of these is a skills gap. A recent report from Fintech Saudi, for instance, shows that hiring qualified talent was the primary challenge for 40% of startups in the fintech space. Without qualified workers to power the work of startups, it’s likely that these will either stall or be forced to move their activities (and their profits) elsewhere.

Secondly, there is the issue of cybersecurity. Saudi has been a major target of cyberattacks in recent years, many of which appear to have originated in Iran. While the average fintech startup might not be a target of global cyber-weapons, the sheer number of common cybersecurity risks that the average Saudi company experiences every year could be enough to deter some startups and investors from working in the country.

The Bottom Line

That’s not to say that these challenges don’t have solutions, of course. Open banking has progressed in two ways around the globe in recent years, either via regulators forcing traditional banks to embrace it and work with fintech startups (as is the case in the European Union) or (as we see in the US) incumbent banks opting to partner with open banking providers to keep pace with innovation.

If Saudi Arabia can do the same, while also recognizing that both talent acquisition and customer service are key to success in Fintech, there is no reason why it cannot emulate the success of its neighbors, and become the next global fintech hub.