Is your CFO requesting cost-cutting measures from you? Many of the Chief Technology Officers (CTOs) I talk with are concerned about this. After all, the US is experiencing 8.5 percent inflation, which means increased input costs for businesses. This includes employees: according to Skillsoft, the number of IT decision-makers confronting a talent shortage has increased to 76%, implying that pay for in-demand IT workers are rising. In fact, the cost of hiring and keeping IT personnel has risen. Any CTO who can assist the CFO with Benjamin Franklin’s old adage “a penny saved is a penny earned” will be praised by the board of directors.

However, the 18th-century adage “penny saved” has to be updated to be useful. It’s critical to consider the overall cost of ownership, which includes the value of human time as well as hidden expenses such as continuing productivity losses caused by security breaches. It’s also important to note that business reasons may have altered in recent years due to shifts in staffing expenses or the cost of cyber breaches.

In light of this, this blog article offers some new perspectives on the economics of unified endpoint management (UEM). We’ll start by outlining the primary savings you’ll notice in a UEM business case, then move on to recent industry changes and how they’re affecting how certain clients calculate the value of deploying UEM.

Recapping the business case for unified endpoint management

Three of the primary benefits of Microsoft’s unified endpoint management were described in an independent Forrester analysis:

1. Reduced support tickets as a result of more automatic endpoint security.
2. The cost savings from connecting on-premises devices to the cloud and centralizing endpoint management.
3. lowering the likelihood of a security breach and the expenses associated with data loss

Reducing support needs

The business case’s first point is how unified endpoint management saves support costs. The argument is simple: fewer support tickets mean fewer hours spent by helpdesk representatives. Forrester Consulting independently interviewed corporate organizations to assist benchmark the amount of the savings in decreasing support needs for a 2021 commissioned Total ImpactTM assessment of Microsoft Endpoint Manager. The savings may be calculated in terms of the amount of assistance needed at each stage of the user’s lifetime. Forrester estimates time savings in configuring a new endpoint or setting up a new user on a laptop, for example. According to these companies, the time it takes to set up a new laptop for both users and IT administrators may be reduced by 25% in some circumstances, which is substantial if it previously took a total of six hours to get a new employee up to and running. Then there’s the overall drop in support tickets from customers who don’t need to call the helpdesk as often (through proactive, automation of issues before the user is even aware, for example). Following the modernization of their endpoints, our clients report seeing a 20 to 40% drop in tickets. They also claim that by decreasing the complexity of the requests they are processing, helpdesk workers would be able to address current problems faster. Overall, unified endpoint management’s process automation saves IT time, which can then be redeployed to other important initiatives.

Connecting on-premises devices to the cloud and centralizing endpoint management

The ability to centralize endpoint administration and hence decrease fragmented expenses is the second pillar of the business case. Allowing IT administrators to administer devices from anywhere allows for better staffing flexibility and cost savings because endpoints may be managed from a single console rather than several panes of glass. It also guarantees that devices, whether on a local network or not, are set up and up to date with the latest security updates.

To reduce the danger of a security breach, some of the business justification for this will be counted below. However, centralization allows for a rethinking of overlapping technology and personnel expenditures. For example, this might result in cost savings from old software subscriptions, licensing, and maintenance. Additionally, combining many providers that serve different device platforms or provide services other than endpoint management may minimize overhead expenses. Similarly, on-premises hardware expenses may need to be reconsidered. Finally, clients tell us about staff time savings: this strategy may significantly reduce onsite IT admin and network engineer hours.

Reducing the risk of data breaches or non-compliance

Finally, unified endpoint management aids in the prevention of data breaches. Forrester estimates that a security breach costs about half a working day (approximately 3.5 hours) per year in lost productivity per affected employee,5 since they may need to update their device with the latest patch or retrieve work or data that has been compromised by the breach. Reducing the risk of a data breach by 30 to 50% (as several of our clients have calculated, especially as part of a larger Zero Trust approach) leads to considerable cost savings for the company. There are immediate out-of-pocket expenses of a data breach, such as extra effort in remediating the breach and probable increases in insurance premiums, in addition to the lost employee productivity costs.

Endpoint management business case update for 2022 for today’s workplace

So, why is someone encouraging you to reconsider your business case for cloud-based endpoint management? In summary, two significant changes have occurred. First, growing IT labor expenses have increased the relative worth of automated solutions. Second, the transition to remote and hybrid work has raised the average cost and risk of a data breach for businesses, hence increasing the cost of inaction.

First, data show that the job market for IT professionals is highly tight. According to Gartner®, “IT executives regard the talent scarcity as the most important adoption obstacle to 64 percent of developing technologies, compared to just 4% in 2020.”8 Those currently engaged in IT are also looking elsewhere. According to a poll conducted by TalentLMS and Workable in October 2021, 72% of respondents in the United States are considering quitting their employment in the coming year.

Wage inflation has come from these processes. According to the Information and Cyber Security Salary Guide, the median salary for security engineers with one to two years of experience in the United Kingdom has increased by 7% in the last year, while information security managers with more than five years of experience can expect a 9% pay increase this year. The more that can be automated among help desk workers, network engineers, IT admins, and security professionals, the fewer hours are required (and consequently the less need to hire more IT staff to handle organizational requests).

Second, as a business moves toward remote and hybrid work settings, the cost of a data breach rises. According to IBM and the Ponemon Institute’s Cost of a Data Breach Study, the cost of data breaches increased about 10% year over year in 2021. Additionally, when remote working was a factor in triggering the data breach (USD4.96 million on average), the total cost of the breach was 28% greater than when remote working was not a factor (USD3.89 million per breach, on average). The more employees that work remotely, the greater the disparity. The average cost of a data breach for businesses with 81 to 100% of workers working remotely is USD5.54 million, compared to USD3.65 million for businesses with fewer than 10% of employees working remotely.

Next step

Despite the high financial costs of a possible data breach, there are basic steps you can take right away.

To begin, aggressively engage with your company’s CFO on the issue of strategic value, not simply expenses and budgets, if you haven’t before. As I mentioned at the start, the connection between the CTO and the CFO is becoming increasingly important in guaranteeing an organization’s best performance.

Second, as part of that conversation, I’d want to suggest that you appoint someone from your team to examine the UEM business case in light of rising employee wages and greater breach costs. Here’s a description of Forrester’s business case for UEM to get you started, and Microsoft can help you customize and compute the business case for your specific needs.

Artificial intelligence can now without a doubt make a significant difference within a company, from addressing complex challenges to fundamentally changing a business model. That’s why, two years ago, Microsoft established AI Business School to give advice to important decision-makers across sectors on strategy, culture, responsibility, and other vital themes.

It’s no easy task to use AI comprehensively and successfully, and we certainly don’t have all the solutions. However, through our work with company leaders through AI Business School and in customer interactions, we’ve come across a few firms that have set the standard for what an AI-powered organization can be.

That’s why we developed Best of Business AI 2021: to highlight clients that have shown how to develop a complete plan and execute it across the company to generate business value and momentum through digital transformation. Best of Business AI 2021 is based on the AI Business School principles and showcases ten clients that are advancing their AI journey by aligning their business goals and technological capabilities via great leadership.

Include everyone in your organization

Companies that effectively use AI recognize that it is more than a technical or leadership issue. They undertake in-depth discussions with workers to see how each department of the company might benefit and be impacted. Outokumpu has been involving employees from the start, giving them access to data and AI models so they may make the best decisions possible in their daily job.

“You have to get trust from the leadership team, talk to people about the rollout, and get everyone on board,” says Stefan Erdmann, Chief Technology Officer of Outokumpu.

Use AI to boost your business’s worth

AI may assist you in solving complex challenges, but it also has the potential to open up new doors for development and success. HOCHTIEF is monetizing its new AI competence by providing AI applications as a service to customers.

“We’ll bring all of these solutions to market, and we’ll have a new business model,” says David Koch, HOCHTIEF’s Chief Risk, Organization, and Innovation Officer.

Choose a good starting point

Begin by identifying the appropriate use case for AI, and then make sure you share your findings on a regular basis. At CES 2019, Bell demonstrated its vision for AI and how it may impact the business and industry through an augmented reality experience. The firm and the IT world were fascinated by the event, and the company has continued to build on that enthusiasm by making steady progress toward its big goals.

“Highly iterative, incremental proofs of concept—demonstrating something every three to six months—are the greatest approach to get and maintain the attention and endorsements from senior leadership,” explains Matt Holvey, Senior Manager of Intelligent Systems at Bell.

Connecting business and technology

Everyone in your business is there because of their knowledge and experience. Empower them to collaborate, invent, and contribute to the development of innovative AI solutions. For the biggest effect, AI specialists and product experts collaborated with Mondelez International.

“On one side, we have our data science, modeling, and simulation expertise,” explains Rob Hargrove, Executive Vice President of Research, Development, and Quality at Mondelz International. In our product teams, we have professionals in biscuit, chocolate, gum, and candy creation. Neither side has a complete understanding of the other’s role. So they understand that they can’t function in silos because neither side would succeed.”

Put values into action

As with any major technology innovation, AI might have unexpected outcomes, such as privacy concerns and security breaches. Implement principles, practices, tools, and governance to assist your business in anticipating and mitigating risks, as well as ensuring that the ultimate outcome is consistent with your values. Creating governance tools and procedures at AXA was not only the proper thing to do, but it also allowed the organization to learn more about their business and how they might best serve their consumers.

“It is our job to appropriately manage the data that the consumer chooses to provide with us,” says Jerome Lafon, AXA’s Head of Connected Car Business Domain, Data, and Tech Innovation.

Collaboration with other organizations

Responsible AI implementation frequently necessitates collaboration with other enterprises, connection with end-users, and coordination with government agencies. Seek advice from others and apply what you’ve learned to help others when you can. OceanMind is a non-profit organization that collaborates with others to better understand the effects of human activities on the seas.

“We can utilize AI to assist enforce fisheries legislation and to help authorities make better judgments,” says Kanit Naksung, Director of Fish Quarantine and Fishing Vessels Inspection Division at the Thailand Department of Fisheries, which is cooperating with OceanMind.

Prove it, then scale it

Once you’ve shown that something works, invest in spreading it throughout your company. Invest time and money in analyzing AI technologies and devising ways to broaden their reach. At DHL, this included putting in place the necessary infrastructure, as well as providing assistance and communication as the project progressed from proof of concept through productization.

“We are adopting such mature digital solutions in practically every one of our sites,” says Markus Voss, CIO, and COO of DHL Supply Chain. Every customer, every facility, and every one of our workers should be aware that the world of the supply chain is changing.”

Prioritize for the most impact

Because you can’t tackle all of your problems at once, prioritize your efforts by weighing the costs and rewards before establishing what success looks like. You may discover, as CSIRO did, that AI is in high demand everywhere, but you must choose carefully so that your work has genuine value.

“Everyone wants to work with our AI experts, both within the organization and outside CSIRO,” says Jon Whittle, Director of CSIRO’s Data61. “The danger is that you get pulled in too many different directions, and you are no longer able to make a difference in any area because you tried to do too many things.”

Empower everyone

Good ideas may emerge from everywhere, which is why Grab’s “AI everywhere” strategy is working so well. Non-technical personnel collaborates with experts to transform concepts become reality.

“You truly access the potential of AI when people accept and have belief in what you’re trying to achieve with it,” says Wui Ngiap Foo, Grab’s Head of Technology.

Put your data to work

Data may be utilized in unusual ways to improve and expand human skills. Data generated fresh ideas and inspiration in WPP’s designers and marketers, allowing them to be even more creative.

“Data isn’t dull; it can actually inspire and amaze,” says Di Mayze, WPP’s Global Head of Data & AI. And that’s exactly what we want: data and creativity to collaborate and celebrate together! ”

Increased security concerns with the changing SMB landscape

Microsoft surveyed more than 150 small and medium companies in the United States in April 2022 to better understand the changing SMB security demands.

More than 70% of SMBs stated cyber threats are becoming more of a business risk. With nearly one-quarter of small businesses reporting a security breach in the previous year, they have reason to be concerned. In reality, ransomware assaults have increased by more than 300%, with more than half of them targeting small enterprises.

Despite the fact that SMBs face identical risks as corporations, they frequently lack the necessary resources and tools. Traditional antivirus solutions are still used by many small businesses. Despite the fact that 80% of SMBs say they have an antivirus solution, 93% are concerned about the expanding and developing cyberattacks, with phishing, ransomware, and data security top of mind

SMBs are particularly susceptible since businesses frequently lack finances and trained security personnel. In reality, only around half of the SMBs polled had a professional IT security specialist on staff, and the absence of specialized security employees is cited as the top security risk factor. Enterprise security solutions are sometimes either too complicated or prohibitively expensive or both.

Delivering security for all to help protect SMBs

We highlighted our vision for security for everybody at Microsoft Ignite, believing that small and medium companies should be able to afford the same degree of protection as corporations. With the broad release of the standalone version of Microsoft Defender for Business today, we’re delighted to take that ambition a step further. Defender for Company provides SMBs with enterprise-grade endpoint protection, including endpoint detection and response (EDR) capabilities, while maintaining the ease of use and cost that small business customers and partners demand.

Microsoft Defender for Business comes included with Microsoft 365 Business Premium, our complete security and productivity solution for companies with up to 300 employees. Defender for Business is now available as a stand-alone product. Server support will be available as an add-on solution later this year.

Enterprise-grade security to protect against ransomware and other cyberthreats

SMBs require additional security to protect against the growing number and sophistication of cyberattacks such as ransomware. Traditional antivirus, which provides only a single layer of protection by matching signatures against known threats, is still used by many SMBs. Defender for Business provides multi-layered protection, detection, and response, encompassing the five stages of the NIST cybersecurity framework—identity, defend, detect, respond, and recover—to prevent and remediate known and undiscovered threats. Let’s take a closer look at the capabilities:

Identify

• Threat and vulnerability management helps you in prioritizing and focusing on the flaws that offer the most danger to your company. You may proactively construct a safe foundation for your environment by detecting, prioritizing, and remediating software vulnerabilities and misconfigurations.

Protect

• Attack surface reduction Options reduce your attack surface (the number of places on your devices and applications where your firm is exposed to assaults), giving bad actors fewer ways to attack.
• Next-generation protection antimalware and antivirus protection on your devices and in the cloud assist to avoid and protect against attacks at your front door.

Detect and response

• Endpoint detection and response give behavioral-based detection and reaction alerts to help you discover and eliminate persistent dangers in your environment.

Recover

• Auto-investigation and remediation by analyzing notifications and taking fast action to resolve threats for you, you can assist expand your security operations. Defender for Business lets you prioritize duties and focus on more complex attacks by lowering the alert volume and remediating issues.

Built for SMBs, easy to use, and cost-effective

Defender for Business was created with small businesses in mind.

Because IT admins for SMB clients and partners frequently have several responsibilities, we wanted to develop a solution that was simple to set up and could automatically identify and remediate risks, allowing you to focus on operating your business. Defender for Business includes rules that help you get up and running quickly. For Windows devices, we’ve provided a simpler wizard-based onboarding. Additional simplification is planned for macOS, Android, and iOS.

We conduct the sort of work that a specialized Security Operations (SecOps) team does by continually identifying and automatically remediating most threats with automated investigation and remediation.

Security was a primary priority for Martin & Zerfoss, an independent insurance business. “With Microsoft Defender for Company, we’re able to deliver enterprise-grade security protection to our small and midsize business customers,” said Kite Technology Group, a partner. “We can now fulfill their present security requirements while also preparing them for whatever happens next,” said Adam Atwell, Kite Technology Group’s Cloud Solutions Architect.

“Automated investigation and remediation is a significant element of the product [since] it happens in the background,” he continues. Our security is so simple with Microsoft Defender for Business.”

Benefits of Defender for Business for partners

SMBs, understandably, look for partners to secure their IT systems. We understand that safeguarding SMB consumers frequently entails giving partners solutions to assist them in efficiently securing their customers.

Defender for Business and Microsoft 365 Business Premium enable partners additional ways to help clients safeguard their data at scale by providing value-added managed services. Both solutions work with Microsoft 365 Lighthouse, which will be publicly available on March 1, 2022, to allow Microsoft Cloud Solution Provider (CSP) partners to see security incidents across tenants in a single site. WeSafe IT, a Swedish CSP partner, was one of the first to utilize Defender for Business Premium with Microsoft 365 Lighthouse. The integrated solution provided the organization with complete customer value as well as the possibility to boost automation and profitability.

“No other solution like Microsoft 365 Business Premium manages such a broad range of capability for small and medium-sized enterprises at anywhere near the cost or flexibility,” stated Martin Liljenberg, WeSafe’s Chief Technology Officer and co-founder. “It’s obvious and simple to deploy to customer situations from a partner standpoint.” MSPs who use Defender for Business may boost automation and profitability while offering better protection and service to their SMB clients.”

We’re also excited to introduce RMM tool integrations, which managed service provider partners frequently utilize to safeguard their clients at scale. Microsoft Defender for Business integration with Datto RMM is now available for partners. ConnectWise RMM will soon be integrated with Microsoft Intune and Microsoft 365 Business Premium.

Microsoft Defender for Business and Microsoft 365 Business Premium are offered via a number of Microsoft Cloud Partners, including ALSO, Crayon, Ingram Micro, Pax8, and TD Synnex, among others.

Who is CRSP?

The Microsoft Compromise Recovery Security Practice (CRSP) is a global team of cybersecurity experts with deep expertise in securing an environment after a security breach and helping you prevent a breach in the first place. They operate in most countries and work with both public and private organizations. We focus on reactive security initiatives for our clients as a specialty team inside the more significant Microsoft cybersecurity activities. The following are the primary sorts of projects we work on:

• Compromise recovery: After a compromise, customers regain control of their surroundings.
• Rapid ransomware recovery: Restore business-critical applications while limiting the consequences of ransomware.
• Advanced threat hunting: Proactively monitor an environment for the existence of sophisticated threat actors.

How to update your security processes?

Afternoon on Friday. Every Friday afternoon is the same. The phone rings and yet another company’s IT system has failed, resulting in anything from data loss to ransomware. The CRSP team handles contracts, and we’re off to get to work. Sometimes we work magic, sometimes we get fortunate, and sometimes it’s simply a lot of hard work, but we always end up in a stable and safe atmosphere. But what happens to the company after that?

In general, a compromised recovery entails forcing a number of security modifications that should have been done during the previous years, usually within six weeks. It’s exhausting, and it alters how administrators operate and how systems fail. The primary objectives are to reclaim power, maintain control, and instill this mentality in the consumer.

We’ve seen a lot of situations of inattentive operating processes that work because they’re simple, work because they’re based on legacy software, and are inexpensive, but they all ultimately allow an attacker to exploit the systems. In a recent situation, the lowest bidder was awarded IT management and given all of their support engineers Domain Admin access, which they utilized to sign in everywhere. As a result, when an employee opened an email attachment by accident, the attacker gained immediate Domain Admin access and the takeover was completed fast. The environment was encrypted a few hours after the click.

Even if we make several technical modifications, the most significant ones are new environmental administration methods and procedures. The delivery includes the tier model, privilege access workstations, and other tools, as well as specific processes for how new machines are installed, administrator accounts are to be utilized, and how everything should be monitored.

For many clients, monitoring is a game-changer. Yes, they may have a security information and event management (SIEM) system in place today, as well as a security operations center (SOC) that receives data from the environment, but they are straining to keep up with an active attacker without the correct protocols, setup, and pace. When we implement our tools, we also put monitoring on top of them, and we begin training our clients on how to correctly use monitoring, AI, and machine learning, as well as what to look for and how to begin automating response.

When we wrap off the project, our clients have not only acquired an enhanced administrative environment but also a set of new processes to follow that could feel tough in the beginning. The workforce who has to follow those protocols, on the other hand, rarely complains. Part of the service includes training on how the attackers gained control of the environment, and with that comes the realization that everything that is cumbersome and difficult for an administrator with the right tools is nearly impossible for a hacker; things like privilege access workstations, multifactor authentication, and identity monitoring all have their place.

We accomplish a successful recovery along with our customers and have assisted them in embarking on a new road towards a more secure environment by following Microsoft Security protocols that have been tested many times.

Sammy was diagnosed with Autism when he was quite young. When you first met him when he applied for a Microsoft internship, by following his journey to full-time employment. His true name is Sammy, but his experience is extremely genuine. He, like many individuals with disabilities, has been shut out of society at times, first at school when he wanted to help fellow pupils with autism but was told he couldn’t because of his disability. As he grew older, he was concerned that these imposed constraints would follow him into the workplace, so he learned to hide his impairment in order to avoid being stigmatized during job applications.

Unfortunately, his story is not unusual. Companies are striving for talent in the age of “The Great Reshuffle,” and persons with disabilities represent an untapped talent pool to fill the gap. However, the unemployment rate for persons with disabilities is more than double that of people without impairments globally. So, what’s going on here, and how might technology help?

The search for Talent

Recruiters have a range of tools to select from when sourcing applicants, including automated screening systems. Could the application of artificial intelligence (AI) remove the prejudice that Sammy faced during his schooling and job hunt with multiple firms, or would machine learning also filter out highly competent individuals with disabilities like Sammy? The Inclusive Design Research Center (IDRC) at OCAD University is looking for a solution. Over half of businesses will use AI-assisted or AI-automated hiring technologies in the next decade, according to estimates. Does this method assist establish a diverse and inclusive workforce? These technologies use previous hiring data to screen applications by maximizing the features of previous achievements.

Data exploration, when various data sets are integrated into AI-powered tools, can boost diversity without affecting recruiting success, according to prior studies focusing on race, origin, and gender as factors of diversity. Optimizing Diversity with Disability, an IDRC project will extend this study to disability to guarantee that AI screening technologies do not amplify, accelerate, or automate historical prejudice against disabled people. Working with disabled candidates will result in the creation of a synthetic data set that will be used to identify sources of prejudice in recruiting processes. Alternative algorithms for dealing with bias against human differences linked with a disability will be developed using Azure technologies. In addition to data exploration methods, the team will look into the Lawnmower of Justice’s application. When training a machine learning model, this eliminates the benefit of being similar to everyone else by limiting the number of data items that may be repeated. IDRC recognizes that there are several approaches to addressing the application of AI in disability employment contexts, and their diverse team is eager to hear what findings they can draw from this important study.

The search for jobs

After working in various recruiting positions for 11 years, I’ve discovered that not every recruitment method is suitable for every candidate. For example, at Microsoft, we created the Neurodiversity Hiring Program to enable Neurodiverse individuals to exhibit their talents and credentials throughout the interview process. Because this program was not accessible when You initially met Sammy, you cooperated to figure out what modifications would work best for him.

When it comes to knowledge and resources, there are a number of innovators striving to close the gaps.

Mentra is one such case. Jhillika Kumar, the company’s co-founder, was motivated to start it by her autistic brother Vikram’s desire to live in a more inclusive environment. Mentra’s disability champions are working to create a future that embraces and respects all people, regardless of gender, color, or cognitive ability. The Mentra team got an insight into the ‘invisible hurdles’ that appear in job hunting through research conducted in collaboration with the autistic community and the Autism Self Advocacy Network in Atlanta. Mentra’s mission is to eliminate AI prejudice and build the world’s most inclusive neurodiverse recruiting platform. Their premise is that prejudice in today’s recruitment market begins with the datasets that feed the matching algorithms, not with the recruiter. Mentra believes that algorithms should be oriented on diversity, equity, and inclusion in order to establish a more equitable recruiting process.

As one of their candidate’s shares:

“Mentra see and understand a problem in the autistic community and want to activate the potential of every neurodiverse individual struggling to find their place in the working world. Mentra made me feel hopeful that more autistic individuals such as myself could be empowered in a unique and innovative way.”

The search of ease-of-use

Every job seeker’s journey begins with them learning about the qualifications of a possible job in order to assess their own interest and credentials. Job board interfaces are useful in some cases, but what if there was a better method for candidates to learn about a job?

Alex Farr, the creator, and CEO of Zammo.ai are pleased that companies such as Seattle Airport and OurAbility are utilizing Zammo to make information more accessible. Now, he wants to expand on that success by allowing any business with a job board to use their voice to find and apply for employment.

Zammo met Khadija Bari, a student coordinator at VISIONS Services for the Blind, while on their quest to apply AI to accessibility problems. With a forceful query, she opened up a whole new line of thought: “I’m visually disabled. With [Zammo’s] voice platform, all I have to do now is ask my home assistant for the information I need to support the individuals I serve. Why not start with jobs? We do it with so many other goods.”

That question prompted Zammo to investigate how their solution may help the recruiting sector. Zammo’s goal is to provide accessible interfaces for various online job boards based on their prior insights and research, allowing people with disabilities to easily acquire information about openings, align their capabilities, and finish an application. Customers will be able to view semi-structured data on numerous job search websites using Natural Language Processing and Voice in this project. Zammo’s technology integrates Azure Bot Service, Azure Communication Service, Azure Cognitive Search, and Azure Semantic Search to improve search results by comprehending the linguistic meaning of search queries.

Zammo has partnered with Open Inclusion, an inclusive insight, design, and innovation company, to guarantee that their end product satisfies the genuine needs of individuals with disabilities. They assist businesses in unlocking value by inquiring about, understanding, and taking into account the requirements of individuals who move, perceive, think, or feel differently. Zammo’s initiative aligns with Open Inclusion’s mission of making the world more inclusive by harnessing technology to address current problems in novel ways.

Innovations in employment tools

Microsoft’s AI for Accessibility initiative has given funds to the Inclusive Design Research Center (IDRC), Mentra, and Zammo for projects targeted at leveraging the potential of AI to magnify human capabilities for the world’s more than one billion individuals with disabilities. The IDRC was also awarded a combined grant with the Kessler Foundation, which has invested over $50 million in improving work skills and paid employment for thousands of people with disabilities since 2000.

LinkedIn continues to make its interface more accessible and functional by introducing reflow and contrast capabilities, in addition to our grantees. When clients zoom in to magnify material or utilize smaller devices, such as a phone or tablet, reflow is the act of adapting content to the width of the screen so that all content remains inside established limits. Dark Mode, which includes color and contrast components that assist decrease eye strain, adjusting for light sensitivities, and improving text legibility, is also being pushed out. They’ve also just released LinkedIn learning courses for companies, like Hiring and Supporting Neurodiversity in the Workplace and Supporting Workers with Disabilities.

The story only begins with the job search

Companies must ensure that they have onboarding policies in place to encourage inclusiveness and workplace adjustments in addition to employing diverse talent.

People with disabilities can benefit from the hybrid working environment in a variety of ways, including reduced reliance on transportation, the convenience of specialist equipment, and access to digital information. As our grantees employ technology to rethink the future of hiring, Sammy reminds us that disability representation extends beyond the gadgets we use. “Disclose what you are comfortable with, but also explain to the other party what kind of concessions would be beneficial to you,” he advises applicants. Not only will being honest about the criteria you need to make your experience joyful make it better and less stressful, but it will also help you understand whether the firm you’re applying to will assist you while on the job.”

Some of the new experiences employing headsets and mixed reality will be right in front of your eyes, but others may be more difficult to see. We’ll witness both intentional and unforeseen innovations and experiences, as with all new categories, and the security stakes will be higher than we think at first.

With the novelty of each new technology, there is an inherent social engineering advantage. Instead of a fake domain name or email address, fraud and phishing assaults targeting your identity in the metaverse may come from a recognizable face – physically – such as an avatar impersonating a coworker. If we don’t act now, these sorts of dangers might be deal-breakers for businesses.

Interoperability is also important since there will be no one metaverse platform or experience. Trust must extend beyond the doorway of a virtual meeting place, for example, to the interactions and apps within; otherwise, users will be unsure what to say or do in a new virtual area, creating security breaches that may be exploited.

This leads us to the metaverse’s significance in these early days: We only have one chance at the outset of this period to develop precise, basic security principles that nurture trust and peace of mind for metaverse experiences. If we lose this chance, we will unnecessarily stifle the adoption of technologies that have the potential to improve accessibility, cooperation, and profitability. The security community must collaborate to provide the groundwork for a secure place to work, shop, and play.

It’s crucial to keep in mind that history often repeats itself.

Changes in technology tend to sneak up on us when we’re looking the other way. Consider that virtual world real estate booms aren’t new — in the 1990s, prized dot-com domain names were desirable among brokers and speculators.

Although the early World Wide Web would alter trade, it would do so in ways that few could have predicted in the 1990s. Meanwhile, the simplicity with which knock-off domains imitate banks, government entities, and big brand names arose as a result of the ease with which they could be set up. These issues are still present today.

We’ve seen this cycle play out many times before. Corporate security departments were hesitant to embrace Wi-Fi when it initially became accessible on laptops. Whether your company included wifi in its security policies or not, you couldn’t buy a laptop without it before long.

When the iPhone and Android phones first came out, they became a huge impetus for workplace BYOD (bring your device) regulations. Personal gadgets formed a new sector almost overnight, and businesses had to keep up. Metaverse-influenced features and experiences should naturally similarly come to businesses.

Let’s take these lessons to heart and stay ahead of the curve.

We’ve understood for a long time that security is a team sport and that no one vendor, product, or technology can secure us alone. The current defensive community’s culture of information sharing and teamwork is a huge accomplishment that did not come overnight. ISPs, cloud providers, device makers, and even competitors in these industries now appreciate the need of collaborating on security challenges.

As we stand at the crossroads of a new technological era, we all must agree on fundamental goals to help safeguard the metaverse for future generations — and identification, transparency, and a shared sense of purpose among defenders will be crucial.

Identity is the initial point of attack for hackers.

For years, scammers pretended to be overthrown kings with great treasures to give, or sweepstakes hosts yearning to reach you, but with the arrival of email and text messaging, these scams were re-franchised for the digital world.

Consider what phishing may look like in the metaverse. It will not be a forgery from your bank. It may be an avatar of a teller asking for your information in a virtual bank lobby. It may be a phony invitation to a meeting in a malicious virtual conference room from your CEO.

This is why figuring out who you are in the metaverse is a major priority. Organizations should be aware that implementing metaverse-enabled apps and experiences will not disrupt their identity and access management systems. This implies that in this new environment, we must make identification manageable for businesses.

Making multi-factor authentication (MFA) and passwordless authentication fundamental to platforms are examples of constructive measures. We may also make use of recent multi-cloud technologies, such as the ability for IT administrators to manage access to numerous cloud app experiences that their customers rely on from a single dashboard.

The importance of transparency and interoperability will be essential.

In the metaverse, there will be a plethora of platforms and experiences, and real interoperability can make the distances between them easy and safe – while also allowing for interesting new possibilities. Consider putting your virtual PowerPoint presentation into a client’s virtual conference room, even if the client’s platform is different.

Transparency can assist with this at every stage. When new platforms are introduced to organizations at scale, they frequently face a harsh test, with security experts scrutinizing code, features, and product promises.

Stakeholders in the Metaverse should anticipate security concerns and be ready to respond quickly to any upgrades. Terms of service, security features such as where and how encryption is utilized, vulnerability reporting, and upgrades must all be communicated clearly and consistently.

Transparency aids adoption by shortening the learning curve for security.

Working together is our best defense.

In the metaverse, the concerns of yesterday’s and today’s Internet — impersonation, efforts to steal credentials, social engineering, nation-state spying, and inherent weaknesses — will be present. To identify and respond to them, the same security community of good faith, standards, and collaboration will be required.

As metaverse platforms and experiences begin to influence the future, the progress we’ve achieved throughout the tech sector in working against threats as the stakes have increased in recent years remains a cornerstone for security.

Security researchers, chief information security officers, and industry stakeholders have the same chance as adversaries to comprehend the metaverse’s geography and exploit it to our advantage. Metaverse systems will very certainly build and generate new data streams with the ability to enhance authentication, spot suspicious or malicious activities, and even re-visualize cybersecurity to help human analysts in making quick choices.

High expectations, tough rivalry, unpredictability, and on-the-fly learning will determine how the metaverse grows, just as they will define how it is secured. But we don’t need to know what the metaverse’s final impact will be to identify and embrace the security and trust principles that will make everyone’s trip safer.

Artificial intelligence can make a huge difference in a company, from fixing large challenges to fundamentally changing a business model, there’s no doubt about it. That’s why, two years ago, Microsoft established AI Business School to advise important decision-makers across sectors on strategy, culture, responsibility, and other vital themes.

It’s no easy task to use AI comprehensively and successfully, and we certainly don’t have all the answers. However, through our work with company leaders through AI Business School and in customer interactions, we’ve come across a few companies that have set the standard for what an AI-powered organization can be.

That’s why we developed Best of Business AI 2021: to highlight clients that have demonstrated how to develop a complete plan and execute it across the company to generate business value and momentum via digital transformation. Best of Business AI 2021 is based on the AI Business School principles and showcases ten clients that are advancing their AI journey by aligning their business goals and technological capabilities via great leadership.

Involve everyone in your organization

AI is not simply an issue for technical teams or leadership, according to companies that have effectively used it. They undertake in-depth discussions with workers to determine how each department of the company might benefit and how it can be harmed. Outokumpu has been involving workers from the start, and it now offers them access to data and AI models so they may make the best decisions possible in their daily job.

“You have to get trust from the leadership team, talk to people about the rollout, and get everyone on board,” says Stefan Erdmann, Chief Technology Officer of Outokumpu.

Use AI to increase business value

AI may assist you in solving complex challenges, but it also has the potential to open up new avenues for development and success. HOCHTIEF is monetizing its new AI competence by providing AI applications as a service to consumers.

“We’ll bring all of these solutions to market, and we’ll have a new business model,” says David Koch, HOCHTIEF’s Chief Risk, Organization, and Innovation Officer.

Choose a strategic starting point

Begin by identifying the best use case for AI, and then make sure you’re sharing your findings regularly. At CES 2019, Bell demonstrated its vision for AI and how it may impact the business and industry through an augmented reality experience. The firm and the IT world were both enthralled by the event, and the company has continued to build on that enthusiasm by making steady progress toward its big goals.

“Highly iterative, incremental proofs of concept—demonstrating something every three to six months—are the greatest approach to get and maintain the attention and endorsements from senior leadership,” explains Matt Holvey, Senior Manager of Intelligent Systems at Bell.

Bring business and technology together

Everyone in your company is there because of their knowledge and experience. Empower them to collaborate, invent, and contribute to the development of innovative AI solutions. For the biggest effect, AI specialists and product experts collaborated with Mondelez International.

“On one side, we have our data science, modeling, and simulation expertise,” explains Rob Hargrove, Executive Vice President of Research, Development, and Quality at Mondelz International. In our product teams, we have professionals in biscuit, chocolate, gum, and candy creation. Neither side has a complete understanding of the other’s role. So they understand that they can’t function in silos because neither side will succeed.”

Put values into action

The usage of AI, like other major technical advancements, might have unexpected effects, such as privacy concerns and security vulnerabilities. Implement principles, practices, tools, and governance to assist your business in anticipating and minimizing risk, as well as ensuring that the outcome is consistent with your values. Developing governance tools and procedures at AXA was not only the proper thing to do, but it also allowed the organization to learn more about their business and how they might best serve their consumers.

“It is our job to appropriately manage the data that our customers choose to share with us,” says Jerome Lafon, AXA’s Head of Connected Car Business Domain, Data and Tech Innovation.

Work with other entities

Responsible AI implementation frequently requires collaboration with other enterprises, connection with end-users, and coordination with government agencies. Seek advice from others and apply what you’ve learned to help others when you can. OceanMind is a non-profit organization that collaborates with other organizations to better understand the effects of human activities on the seas.

“We can utilize AI to assist enforce fisheries legislation and to help authorities make better judgments,” says Kanit Naksung, Director of Fish Quarantine and Fishing Vessels Inspection Division at the Thailand Department of Fisheries, which is cooperating with OceanMind.

Prove it, then scale it

Once you’ve shown that something works, invest in spreading it throughout your company. Invest time and money in analyzing AI technologies and creating ways to expand their reach. At DHL, this included putting in place the necessary infrastructure, as well as providing assistance and communication as the project progressed from proof of concept through productization.

“We are adopting such mature digital solutions in practically every one of our sites,” says Markus Voss, CIO, and COO of DHL Supply Chain. Every client, every facility, and every one of our staff should be aware that the world of the supply chain is changing.”

Prioritize for the most impact

You won’t be able to tackle all of your problems at once, so prioritize your efforts by weighing the costs and advantages before establishing how you’ll measure progress. You may discover, as CSIRO did, that AI is in high demand worldwide, but it’s critical to pick it properly so that your work has genuine benefit.

“Everyone wants to work with our AI experts, both within the organization and outside CSIRO,” says Jon Whittle, Director of CSIRO’s Data61. “The danger is that you get pulled in too many different directions, and you are no longer able to make a difference in any area because you tried to do too many things.”

Empower everyone

Good ideas may occur from everywhere, which is why Grab’s “AI everywhere” strategy is working so well. Non-technical personnel collaborates with experts to transform concepts into reality.

“You truly unleash the potential of AI when people accept and have belief in what you’re trying to achieve with it,” says Wui Ngiap Foo, Grab’s Head of Technology.

Put your data to work

Data may be utilized in unexpected ways to enable human skills to be enhanced and scaled. For WPP’s designers and marketers, data generated inspiration and new ideas, allowing them to be even more creative.

“Data isn’t dull; it can inspire and amaze,” says Di Mayze, WPP’s Global Head of Data & AI. And that’s exactly what we want: data and creativity to collaborate and celebrate together! ”

When you consider data loss, stock price damage, and enforced fines from violations of the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other rules, data breaches are incredibly costly for businesses. They also have the potential to erode the faith of individuals who are victims of identity theft, credit card fraud, or other harmful behaviors as a result of the breaches. In 2021, the number of data breaches increased by 68 percent to 1,862 (the most in 17 years), with an average cost of USD4.24 million per breach. Healthcare data breaches alone affected 45 million individuals, more than double the number affected only three years before.

Sensitive data is secret information gathered from consumers, prospects, partners, and workers by businesses. Credit card numbers, personally identifiable information (PII) such as a home address and date of birth, Social Security Numbers (SSNs), corporate intellectual property (IP) such as product schematics, protected health information (PHI), and medical record information that could be used to identify an individual are all examples of sensitive data.

A data breach might influence every level of a business, from IT operations to red and blue teams to the board of directors. How do companies identify sensitive data at scale and prevent it from being accidentally exposed? Let’s take a look at four of the most serious threats to sensitive data and how to safeguard it.

1. Discovering where sensitive data lives

Organizations might be surprised by the data discovery process, which can be unpleasant at times. Within your business, sensitive data might be found in unexpected locations. For example, without your knowledge, an employee may have saved a customer’s SSN on an unprotected Microsoft 365 site or third-party cloud. Data exposure events, which occur when sensitive data is left unprotected online, put around 164 million individuals at risk out of an expected 294 million persons attacked in 2021.

A robust data discovery procedure is the only way to verify that your sensitive data is appropriately preserved. Data scans will reveal those unexpected storage sites. Handling it manually, on the other hand, is nearly impossible.

2. Classifying data to learn what’s most important

This leads to the classification of data. Once you’ve found the data, you’ll need to give it value to use as a starting point for governance. The data classification process entails identifying the sensitivity and business effect of data so that you can analyze risks with confidence. This will make it simpler to manage sensitive data in ways that prevent it from being stolen or lost.

The following are the categories used by Microsoft:

• Non-business: Personal information that does not belong to Microsoft.
• Public: Data from the business world is readily available and has been cleared for public consumption.
• General: Data from the business world should not be shared with the general public.
• Confidential: Data about Microsoft’s business that, if disclosed too widely, may hurt the company.
• Highly confidential: Business data that, if released too widely, might be disastrous for Microsoft.

Identifying data at scale is a major challenge, as is enforcing a process so employees manually mark documents as sensitive. Leveraging security products that enable auto-labeling of sensitive data across an enterprise is one method, among several that help overcome these data challenges.

3. Protecting important data

You must protect material that has been classified as confidential or highly sensitive from malicious actors once it has been classified as such. The Chief Information Security Officer (CISO) and Chief Data Officer are ultimately responsible for preventing inadvertent data disclosure. They are in charge of safeguarding information and exchanging data through policies and routines that allow for security while not impeding workplace efficiency.

Data leakage protection is becoming increasingly important in the industry. The Allianz Risk Barometer is an annual analysis that analyzes the most significant risks facing businesses in the coming year. Allianz gathered information from 2,650 risk management specialists from 89 countries and territories for the 2022 research. For only the second time in the survey’s history, cyber events came out on top. Business disruptions scored 42 percent, natural disasters 25 percent, and pandemic breakouts 22 percent, while cyber events placed higher at 44 percent.

4. Governing data to reduce unnecessary data risks

Data governance guarantees that your information is discoverable, accurate, reliable, and secure. To successfully manage the data lifecycle, you must store data for the appropriate time. You don’t want to keep data for any longer than is required since it increases the quantity of data that might be exposed in a data breach. You also don’t want to erase data too rapidly, since this might put your company in jeopardy of regulatory penalties. Personal data is sometimes collected by businesses to deliver better services or other economic value. Customers who wish to learn more about your services, for example, may provide you with personal information. When data no longer serves a function, it must be removed by the data minimization principle.

How to approach sensitive data

The consequences of failing to address these issues can be severe. Violations of rules or standards can have serious financial and legal consequences for businesses. In 2021, for example, a few well-known businesses were fined hundreds of millions of euros. One of the fines was for failing to comply with the GDPR’s personal data processing obligations. Another reason was that customers were not given enough information about data processing procedures in a privacy policy. Since January 28, 2021, the data protection authorities have fined a total of $1.25 billion for GDPR violations.

How do you safeguard sensitive data in light of the potentially severe consequences? As previously said, data discovery entails discovering all of the locations where your sensitive data is kept. Support for sensitive data types, which may identify data using built-in or custom regular expressions or functions, makes this considerably easier. We propose searching for a multi-cloud, multi-platform solution that allows you to use automation because critical data is everywhere.

We recommend establishing a plan through technology rather than depending on humans when it comes to data classification. People, after all, are busy, and they are prone to overlooking details or making mistakes. Additionally, because businesses might have hundreds of sensitive documents, manual data categorization and identification is impractical because the procedure is too slow and imprecise. Look for data categorization software that allows for auto-labeling, auto-classification, and classification enforcement throughout an organization. Using data examples, trainable classifiers detect sensitive data.

Some solution suppliers separate productivity and compliance and try to include data protection as an afterthought. To secure sensitive data, we offer a method that incorporates data protection into your existing procedures. When thinking about plan security, think about who has access to the data. Where should data be stored, and where should it not be stored? What can be done with the information?

Microsoft products provide auditing capabilities, allowing data to be observed and monitored without being stopped. It can also be overridden so that it does not obstruct commerce. Also, think about if you want to protect data or have standing access (identity governance). Data leakage prevention software helps safeguard sensitive records, which is critical since laws and regulations hold businesses accountable.