Data Center Infrastructure Market is Projected to Reach USD 100 Billion by 2027

Archives, Global Trade Daily, Special Reports

Data Center Infrastructure Market is Projected to Reach USD 100 Billion by 2027

April 6th, 2021 Global Market Insights Leave a comment

According to a recent study from market research firm Global Market Insights, The need for data center infrastructure market management among organizations to offer higher energy-efficiencies will be positively driven by the influx of cloud computing, Big Data, and AI solutions. The surge in internet infrastructure activities has led to the generation of large quantities of data by individuals and connected devices.

The rising levels of data traffic have placed an immense power burden on data centers on account of the significant jump in the usage of IoT devices. This has in turn pushed data center operators to increasingly adopt efficient and cost-effective data center infrastructure solutions.

As per a report by Global Market Insights, Inc., the global data center infrastructure market could reach USD 100 billion in annual revenue by 2027.

Owing to the adoption of data analytics, cloud computing, and emerging technologies such as AI, machine learning, and IoT, hyperscale data centers have seen huge demand lately. Big tech giants like Facebook, Amazon, and Google are investing heavily in the construction of hyperscale data center facilities.

These data center infrastructures need high capability and modernized infrastructure for supporting critical IT equipment and offer enhanced data protection. High-density networking servers in these data centers demand security management, power and cooling combinations for enabling energy-efficient operation.

Increasing government initiatives regarding the safety of customer data are encouraging businesses to establish their own data center facilities in the Asia Pacific. For instance, China’s Cybersecurity Law states data localization requirements on Critical Information Infrastructure Operators (CIIOs). The Law guides network operators to analyze, store and process customer data within the country. With this, it is estimated that the Asia Pacific data center infrastructure market may speculate sturdy progress over the forecast period. Multiple initiatives such as Smart Cities, Made in China, and Digital India, may also boost the adoption of IoT and cloud computing in the region.

Mentioned below are some of the key trends driving data center infrastructure market expansion:

1) Growing demand for hyper-scale data centers

Expansion of hyperscale data centers owing to the usage of cloud computing, data analytics, and emerging technologies like IoT, AI, and machine learning are fueling industry outlook. Hyperscale data centers need high capability and modernized infrastructure to improve protection and support the critical IT equipment.

High-density networking servers in hyperscale data centers demand cooling, security management, and power solutions in order to facilitate energy-efficient operation. Major cloud service providers like Facebook Inc., Amazon, and Google LLC are making huge investments in the construction of hyperscale data center facilities.

2) Increasing adoption of data center services

The service segment is anticipated to account for a substantial market share on account of surging demand for scalable infrastructure for supporting high-end applications. Data center services such as monitoring, maintenance, consulting, and design help operators to better manage data centers and their equipment.

Enterprises often need professional, skilled, and managed service providers for the management of systems and optimization of data center infrastructure to obtain efficiencies. Professional service providers having the required technical knowledge and expertise in IT management and data center operations allow streamlining of business processes. These services help to significantly decrease the total cost of operations and maintenance of IT equipment.

3) Robust usage of cooling solutions

There is a proliferation of AI, driverless cars, and robots which are encouraging data center service providers to move strategic IT assets nearer to the network edge. These edge data centers are in turn rapidly shifting towards liquid cooling solutions to run real applications having full-featured hardware and lessen energy consumption for the high-density applications.

Key companies operating in the data center infrastructure market are Panduit Corporation, Hewlett Packard Enterprise Company, Black Box Corporation, Vertiv Group Co., ClimateWorx International, Eaton Corporation, Huawei Technologies Co., Ltd., Cisco Systems, Inc., ABB Ltd, Schneider Electric SE, Degree Controls, Inc., and Dell, Inc.

Source: https://www.gminsights.com/pressrelease/data-center-infrastructure-market

Archives, Global Logistics, Global Trade Daily

The Post-COVID Playbook: Shockproof Your Supply Chain — Now

March 4th, 2021 Ryan Elliott and Jennifer Bisceglie Leave a comment

There’s more turmoil ahead, but artificial intelligence and machine learning will cut through the noise for faster solutions.

Around the world, supply chains are in the spotlight like never before. When COVID-19 struck, chaos often ensued, much of it supply chain related. Governments weren’t able to source essential medical supplies, and shoppers were left staring helplessly at empty shelves.

In 2020, countless businesses discovered they were reliant on one another in ways they had never realized. Globalization has left all of us interconnected through supply chains too complex for traditional methodologies – annual surveys and manual checklists – to manage.

Even after the pandemic subsides, there will be severe and lasting economic turmoil that will require companies to continually scrutinize their global supply chains. At the same time, it’s very likely that COVID-19 will not be the last shock of this decade, but one of many. In the 2020s, global supply chains will have to contend with everything from climate change and natural disasters, to the rise of protectionism and the threats posed by cyberwarfare and security breaches.

In recognition of the growing importance of supply chain resilience, U.S. President Joe Biden has issued an executive order to launch a 100-day review of supply chains critical to national security, public health, public safety and job creation. This is an important step toward ensuring operational resilience for both the public and private sectors, but there is more work to be done.

The sole supply chain question used to be: “Are we as cost-efficient as we can be?” Now it is: “Where in the world should I be doing business and with whom?” And, if something adverse is happening: “Where else should I be doing business so that I have some agility and operational resilience?”

Yet help is at hand: artificial intelligence (AI) and machine learning (ML) can enable companies to better understand their supply chains in weeks, rather than months or years. Often these technologies expose a matrix of previously unknown vulnerabilities. By combining the right capabilities with insight and experience, you can shockproof your supply chain now and survive the challenges ahead.

Global supply chains in the time of coronavirus

In early 2020, as the deadly virus was quietly spreading in China, the first sign that international business operations were about to take a hit came in mid-February, when Apple announced it would miss its quarterly revenue target of $63 billion–$67 billion. As China took steps to contain the virus, affecting Apple’s supply chain, the company’s stock fell 11.7 percent. Clearly when Wuhan shut down, there were ripple effects—and some affected companies were unaware of their dependency on China until that moment.

We are still feeling the ripple effects of those early COVID-driven supply chain shocks today. Early COVID outbreaks redirected consumer demand for silicon chips from automakers to consumer electronics. Now that demand has started to swing back, automakers have found themselves in the midst of a silicon shortage, with research firm IHS Markit estimating that 672,000 fewer vehicles will be produced in Q1 2021 as a result.

Businesses that relied on spreadsheets and manual checking systems to track their cross-border supply chain relationships struggled to assess their exposure to the knock-on effects of the virus. Few companies had the necessary technologies in place or knew where to get them.

Before COVID, most companies knew who their prime suppliers were and had some knowledge of their suppliers’ suppliers. But supply chains in the age of optimization are vastly more complex. With globalization have come third- and fourth-tier linkages and beyond, spanning to hundreds and thousands of intricate and complex connections that extend all over the world. The loss of a single component low down the chain can create disruption and prolonged chaos at the top.

This is how the closing of a factory in China leads to a sudden shortage of iPhones, which may be manufactured in another country, and how the fragility of the global supply chain—unnoticed for a quarter of a century—was exposed for all to see.

Looking back a few decades, the intricate interconnectedness of cross-border supply chains became systemic in the 1990s. Offshoring was a new global trend and “just-in-time” methods pioneered by Japan were adopted worldwide. As supply chains straddled more and more borders, business leaders should have been asking: “Who are we doing business with, where are we doing it, what resources are we ultimately reliant upon, and what does that mean for me and my business?”

Now’s the time to learn some lessons from the pandemic. To ensure the continuity of their operations, businesses need to make themselves aware of—and understand how to respond to—the potential shocks to come. As threats evolve and change, constant vigilance is required.

For most multinational companies, discerning supply chain risks can be as perplexing as staring at a Monet painting close up. But AI and ML can help them focus: these technologies can resolve the patterns in the many millions of dots—the intimate connections between companies in a complex supply chain. However, you still need human insight to interpret the patterns and understand how to adapt. In the uncertain years ahead, with the help of AI and business intelligence, it’s possible to turn these threats into opportunities and gain an edge on competitors

Future-proofing: a how-to guide

Supply chain threats are manifold and, as COVID has taught us, can cut deeper than anyone anticipated. Here are some of the larger global risk themes to consider for future-proofing:

Second and third waves. To date, COVID-19 has claimed over 2 million lives worldwide, caused severe economic damage, and made it harder to transport goods across borders. Many countries are now experiencing second and third waves of the virus, potentially causing a resurgence of global supply chain problems. Businesses need to put emergency planning in place now.

Natural disasters and national emergencies. COVID-19 is the latest in a series of unforeseen shocks. The global financial crisis of 2008 caused havoc in the markets, the 2010 volcanic ash cloud in Iceland grounded air travel worldwide, and the Tōhoku earthquake and tsunami of 2011 caused disruption to businesses reliant on Japan. Last year, companies linked to Lebanon were affected by the explosion in Beirut and in Australia by the devastating bushfires. The list goes on.

Climate change. Rapid melting of ice caps, rising sea levels, and prolonged periods of drought may make some areas uninhabitable, prompting the movement of peoples and affecting production in industries such as food, fisheries, and agriculture.

Even before COVID-19, some governments were starting to view their reliance on China as an issue, particularly in the context of the US-China trade wars. The U.S. had vowed to bring production “back home” and introduced legislation to ban 5G technology company Huawei, affecting at least a dozen industries, including aerospace, technology, and auto manufacturing—all of which count the federal government as a customer. The new U.S. defense law encompasses all global subsidiaries and service providers deep within a firm’s supply chain.

Environmental, social, and corporate governance (ESG). Companies are being held accountable for the actions of their far-flung suppliers, of which they are often unaware. Businesses need to ensure suppliers at all levels of their supply chain align with their own values and commitments.

Cyberattacks and data theft. In the Internet age, many supply chains are digital, but this doesn’t make them any more resistant to sudden shocks. Cybercrimes such as hacking and phishing are at least as prolific now as before the pandemic, possibly more so because the attention on them has been redirected elsewhere. The global financial industry, for example, relies on thousands of card-based applications that require different access controls and are the constant target of cyberattack. It’s practically impossible to track such vulnerabilities without incorporating AI and ML into a comprehensive risk management strategy.

Managing concentration risk

An overly concentrated supply chain — one reliant on a handful of suppliers or many suppliers located in the same geographic area – exposes a business to risk. All manner of events can take place without warning, with almost overnight repercussions.

Even if you seemingly have no relationship to a particular area, your second- and third-tier connections might. The only way to track and trace potential sources of problems—and start building resilience toward them—is to make concentration risk a key part of your strategic thinking.

In some industries, such as technology, there’s now so much specialization that a supply chain could be sourcing hundreds of thousands of components produced in hundreds of different places – or even more precariously, in just a few locations. An incident in a far-flung corner of the globe you know little about could have major implications for your profit forecasts.

To determine where the potential problems are and address them, having AI capability is paramount—followed by skillful, nuanced, and complex analysis of the data. This process can help identify alternative sources of supply and begin to develop a strategic roadmap with a view to achieving uninterrupted operational resilience.

Protecting your brand and reputation

The consequences of failing to analyze, stave off, or sidestep concentration risks are hard to overstate. The short-term risks are immediately evident: customers won’t be able to buy products they need because interruptions in the supply chain mean businesses can’t produce, supply, or sell them. Long-term, there could be grave consequences for the brand and reputation.

This is why maintaining a robust supply chain must remain a top priority post-COVID for any company with a strategic mindset. The pandemic has clearly demonstrated the importance of understanding where your weaknesses lie, preparing contingency plans, and preventing supply chain breakdown. A situation that develops overnight can leave a CEO on the hook with shareholders and stakeholders the next morning, unless a plan is already in place for immediate deployment.

Now is the time to start investing in advanced technological capabilities—to uncover potential risks, to formulate the most effective coping strategies and to optimally position your company for new opportunities with competitive advantage. It’s a sort of high-tech sleuthing exercise. That said, we live in an age of unprecedented technological advancement. Human wisdom must be brought to bear in order to understand what needs to change—and that starts with a dynamic and proactive leadership mentality. “No man ever steps in the same river twice, for it’s not the same river and he’s not the same man,” wrote the Greek philosopher Heraclitus. Exactly the same can be said of businesses and their extended supply chains.

_____________________________________________________________________

Ryan Elliott is a Partner at Kearney, a leading global management consulting partnership in more than 40 countries.

Jennifer Bisceglie is the CEO of Interos, the first and only business relationship intelligence platform to protect enterprise ecosystems from financial, operations, governance, geographic, and cyber risk in every tier of enterprise supply chains, continuously.

Archives, Global Trade Daily, Software

Is Your Company Secure On The Cloud? 5 Must-Knows To Manage Risks.

February 24th, 2021 Tim Mercer Leave a comment

Cybersecurity breaches have become all too common, putting public health, individuals’ private information, and companies in jeopardy.

With cloud computing prevalent in business as a way to store and share data, workloads and software, a greater amount of sensitive material is potentially at risk. Therefore, company leaders need to prioritize cloud security and know how to manage the risks, says Tim Mercer (www.timtmercer.com), ForbesBooks author of Bootstrapped Millionaire: Defying the Odds of Business.

“Cloud adoption is a business model that provides convenience, cost savings, and near-permanent uptimes compared to on-premises infrastructure,” Mercer says. “But cyberattacks continue to plague organizations of every size, and moving your IT infrastructure and services to cloud environments requires a different approach to traditional deployments.

“A private cloud keeps all infrastructure and systems under the company’s control, while a public cloud hands over the responsibility to a third-party company. In hybrid deployments, which most organizations adopt, some services are in the public cloud infrastructure while others remain in the company’s data center. Regardless of which cloud deployment you choose, you should know the cloud security basics or consult with cybersecurity experts before migrating to the new environment.”

Mercer offers five points company leaders need to know about cloud security to help manage their risks:

Shared resources for multi-tenancy cloud customers. “Multi-tenancy refers to the shared resources your cloud service provider will allocate to your information,” Mercer says. “The way the cloud and virtualization works is, instead of physical infrastructure dedicated to a single organization or application, virtual servers sit on the same box and share resources between containers.” A container is a standard unit of software that packages code and helps the application run reliably from one computing environment to another. “You should ensure that your cloud service provider secures your containers and prevents other entities from accessing your information,” Mercer says.

Data encryption during transmission and at rest. Accessing data from a remote location requires that a company’s service provider encrypt all the business’ information – whether at rest in the virtual environment or when being transmitted via the internet. “Even when the service provider’s applications access your information,” Mercer says, “it should not be readable by anyone else except your company’s resources. To protect your information, ask your service provider about what encryption they use to secure your data.”

Centralized visibility of your cloud infrastructure. Mercer says it’s not enough to trust service providers; you’ll also want to verify that your data remains secure in their host environments. “Cloud workload protection tools provide centralized visibility of all your information so you can get adequate oversight of the environment,” Mercer says. “Ask your cloud company if they can provide you with security tools such as network traffic analysis and inspection of cloud environments for malicious content.”

An integrated and secure access control model. Access control models remain a major risk in cloud environments. “Your provider should have cloud-based security that includes a management solution to control user roles and maintain access privileges,” Mercer says.

Vendor sprawl management with threat intelligence. “In complex cloud deployments,” Mercer says, “you may end up using different vendors, each with its own cybersecurity framework. Threat intelligence solutions can provide you with clear insight into all your vendors and the latest global threats that could put your business systems at risk. A threat intelligence tool will gather and curate information from a variety of cybersecurity research firms and alert you to any vulnerabilities in your vendor’s system.”

“For any organization that’s considering a complete cloud migration, understanding the entire threat landscape is essential,” Mercer says. “A team of cybersecurity experts can assist with the planning and oversight of your cloud migration to mitigate risks and establish the necessary controls.”

______________________________________________________________

Tim Mercer (www.timtmercer.com) is the founder of IBOXG, a company that provides technology services and solutions to government agencies and Fortune 500 corporations. He also is the ForbesBooks author of Bootstrapped Millionaire: Defying the Odds of Business. Mercer was inspired to pursue a career in IT as a consultant after he became a telecom operator while in the U.S. Army. After growing up in difficult economic circumstances in the rural South, Mercer achieved success as an entrepreneur, then recovered from the financial crisis of 2007-2008 after starting IBOXG. The company has accrued over $60 million in revenues since its inception in 2008.

Archives, Global Trade Daily, Software, Special Reports

The Evolution of Cybersecurity

February 19th, 2021 Heinan Landa, Founder & CEO, Optimal Networks Leave a comment

Last year we saw cybercriminals seizing a massive business opportunity.

Our rapid shift to working from home due to COVID-19, plus heightened financial, political, social, and emotional stressors presented a perfect storm:

-The consumer-grade routers and electronics we use at home are inherently less secure than the centrally managed commercial-grade devices at our offices.

-Many home networks are already compromised. In April 2020, BitSight found that 45% of companies had malware originating from an employee’s home network.

-Social engineering hacks like phishing, vishing, and smishing thrive when victims are preoccupied or fearful.

Our organizations became very vulnerable very suddenly, and bad actors did not hesitate to cash in. In March alone scammers ramped up COVID-related phishing scams by 667%. Overall, the FBI’s Internet Cybercrime Complaint Center (IC3) saw a 400% increase in reported cyberattacks in 2020.

While the events of last year presented a unique scenario for all of us, the swift and aggressive response from bad actors is indicative of a trend that will, unfortunately, persist: cybercriminals have organized themselves into a successful enterprise that continues to innovate and evolve for maximum profit.

And that profit is sizable: According to a March 2020 study by Atlas VPN, cybercriminals bring in over $1.5 trillion per year in revenue—more than Facebook, Walmart, Apple, Tesla, and Microsoft combined.

Why does it matter?

Our only option when it comes to mitigating (not eliminating) the risk of a breach is to match ever-evolving threats with an ever-evolving security strategy.

Cyber defenses cannot be “set and forget” anymore; while antivirus software, firewalls, and active monitoring tools are essential components of that defense, they are no substitute for human vigilance.

Not only that, but our concept of vigilance must recognize the potential for highly sophisticated cyber breaches that span weeks or even months. Instead of snatching valuable data in discrete intrusions, cybercriminals are siphoning it off via prolonged, methodical interactions with victims. One popular scam works like this:

-The bad actor identifies who in your organization processes payments.

-They gain access to that person’s email account, generally through a standard phishing email.

-They monitor the email account over a period of time to identify high-dollar vendors.

-They craft a spoofed domain and impersonate that vendor (think accounting@optima1networks.com).

-The target receives an unassuming email from the “vendor” with instructions to remit future payments to a new account (guess whose).

-The target continues paying the fraudster until you or your vendor realizes the mistake.

These targeted exploits cost US victims roughly $1.7 billion in 2019, up 33% from 2018.

Attacks like this harm your business in two ways:

-Directly: In addition to funds stolen by a hacker, you may incur ransom payments, downtime while your data is recovered, and steep labor costs for emergency IT support. In the case of ransomware attacks, average downtime is 19 days, and costs to remediate average $730,000 for those who don’t pay the ransom, and $1.45MM for those who do.

-Indirectly: Your reputation takes a hit when news of a breach gets out (every state government requires some form of disclosure). Cybersecurity audits are becoming a popular precursor to business engagements and memberships, and 38% of businesses report losing customers because of real or perceived gaps in their cybersecurity posture.

While there will never be a silver bullet when it comes to cybersecurity, it’s imperative we adapt both our defenses and our mindset to best protect ourselves in this new landscape.

Our recommendations

More cybercriminals are entering the space, and they are more organized, disciplined, and persistent than ever. This means that our cybersecurity strategies must rise to meet this new challenge, and that what we used to view as “advanced” measures must now become our baseline.

At minimum, we recommend you implement the following:

1. Advanced Endpoint Protection on all machines accessing corporate data. Centralized anti-malware only checks for known virus definitions. Add Next Generation protection that uses Artificial Intelligence to flag all “unusual” behavior, and either kill the process or alert a Security Operations Center (SOC) to intervene.

2. Two-Factor Authentication (2FA). Strong passwords are no longer sufficient. Turn on two-factor authentication for any accounts and systems that don’t already have it. Check regularly to make sure all accounts are covered. 2FA makes it much harder for unauthorized users to gain access to your system even if they obtain your password.

3. Backup and recovery for all cloud apps. Most popular applications (like Microsoft 365) have some backup built-in, but in a limited capacity. Do you have sufficient retention policies? Would you be able to restore files encrypted or lost to malware? Protect your Microsoft 365 email, SharePoint, Teams, OneDrive, and other online apps with a supplemental cloud backup service.

4. Firewall with Intrusion Detection. An up-to-date firewall is a start, but we recommend also employing Intrusion Detection to monitor network traffic for potentially malicious behavior.

5. Security Awareness Training. In addition to annual training, continually feed your employees security tips, and continually test with phishing simulations. It is essential that security remains top-of-mind year-round.

There are several security frameworks like NIST, ISO, and CMMC that can provide structure to your security efforts even if you aren’t subject to compliance regulations. These can feel overwhelming to tackle, but the items above will get you well on your way to fulfilling the core requirements.

Beyond this, it’s critical to embrace the mindset that a network is only as secure as its users are vigilant and adaptive. The sophistication and sheer volume of today’s cyber threats demand that:

-Cybersecurity expenditures get their own line item in your annual budget.

-Your cybersecurity posture needs annual review as new threats are emerging all the time.

Most importantly, you need a resource who is qualified to assess your specific business needs and construct a solution that coordinates the technical and human components of your cyber defense.

________________________________________________

Heinan Landa is the Founder and CEO of Optimal Networks, Inc., a globally ranked IT services firm, the creator of Law Firm Anywhere, a virtual desktop solution that helps attorneys work seamlessly and securely from anywhere, and author of The Modern Law Firm: How to Thrive in an Era of Rapid Technological Change. After earning his B.S. and M.S. in Electrical Engineering and Computer Science from Johns Hopkins University, Heinan went on to receive his MBA from The Wharton School of Business. Featured in Legal Management, Legal Times, Chief Executive, Inc. Magazine, Forbes, CIO, and with regular appearances on ABC7, CBS9, and FOX5 TV, Heinan is a trusted leader in the legal, technology, and business spaces. For more, www.optimalnetworks.com, 240-499-7900, or hlanda@optimalnetworks.com.

Archives, Global Trade Daily, Software

The Soft Skills You Should Look For When Recruiting IT Hires

February 7th, 2021 Gabe Nelson Leave a comment

When you hear soft skills, you may wonder what it means. Like software, soft skills are innate, internal, and interpersonal skills that help people maximize their hard skills. Soft skills are so named because; you mostly don’t have a certificate to show for it. They reflect who you are independent of your educational and professional IT certifications.

Soft skills include your communication skills, how you perform under pressure, your collaborative skills, etc. As an employer, it’s okay to want the most qualified person for the job, but much more than the certificate, you should look out for these soft skills too when recruiting your IT hires.

1. Integrity

As an employer, probably recruiting the first set of your IT hires or filling a vacant position, one uncompromising soft skill you will want to look out for is integrity. Yes! Integrity can’t be compromised, as your IT hires have to people you can trust wholeheartedly.

The top signs of persons with integrity include the ability to give an honest report. They would also be forthcoming and straightforward. While this skill is not easily observed except when tested or the situation demands it, there are a set of interview questions you can ask to determine the strength of a person’s integrity.

You can ask questions that border on past experiences like:

-What was your response to a situation that tested your integrity in the past?

-Can you tell lies to protect the company’s image?

Now, it’s not so much about the answers the applicant gives, but about how they answer the questions. Someone with integrity will not lie for any reason; instead, they will find ways to tell the truth in a way that won’t harm the company.

2. Intelligence

This is another very essential soft skill for an IT hire. Intelligence isn’t just about your school grades or awards. Intelligence is how well you can apply all the lessons you’ve learned since growing up to do a seemingly difficult task. To put it simply, intelligence is the activities you do that gets you out of a difficult situation, especially when you don’t know what to do.

As an IT employer, you shouldn’t just employ an honest person. They should be someone that is proactive and can think on their feet. You can assess this type of skill when interviewing by asking ‘on the spot questions’ unrelated to the technical field. Questions that require fast and on the spot thinking.

The goal is to check the thinking pattern and how fast they can think. Another quick method to determine this is to play a game. Games such as ‘Chess game’ or caught in the maze require your intelligence to play effectively.

3. Time Management Skills

There will be times when your IT Company will have to meet tight deadlines. The best approach to get the work done is to prioritize tasks in order of deadline. It is important your employees are people that understand the significance of keeping to time and managing time effectively.

The time management skill will ensure they know how to prioritize tasks when necessary. You can assess this skill by asking hypothetical behavioral questions. You can also give some sets of mini-tasks within a stipulated time and see how well and how fast they get the job done.

4. Communication Skills

The ability to communicate with people on a personal level will go far in growing your IT Company. It’s easy for IT recruiters to get caught up in the technology and forget to pay attention to the candidate’s communication skills. There is a fine balance between being tech-savvy and having a friendly personality – so you need to be clear on which quality the candidate possesses.

As a recruiter, you need to know that your employee also has a soft side and is willing to connect with people personally. If the candidate doesn’t seem capable of doing that, it may be a good idea to find someone who does!

Besides, if the candidate can connect well with those in charge, they’ll likely do a better job – and the results will reflect that. It’s one of the many reasons that soft skills are essential in today’s IT industry.

5. Creativity

Being creative is non-negotiable. The ability to be creative goes hand in hand with being intelligent. The only twist is that being creative gives you the edge of seeing more than one way to get a task done. With the ability to see more than one approach, you are usually at the forefront of most tasks. A creative person has a highly active and imaginative mind that makes innovation a part of them.

Being innovative is a soft skill, but like intelligence, it also comes with being creative. This means that being creative allows you to have more than one or two soft skills. As a recruiter, one skill you have to set your eagle eyes on when searching for soft skills in your IT hires is the ability to be creative.

You can test the skill by asking hypothetical behavioral questions or giving a task that demands creativity.

6. Self-Motivation

Dragging employees around or giving instructions for every little detail can be tiring. You need employees that are self-motivated and can work independently with little or no supervision. The thing is, you may not be able to assess a person’s self-motivation easily.

However, you can determine how self-motivated he is by checking the number of extra-curricular activities he has done before. These should be well highlighted in the resume. You can also ask questions like:

-How did he get to know about the job vacancy?

-Have you been in any leadership position before?

-Give instances where you worked with little or no supervision?

7. Enthusiasm

One of the things you should look for when it comes to a potential candidate is their interest in learning more about the industry in which they’re interested in working. If the candidate seems excited about the opportunity they’re applying for, they’ll probably be happy to help you.

If the applicant asks questions that show an interest in understanding the company more, they’ll likely do even better. This indicates that the candidate is interested in the company and can easily take the initiative.

If you get a chance to meet such an applicant behind the desk, take advantage of this opportunity – you’ll get a great feeling from their personality that could easily transfer to the position you’re looking to fill.

8. Teamwork

Some IT tasks require the ability to work effectively with a team. As a recruiter, you need to watch out for people that can work and cooperate well with others on the same task. Some skills required to achieve teamwork include excellent communication skills and the ability to follow instructions.

This is because cooperation can only be achieved when communication is effective. For instance, if the job role is coding, you may not need to worry about teamwork that much, but if the applicant roles involve networking or administration, they will definitely need to work with a team. You can check the resumes to see instances of teamwork done in the past.

The Right Hires Will Have The Necessary Soft Skills

Recruiting IT hires demands that you sharpen your eagle eyes and sense to recognize soft skills to promote your IT Company. Most companies now have IT departments that need people with hard skills like computer programming, software engineering, website designing, etc. And truthfully, there a lot of people with these qualifications.

However, you also need people with soft skills that are self-motivated, good communicators, and enthusiastic about the company’s growth. The right hires are people that have balanced soft and hard skills. With these people in your team, your company can grow to its potential. And you do want that, don’t you?

Archives, Global Trade Daily, Software, Special Reports

Top Security Threats E-commerce is Facing Today — And How to Solve Them

December 28th, 2020 JBramble Leave a comment

E-commerce has been on an upward swing in recent years. And with COVID driving many businesses to migrate online, e-commerce is growing faster than ever before, with companies like Amazon and Alibaba at the helm of the virtual ride. But this rapid, transformative, and digital journey is not without its threats and dangers. Ironically, the same emerging technologies enabling the growth of e-commerce also present the most pressing and imminent security threats.

With Great Connectivity Comes Great Responsibility

Medium explains how the Internet of Things (IoT) refers to smart devices connected over the web. This includes everything from smartphones and smart home appliances to web-controllable sensors and switches in industrial equipment. The GPS and web-enabled systems in private cars and cargo vehicles are part of the IoT as well. And so are smart medical health-monitoring devices and specialized industrial sensors. All of this allows the IoT to be used to collect the most comprehensive big data sets on consumer behavior in the history of commerce. It’s also obvious how smartphones have been an integral part of e-commerce growth. With all that being said, each smart device that has access to your network is a potential gateway to stealing you and your customers’ data.

The usefulness of universal connectivity stops at any point that hackers can exploit. This is why the operating systems of our phones and laptops continuously update, and why companies should likewise always practice updating the security software of their own internal systems. As 5G enters the picture and makes the IoT even bigger, these measures are more crucial than ever before.

The Bigger the Data, the Bigger the Threat

Hackers target e-commerce companies because of the large potential for finding financial and other useful data. This risk will be exacerbated by the emerging technologies that will come to dominate e-commerce transactions. Augmented reality (AR) is one such technology, as it allows consumers highly unique perspectives on the items they want to buy. Using advanced AR, all you need is to point your phone at your living room to see how that new couch will look, or turn the camera to yourself to get a preview of how you’ll look in a certain hairstyle. All of these applications and more will enable the creation of new data in the form of actual footage of consumer behavior and their private spaces – potential new avenues for hackers to exploit.

Poor Security Education

All of these threats point to the alarming reality that everyone from consumers to e-commerce executives are still poorly educated in terms of cybersecurity. In fact, there’s been a spike in the national demand for cybersecurity professionals in recent years. But the good news is that some of America’s top universities are already rising up to the challenge. The rapidly growing cybersecurity program at Indiana State University (ISU) for instance has recently partnered with three different tech firms in efforts to meet the growing demand. ISU’s partnerships are aimed at not only enabling distance learning or online coursework for students but also giving them the penetration skills necessary to immediately get cybersecurity positions upon graduation.

This is not a new approach. Any graduate of the long-standing online cybersecurity master’s program at Maryville University is a trained ethical hacking expert who is also a Certified Information Systems Security Professional and EnCase Certified Examiner with a CompTIA Security+ qualification. As those two universities show, companies looking to hire cybersecurity experts to work full time or consult should not be put off by those who have an online degree, as they are just as valid as traditional on-campus degrees.

Armed with professional-level cybersecurity knowledge, you and your team can more confidently tackle threats through consistent security practices and by developing a long-term cyber protection plan. Keep updating these practices and your strategy as cybersecurity changes with the times. Be aware of the dangers you may face as your company adopts new e-commerce technologies. Learn as much as you can about protecting your e-commerce business from the hackers of the future.

Archives, Banking, Global Trade Daily

SentiLink Shares What Businesses Should Know About Synthetic Fraud in Exclusive Q&A

December 22nd, 2020 Sarah Hoisington Leave a comment

In the following Q&A, we learn all things synthetic fraud, from risk mitigation to what businesses can do now to effectively combat this new challenge for global businesses.

What is synthetic fraud and how does it differ from fraud?

Synthetic fraud is a type of fraud where a falsified or manipulated identity is used to open consumer and business financial services accounts. It’s very different from ID theft because there’s no victim that comes forward to claim their identity has been stolen. As a result, synthetic identities go undetected for years. So, not only does synthetic fraud cost banks and lenders billions of dollars a year in losses, but these identities facilitate all sorts of criminal activities.

How is Sentilink revealing the risks of synthetic fraud (Through a report, through research, through other means)?

SentiLink offers several solutions that credit unions prevent synthetic fraud.

Synthetic Scores: SentiLink’s Synthetic Scores product indicates the likelihood that an identity is synthetic. Synthetic Scores are made available to clients via API or a user-friendly Dashboard.

Manifest – Manifest is the identity data leveraged by the machine learning algorithm that generates SentiLink’s Synthetic Scores. This dataset includes information from the credit bureau, utility records, the death master file, as well as phone and email data. SentiLink enriches this identity data and makes it available in the Manifest product via API and the Dashboard. Clients can incorporate Manifest in their proprietary models or utilize the data to investigate individual cases via the Dashboard.

eCBSV – For the first time ever, it’s possible to validate Social Security numbers with the Social Security Administration’s database of SSNs in real-time using eCBSV. With applicant consent, financial institutions can send their applicants’ names, dates of birth, and SSNs to SentiLink via API and receive a match or no-match response within milliseconds. This service enables lenders who have historically required SSA-89 forms, such as mortgage lenders, to shave days off the loan origination process.

Why is synthetic fraud more of a risk to credit unions rather than to other establishments?

To be clear, synthetic fraud is a risk to all financial institutions. But, some credit unions may think that the membership requirements to join are a deterrent to synthetic fraud. But, we’ve seen that fraudsters are able to become members and get loans from credit unions.

What could credit unions be doing that would help them lessen the risk of synthetic fraud?

There are several things credit unions can do:

Education is the first step. The Federal Reserve wrote 3 white papers on synthetic fraud that are very informative.

Pay special attention to the Social Security number of applicants applying. If the SSN was issued in a state where the applicant doesn’t have address history, this is a potential red flag. If the SSN was issued in a year that’s different than the date of birth, this is a potential red flag. It doesn’t necessarily mean a synthetic identity is being used to apply, but these are scenarios that potentially warrant additional verification. Validating the SSN using an SSA-89 form or eCBSV is a smart approach.

Labeling losses according to the type of fraud is also important. Knowing whether a loss was due to ID theft, synthetic fraud, and other types of fraud will enable a credit union to measure losses due to each type of fraud and learn how to recognize similar identities when they apply.

What are the 7 synthetic identities and how does it work/identify?

Perhaps I should clarify the statement, “1 in 7 synthetic identities has a credit line from a credit union.” SentiLink has tagged over 100,000 synthetic identities. We have a subset of these identities where we can see what financial institutions gave these fake consumers a loan. Our analysis showed that 1 in 7 of these synthetic identities had a loan from a credit union. The point we were trying to make is that credit unions are at risk for synthetic fraud just like other banks, fintechs, and lenders.

What do you mean by “tradeline from a credit union with balances 2/5X higher?

We looked at the loan size that credit unions issued to these synthetic identities and compared them to the loan size that they gave to non-synthetic identities and found that the balances issued to synthetic identities were significantly higher. So, the credit unions lost a lot more money when issuing loans to synthetic identities. This is another reason why credit unions should work to identify synthetic identities before they become members, so they don’t experience these losses.

What are the risks to a credit union in regard to synthetic fraud?

The risks are losses and compliance. As mentioned above, synthetic identities cause significant losses to financial institutions. But, there is also the regulatory requirement to Know Your Customer. KYC solutions can’t detect synthetic identities, and as regulators become more aware of this issue, their expectations around what constitutes appropriate KYC measures is likely to change. If credit unions are issuing loans to synthetic identities, they aren’t conducting appropriate due diligence to know their customer. Their ability to comply with KYC requirements will suffer if they don’t address synthetic fraud.

What are the warning signs that credit unions should pay attention to?

Certainly, upticks in losses can be a sign of increased synthetic fraud. But, also things like the same address being used frequently to apply for loans can be a sign that a group of fraudsters is attacking a credit union.

What do you see as the future of credit unions in relation to this type of fraud?

Synthetic fraud is going to be an issue for credit unions for the foreseeable future. Unlike id theft where fraudsters steal an identity and have to quickly take out a loan, take the money and move on, synthetic identities can be used over and over again for a very long period of time. And, synthetic identities are easy to create so it’s something credit unions are going to have to learn about in order to detect and stop them from impacting their business.

__________________________________________________________________

Sarah Hoisington is head of Marketing at SentiLink, a fraud protection tech firm helping financial institutions and government agencies.

Archives, Banking, Global Trade Daily, Software

Here are the Top Tips for Preventing ACH Credit Fraud

November 11th, 2020 Josh Cyphers Leave a comment

Forced to work from home during COVID-19, accounts payable departments have accelerated plans to move away from paper checks and pay more of their suppliers by ACH. That, in turn, accelerated another trend: fraud. Through social engineering, fraud attacks on ACH credits are most commonly known as Business Email Compromises or BECs.

According to the 2020 AFP Payments and Fraud Control Survey Report, for the first time, in 2019, BEC schemes were the most common type of fraud attack experienced, with 75 percent of organizations experiencing an attack and 54 percent of those reporting financial losses. ACH credits—outgoing payments from buyer to supplier—were targeted in 37 percent of BEC schemes.

The problem has only gotten worse in 2020. In the September edition of their Fraud in the Wake of COVID-19 Benchmarking Report, the ACFE reports that 90 percent of respondents have seen an increase in cyber fraud frequency from July through August. This included BECs.

Three-quarters of respondents said that preventing and detecting fraud has become more difficult in the current environment, and more than 90 percent expect attacks to increase. Organizations are under siege, and nearly one-third have received no guidance from banking partners about mitigating ACH credit risks.

What can organizations do?

Defeating BECs requires a multi-pronged approach. Ongoing anti-fraud training is important because these emails are getting more convincing every day. Fraudsters have become experts in user data and A/B testing, which reduces elements that alert their victims of illegitimate changes to their accounts. Strong internal controls are also important and network security, which prevents parties from gaining access to internal systems.

Here are four ways to help reduce your risk of ACH credit fraud.

1. Handle with Care

Thwarting ACH credit fraud is all about handling supplier banking data securely, which accounts payable must have on hand to transmit their payment file to the bank. This data is often stored in the ERP system, or sometimes on an Excel spreadsheet, where AP staff has been recorded during supplier onboarding. Sometimes it’s stored when a supplier updates their information. Fraudulent change requests are one of the most frequent avenues of attack.

Let’s say you’ve got a new person in accounts payable who isn’t fully trained yet. This person gets an email from a supplier, asking to update their bank account information.

Your new hire, eager to please, fulfills the request, inputting a new routing number and bank account, unaware that a million-dollar payment to that supplier is going out the next day. Nobody realizes what’s happened until two weeks later when the real supplier calls, asking for payment.

By then, it’s too late to reel ACH payments back in. You can call the FBI and the bank. They may try to help you, but if the thieves are sophisticated enough, they’ve already moved the money to offshore accounts, and it’s completely gone.

2. Secure Information

You should never use an unsecured email for banking information updates, although a surprising number of companies still do. It’s too easy for a hacker to intercept one of those emails and use the information within it for their own means. If they get contact or bank account information, they can pose as legitimate suppliers and circumvent internal controls. Some businesses even keep information in spreadsheets or their ERPs, but systems like those aren’t designed to store data securely.

Some companies allow suppliers to update their own information in supplier portals. That might work, provided that companies manage secure portal access and verify all updates. However, if suppliers can log in and update information, it’s likely that hackers can access the same information with very little resistance.

The most sophisticated approach that I’ve seen so far includes a trained procurement team, who verifies and validates all changes that come through.

There are a couple of drawbacks to this approach. It’s a big IT investment with plenty of labor asks. Even then, it’s still prone to internal fraud. At the end of the day, even the best systems will still have their risks. The goal is to minimize them.

3. Look at Fees

Companies often try to shift the risk and time burden to others, with some success. For example, they may choose to pay their suppliers by card., which puts the risk on credit card networks. In cases of card fraud, it’s more likely that payments can be canceled or refunded.

Virtual cards offer even more security because they provide unique numbers, which can only be used by a specified supplier for a specified amount. The big drawback is that not all suppliers accept cards—there are fees to consider.

An organization I’m familiar with pays many of its suppliers with PayPal. Their supplier—most of them small businesses—are located around the world. AP doesn’t have the time or staff to verify payment information, validate bank accounts, and deal with ongoing updates. As the intermediary, PayPal handles all that and guarantees that the funds go to the right place. But, here again, suppliers pay a hefty fee—in the neighborhood of three percent.

4. Shift the Risk

There really is no perfect system in place, which is why we’re seeing ACH credit fraud rise in tandem with the rise in ACH payments. But there is a perfect way to shift the risk to companies that are built to withstand the verification and validation burdens. Today’s payment automation providers manage supplier information, so individual companies no longer have to spend valuable time on it. It’s similar to handing the reins to IT and procurement departments to lock down the database and institute controls. The difference is that working with a provider removes the time investment and liability.

Think of payment automation providers as a means to outsource risk. Their sole focus is to ensure secure, on-time payments to your suppliers without causing costly overhead. They have perfected the systems and processes for hundreds of thousands of AP departments across the United States, and in ways that businesses would be hard-pressed to replicate.

Businesses used to worry about check fraud above all else. While they still have to pay attention to that aspect, it’s become a low-tech form of fraud that’s easy to understand and plan for. As companies shift to electronic payment means, they’re increasingly experiencing sophisticated cyberattacks, which target much larger sums and are harder to defend against. With such attacks growing, businesses may find that outsourcing professionals is the best defense.

____________________________________________________________________

Josh Cyphers is the President of Nvoicepay, a FLEETCOR Company. For the past 20 years, Josh has managed successful growth for a variety of companies, from start-ups to Fortune 100 companies. Prior to Nvoicepay, Josh held leadership roles at Microsoft, Nike, Fiserv, and several growth-stage technology companies. Josh is a lapsed CPA and has a BS in Economics from Eastern Oregon University.

Archives, Global Trade Daily, Special Reports

The Largest Data Breaches in U.S. History

October 22nd, 2020 Spanning Leave a comment

COVID-19 has led to major changes to daily life for Americans, including a shift toward remote and at-home work. While these changes have led to more flexible working conditions for employees, they have also increased data security risks. New data from the Federal Trade Commission and the Identity Theft Resource Center indicates that heightened security risks brought on by more remote work are of particular concern when considering that data breach and identity theft reports doubled between 2014 and 2019.

Certain sectors are more vulnerable to data breaches than others. In 2019, the largest number of breaches occurred in the business and healthcare sectors, at 644 and 525 total data breaches, respectively. The business sector has become increasingly vulnerable to data security issues, as breaches in this sector increased by nearly 150 percent between 2014 and 2019. In contrast, data security remains strongest in the banking and government sectors, both of which saw a decline in total data breaches between 2018 and 2019.

Data breaches often compromise a company’s most sensitive records. The majority of them stem from hacking and intrusion cases and unauthorized access to records, which comprised more than 75 percent of all data breaches in 2019. On the other hand, employee error and negligence accounted for less than 11 percent of data breaches in 2019. However, with an increase in at-home and remote work, breaches stemming from a lack of employee knowledge or training is now more of a priority among employers.

To profile the most significant data breaches of U.S. companies, researchers at Spanning analyzed data from the Identity Theft Resource Center and the Federal Trade Commission, while also reviewing major news reports. Data breaches were defined as any unauthorized exposure to a company’s records, and incidents were ordered based on the total number of records exposed.

Between 2013 and 2019, companies involved in social networking and media, such as Yahoo and Facebook, were the most vulnerable to data breaches. For these companies, data breaches were most likely to occur through hacking and intrusion or accidental internet exposure. Emails, passwords, and other personal information were the most frequently compromised types of information.

Here are the 10 largest data breaches of U.S. companies in history.

Company	Rank	Number of records exposed	Type of breach	Industry	Types of information compromised
Yahoo – 2013	1	3,000,000,000	Hacking/intrusion	Media	Name, email, phone number, date of birth, login information
River City Media – 2017	2	1,370,000,000	Accidental web/internet exposure	Marketing	Name, IP address, physical address, email
People Data Labs / OxyData.io – 2019	3	1,200,000,000	Accidental web/internet exposure	Data	Name, email, phone number, social media profiles
First American Corporation – 2019	4	885,000,000	Accidental web/internet exposure	Financial	Bank account number, bank transactions, drivers license, Social Security number
Facebook / Cultura Colectiva – 2019	5	540,000,000	Accidental web/internet exposure	Social network	Account name, account ID, Facebook comments and reactions
Yahoo – 2014	6	500,000,000	Hacking/intrusion	Media	Name, email, phone number, date of birth, login information
Marriott International – 2018	7	500,000,000	Hacking/intrusion	Hospitality	Name, physical address, phone number, email, passport number, date of birth, gender, reservation information
Facebook – 2019	8	419,000,000	Accidental web/internet exposure	Social network	Name, account ID, phone number, country
FriendFinder Networks – 2016	9	412,000,000	Hacking/intrusion	Social network	Account name, email, password, join dates, user’s last visit
MySpace – 2016	10	360,000,000	Hacking/intrusion	Social network	Email, password

For more information, a detailed methodology, and complete results, you can find the original report on Spanning’s website: https://spanning.com/resources/industry-research/largest-data-breaches-us-history/

Archives, Global Trade Daily, Software, Special Reports

How Can Organizations Ensure Data Security

September 16th, 2020 Dea Muriç Leave a comment

The cyber-security scene is advancing at a fast-paced rate and concurrently, advances in technologies are progressively becoming better at aiding cyber-criminals and hackers to take advantage of data security loopholes. The continuously growing scale of breaches and cyber-security attacks should be a major concern for all organizations. An example of such attacks is the WannaCry, a massive malware attack that affected over 150 countries, including the UK, Germany, India, and Japan. Considering all the sensitive data that organizations store online, including financial documents and customers’ private details, it’s evident that one breach could have a huge negative impact on their businesses. Here are a few measures organizations can take to ensure data security.

1. Protect the IT Infrastructure

Organizations need a secure and established IT framework to build a solid foundation for a healthy data security plan. As such, they should keep an eye on every component, including devices and systems. They should ensure all the computers and smart devices are adequately protected against advanced cyber-attacks and malicious hacks.

The IT team must ensure all systems are updated with the most recent operating systems and reliable anti-virus solutions. They must also put a configured firewall in place to ward off external attacks and unauthorized access on the network. NordVPN can be a great data protection tool, especially when browsing the Internet. By encrypting data, this VPN establishes an additional layer of security that keeps your browsing activity, financial information, and emails invisible to hackers.

2. Perform Comprehensive and Regular Audits

Data security measures can never be complete without thorough and regular audits. A regular audit is a practical approach that enables businesses to identify vulnerabilities in the existing security plan. Auditing data collected in the post-attack offers an organization a perfect understanding of the blunders that can result in similar breaches in the future.

This information can be instrumental in the creation of a more powerful data security strategy coupled with more reliable data security policies. So, businesses must perform comprehensive and regular audits to enhance compliance and get rid of potential risks.

3. Limit Data Access

Most companies give a few employees privileged access to their most valuable data. Consider who in the company has access to important customer information. Do you know everyone’s access rights? Knowing the details of every staff that has privilege access to data and reasons for accessing it can help you prevent data hacking, theft, and loss.

Organizations must limit data access. They should determine the kind of data that a staff member needs to access to carry out their work obligations effectively and make sure they have access to just what they require. In addition to safeguarding sensitive information from theft or loss, limiting access could ensure more efficient data management.

4. Remove Stale Information and Put Secure Backups in Place

Many companies in the healthcare, education, and finance sector handle sensitive data as an important part of their businesses. Having the right data disposal strategies in place can prevent redundant data from being stashed away and lifted at a later date.

Regular data backup is a fundamental part of a complete IT security strategy. Organizations should have robust backups in place to ensure they still have access to their sensitive information even after accidental file removal or a full ransomware lockdown. They should store their backup data in a safe, remote location far from their main places of business.

5. Change Your Mindset

Many organizations don’t give data security the seriousness it deserves. They have poor passwords, unencrypted sensitive files, and misconfigured AWS servers. Due to this sloppy attitude, it’s estimated that more than 4 billion data records with valuable information were breached within the first six months of last year.

Companies must change their attitude. They must view data security as their top priority. Everyone in the company must understand the value of data security, not just the top executives. They should embrace security best practices such as authenticating digital identities of all employees and customers as well as using up to date VPNs like the NordVPN.

The Parting Note

With cyber-security threats increasing rapidly in today’s world, it has become important to be armed with the right security tools and privacy improvements that are required to protect the organization’s most valuable asset, that is, the data. Data security should be given utmost priority and all staff members trained accordingly.

Data Center Infrastructure Market is Projected to Reach USD 100 Billion by 2027

Global supply chains in the time of coronavirus

Future-proofing: a how-to guide

Managing concentration risk

1. Integrity

2. Intelligence

3. Time Management Skills

4. Communication Skills

5. Creativity

6. Self-Motivation

7. Enthusiasm

8. Teamwork

The Right Hires Will Have The Necessary Soft Skills

Company

Rank

Number of records exposed

Type of breach

Industry

Types of information compromised

1. Protect the IT Infrastructure

2. Perform Comprehensive and Regular Audits

3. Limit Data Access

4. Remove Stale Information and Put Secure Backups in Place

5. Change Your Mindset

The Parting Note

most viewed today