Tbtech New Years Edition by Launched

tbtech publication £9.99 tbtech.co STORIES INSPIRED BY MODERN LIVING. DECEMBER 2023

What does the future hold? 2024 PREDICTIONS

May 2023

Meet your tbtech team.

JOE ALLEN

PAUL WHITTALL

MATT ROBERTS

Joe has vast experience and knowledge accumulated and honed as a New Business Development Manager and Relationship Manager. Responsible for generating new business opportunities, looking after the growth of the company and strategy, sourcing new ventures and managing the company.

Paul stops at nothing to innovate and create value for our customers. His mission is help those we work with to win in their markets. Passionate about delivering customer success and have had the pleasure of supporting many of the world’s leading technology brands for over 15 years.

Matt is Operations Manager at TBTech, he has spent the last 15 years working with multinational IT companies building campaigns, GTM strategies, leading both Sales and Marketing teams to achieve organisational goals. With a love of computer science, history, and psychology he is an advocate for change, operational efficiency and automation. Value across the business for all our customers.

May 2023

We have been working behind-the-scenes to elevate the readers experience.

ERIN LANAHAN Erin’s love for advertising and design has led her to Tbtech as the Media Marketing Apprentice. She loves exploring new skills and learning more about the tech sector and making sure the magazine is up to standards.

May 2023

FEATURED

Five Key Cybersecurity Trends for 2024 Predicted by CyberQ Group. 1. Remote and partial home workers becoming the norm’. Remote working as the new norm’, as established during Covid lockdowns, has proven that many employees and employers favour at least some form of hybrid home working (one third of workers believe they’ll be able to do their jobs from anywhere in the world within the next 5 years). However, 67% of companies have seen some form of attack via hybrid workers, since Covid.

May 2023

By Gary Kinsley, Director, Worldwide Channel Partner CyberQ Group

CONTINUE ON NEXT PAGE >

May 2023

CONTINUED >

Five Key Cybersecurity Trends for 2024 Predicted by CyberQ Group. CyberQ Group’s position: More companies are aware that remote workers add a further dimension of risk. Technology is improving to help mitigate that risk with products around mobile security, and tech’ like SASE (Secure Access Service Edge) where all traffic goes through the cloud (albeit slower), and locations can still get disrupted. CyberQ Group believes constant cyber-vigilance and 24hour breach notifications will be required by more companies. 2. AI used to code better malware and hunt vulnerabilities. This double-edge sword will affect cybersecurity both positively and negatively. Quite who’ll win is less apparent. Indeed, many cybersecurity providers are leveraging AI to better predict and block malware and attacks. However, AI can also be used to code and “debug’ malware. This will lower the technical barrier to entry for wanna-be bad actors and improve malware’s ability to avoid detection.

CyberQ Group’s position: We believe AI will be able to take malware to new levels in the near future. This is not to say the tools and services around protection will not be able to keep pace. Ultimately the diligence we advocate today, and in all likelihood, new services, will map to the enhanced threat landscape. 3. AI Persona’s. Perhaps more worrying is AI personae and Personal Digital Identities. The AI-related threats that we observe are mostly related to phishing, impersonation and deepfakes. AI allows cyber criminals who don’t know a particular spoken language to craft perfect phishing emails in that language, making the emails sound like they were written by native speakers, and coupled with Identity Theft can make ‘official’ email instructions even more compelling. To counter this, AI can be used to identify specific patterns or anomalies within email content and provide warning. But the fear remains, most of the phishing content that’s created by AI is good, especially since personal data can be pulled directly from the internet,

example being the latest version of ChatGPT. For this reason, Credential Theft, and related financial scams will, sadly, only continue to grow in 2024. CyberQ Group’s position: On the phishing and impersonation side we see AI being used and this will likely only grow in relevance. AI-based prevention solutions can better identify suspicious attachments and links, and this can prevent the attacks in the initial stages. Of course, the best way to counter AI-based phishing threats is still to avoid clicking on links and attachments, for which continued staff education is the practical answer. 4. Tough times will encourage the forces behind cyber-attacks. As we’ve seen in 2023 with the Ukrainian and Gaza conflicts, State sponsored hacking will likely grow as a source of revenue generation via ransomware attacks; as will the rise of DDoS attacks, mostly from hacktivist sites trying to disrupt the functionality of websites who’s views they oppose.

May 2023

CyberQ Group’s position: Security vendor Palo Alto now claim the average cost (to the victim) of a security breach as risen to US$2.4m. this trend can be assumed to continue. Given the complexity of the various tech’ stacks, we expect vendor consolidation to be a key area of focus for many organisations as we move into 2024. Reviewing and leveraging existing technologies provides multiple benefits, including cost and time saving while enables stronger supplier relationships. This bodes well for the vendor agnostic cybersecurity consultants (such as CyberQ Group) as tech’ neutrality is valued as a way to maximise budget spend. 5. Evolution of regulations. Two important pieces of legislation will come into effect during 2024. Firstly NIS-2; the EU Commission shall implement acts laying down the technical and methodological requirements for a “high common level of cybersecurity”. This will affect us all to some extent as it also includes supply-chains and services. Secondly, the financial services industry will have further

DORA policies to meet as guided by CISA’s recommendations and the European Commission’s Digital Operational Resiliency Act (DORA). CyberQ Group’s position: We see this as broadly helpful in guiding organisations to understand and adhere to ‘best practices’ around cybersecurity. Although defined by the EU, UK companies will want to adhere. A further effect is likely to be the welcome combination of legal services and technical services to ensure companies and organisations are both technically and legally compliant with the regulations. To this end, CyberQ Group is pleased to partner with Trowers & Hamlins, a wellestablished global legal practice.

May 2023

FEATURED

Chief AI Officer shares five AI trends for 2024 London, UK – A year on from the release of ChatGPT, the workplace is still coming to terms with all the ways that this new technology is changing lives in and out of work. From onboarding new employees to creating personalised customer experiences, AI is already opening up new possibilities for what can be achieved.

May 2023

By Dan O’Connell, AI and Strategy Officer, Dialpad’s Chief

CONTINUE ON NEXT PAGE >

May 2023

CONTINUED >

Chief AI Officer shares five AI trends for 2024 Dan O’Connell, Chief AI and Strategy Officer at Dialpad, shares his top five predictions on how generative AI will revolutionise the communications industry in the coming year. 1. INDUSTRY-SPECIFIC, PRIVATE LLMS WILL BECOME STANDARD Large-language models such as the one used by ChatGPT are now household names, impacting people across the globe in and out of the workplace environment. However, as ChatGPT’s data comes from scanning many sources on the internet, it can lack the specificity needed for tailored industry use cases. Industryspecific LLMs, such as those that draw their data from business conversations in customer services for example, will become more commonplace in the year ahead. ‘’An LLM is only as smart as the data it draws from. A specialised, domain-specific LLM will generate a more tailored and relevant output, while a more generic LLM has a higher likelihood of delivering hallucinations and biassed results,’’ O’Connell

said. ‘’Particularly in customer services, where real-time insights play a crucial role, this type of LLM will really become a game changer, empowering businesses to provide exceptional service and stay ahead in a rapidly evolving market.’’

place for our AI teams, as well as ensured that the teams themselves come from diverse backgrounds and schools of thought.’’

2. DIVERSE DATA TEAMS WILL BECOME CRITICAL FOR UNBIASED AI OUTPUTS

Individually crafted experiences for customers will be a defining trend of 2024. Companies will need to understand how AI can drive the most engaging online experiences for their customers or risk losing them. It’s well known that AI has the power to transform processes and make lives easier for workers, but we also need to understand how it can be used to take customer experiences to the next level.

Increasing diversity within organisations should always be a priority for business leaders, and the same can be said for data that is used to train AI. To ensure that bias is not built into AI models, leaders will need to ensure that they have diverse data teams that are bringing their distinct worldview and experience to the table. ‘‘Data is the fuel that powers AI, and if we don’t make a purposeful effort to ensure that training data is not biassed, we risk training our models to be as skewed as society can be,’’ O’Connell said. ‘‘This is something that needs to be recognised early on, which is why we have put guiding principles in

3. BESPOKE CUSTOMER EXPERIENCES WILL BE MANDATORY

‘‘Today’s customers expect an end-to-end digital experience, and they have high standards and expectations. Personalised recommendations and selfservice options targeted at each customer’s unique needs are no longer optional - they are mandatory. If companies can keep up with these ever evolving market expectations and make

May 2023

use of new technologies, they will be able to keep up the pace and build customer loyalty,’’ said O’Connell. 4. ‘‘ACTIVE LEARNING’’ WILL BE A KEY FOCUS FOR AI TEAMS Like people, AI models need training and development. They need to be constantly improved and perfected to make sure they are generating the most accurate outputs for a business, and as more companies adopt AI as part of their operations - this will need to be a key focus. ‘‘Supervised, active learning for models is a huge role that humans play in making sure AI systems are providing accuracy for end users,’’ O’Connell said. ‘‘In communications for example, companies have a responsibility to not only make sure bias does not come into play, but also continuously update the training data to account for new languages, dialects and forms of speech.’’

5. AI WILL REVOLUTIONISE ONBOARDING FOR ORGANISATIONS One process that can be incredibly time consuming for organisations is onboarding new employees. During a period when there is considerable turnover in many industries, AI has the power to streamline onboarding in ways that would not have been possible a few years prior. ‘‘In the era of generative AI, we have to re-think some of the traditional processes and figure out how to simplify them onboarding is a prime example of this. Now, AI can generate information instantly for employees to support them through the process of joining a company. This reduces the resources and time needed to bring new employees up to speed with a company’s products and services. In the coming year, we’ll begin to see companies taking greater advantage of this and reaping the benefits,’’ O’Connell concluded.

May 2023

FEATURED

WatchGuard Threat Lab Analysts Release 2024 Cybersecurity Predictions SEATTLE – Nov. 29, 2023 – WatchGuard® Technologies, a global leader in unified cybersecurity, today announced the release of its 2024 Cybersecurity Predictions. WatchGuard’s latest annual batch of predictions covers the most prominent attacks and information security trends that the WatchGuard Threat Lab research team believes will emerge in 2024, including malicious prompt engineering tricks targeting large language models (LLMs), managed service providers (MSPs) doubling down on unified security platforms with heavy automation, “Vishers” scaling their malicious operations with AIbased voice chatbots, hacks on modern VR/MR headsets, and more.

May 2023

By Kevin Bull CSO WatchGuard

CONTINUE ON NEXT PAGE >

May 2023

CONTINUED >

WatchGuard Threat Lab Analysts Release 2024 Cybersecurity Predictions “Every new technology trend opens up new attack vectors for cybercriminals,” said Corey Nachreiner, chief security officer at WatchGuard Technologies. “In 2024, the emerging threats targeting companies and individuals will be even more intense, complicated, and difficult to manage. With an ongoing cybersecurity skills shortage, the need for MSPs, unified security, and automated platforms to bolster cybersecurity and protect organisations from the everevolving threat landscape have never been greater.” The following is a summary of the WatchGuard Threat Lab team’s top cybersecurity predictions for 2024:

PROMPT ENGINEERING TRICKS LARGE LANGUAGE MODELS (LLMS) Companies and individuals are experimenting with LLMs to increase operational efficiency. But threat actors are learning how to exploit LLMs for their own malicious purposes as well. During 2024, the WatchGuard Threat Lab predicts that a smart prompt engineer ‒ whether a criminal attacker or researcher ‒ will crack the code and manipulate an LLM into leaking private data. MSPS DOUBLE DOWN ON SECURITY SERVICES VIA AUTOMATED PLATFORMS With approximately 3.4 million open cybersecurity jobs, and fierce competition for the talent that is available, more small- to midsized- companies will turn to trusted managed service and security service providers, known as MSPs and MSSPs, to protect them in 2024. To accommodate growing demand and scarce staffing resources, MSPs and MSSPs will double down on unified security platforms with

May 2023

heavy automation using artificial intelligence (AI) and machine learning (ML). AI SPEAR PHISHING TOOL SALES BOOM ON THE DARK WEB Cybercriminals can already buy tools on the underground that send spam email, automatically craft convincing texts, and scrape the Internet and social media for a particular target’s information and connections, but a lot of these tools are still manual and require attackers to target one user or group at a time. Well-formatted procedural tasks like these are perfect for automation via artificial intelligence and machine learning – making it likely that AI-powered tools will emerge as best sellers on the dark web in 2024. AI-BASED VISHING TAKES OFF IN 2024 While Voice over Internet Protocol (VoIP) and automation technology make it easy to mass dial thousands of numbers, once a potential victim has been baited onto a call, it still takes

a human scammer to reel them in. This system limits the scale of vishing operations. But in 2024 this could change. WatchGuard predicts that the combination of convincing deepfake audio and LLMs capable of carrying on conversations with unsuspecting victims will greatly increase the scale and volume of vishing calls. What’s more, they may not even require a human threat actor’s participation. VR/MR HEADSETS ALLOW THE RECREATION OF USER ENVIRONMENTS Virtual and mixed reality (VR/MR) headsets are finally beginning to gain mass appeal. However, wherever new and useful technologies emerge, criminal and malicious hackers follow. In 2024, Threat Lab researchers forecast that either a researcher or malicious hacker will find a technique to gather some of the sensor data from VR/MR headsets to recreate the environment users are playing in.

RAMPANT QR CODE USAGE RESULTS IN A HEADLINE HACK While quick response (QR) codes – which provide a convenient way to follow a link with a device such as a mobile phone – have been around for decades, mainstream usage has exploded in recent years. Threat Lab analysts expect to see a major, headline-stealing hack in 2024 caused by an employee following a QR code to a malicious destination.

May 2023

FEATURED

CTO Insights: 2024 Healthcare Cybersecurity Predictions As 2023 comes to a close, it’s important to look back on what took place and the trends that are emerging to anticipate what the future may hold. When it comes to healthcare cybersecurity, healthcare providers continued to be a prime target of malicious actors in 2023, with significant breaches affecting healthcare organizations worldwide, including incidents involving the NHS, HCA Healthcare, the HSE and others making headlines over the past year.

May 2023

By Mohammad Waqas, CTO, Healthcare

CONTINUE ON NEXT PAGE >

May 2023

CONTINUED >

CTO Insights: 2024 Healthcare Cybersecurity Predictions As we prepare for the year ahead, healthcare providers will continue to find themselves in the crosshairs of bad actors. As such, it’s critical for security and IT pros to learn from these past experiences to better position their organizations in light of the ever-evolving threat landscape. And, while it will continue to prove to be an uphill battle, I believe that healthcare security and IT pros alongside legislators and cybersecurity vendor partners will make great strides in the coming year. Below are my five healthcare cybersecurity predictions for what we can anticipate in 2024. The tactics of malicious actors will continue to grow more sophisticated and cyberattacks will come at a higher frequency, further complicating the threat landscape surrounding healthcare providers. Ransomware attacks have not entirely ‘shifted’ from a spray and pray approach via phishing, but continue to incorporate targeted footholds and more complex attacks into environments. While

Ransomware as a Service (RaaS) and ‘simpler’ ransomware attacks will continue to target the industry, we will see a rise in much more complex ransomware and other cyberattacks that target particularly the largest healthcare providers. Generative AI is also topof-mind for security and IT pros at healthcare delivery organizations (HDOs), and a number of organizations are setting up committees to review AI capabilities – for offensive and defensive, and clinical care purposes. As the healthcare industry incorporates and innovates solution stacks with Generative AI, so will its adversaries. Whatever is available to security and IT pros is also available to malicious actors – take ransomware as a prime example of what can happen when a security capability - in this case encryption - is flipped on its head and weaponized. The very technology to keep the bad guys out is being leveraged to instead block the good guys from accessing their files. AI will help to advance patient care, but we will

also start seeing the technology being leveraged increasingly to drive more frequent, sophisticated attacks. It will be crucial in the new year that security and AI pros expedite their own use of the technology, its governance and security in order to better protect their organizations in light of this evolving threat. An increased focus on medical device security will continue to proliferate into regulations globally. We have seen the U.S. Food and Drug Administration (FDA) make these mandates – such as the most recent refuse-to-accept (RTA) policy – as well as the UK National Health Service (NHS) with its Data Security and Protection Toolkit (DSPT) legislation, and other countries across Europe develop similar guidelines. I believe we’ll also see a renewed focus on software bill of materials (SBOMs) to provide clear understanding of the software components used to build various assets. We will continue to see additional developments and specificity on medical device

security as more cybersecurity and critical infrastructure-centric regulations are drawn up. While work remains to be done and the execution to be both seen and tweaked, these regulations are a great step forward to mandate cybersecurity be baked into products and that organizations have regular assessments of the cybersecurity posture of devices. And while there are growing pains as with any new regulations, these are necessary pains. After all, a plan is only as effective as its execution. In this case - a critical plan driving the industry forward. Healthcare providers will continue to modernize their security strategies, prioritizing segmentation and defence-indepth in 2024. Segmentation will remain one of the primary methods for increasing healthcare cybersecurity. As such, security and IT pros at HDOs will look to modernize their strategy to begin segmenting their network in 2024 if they have not already. It is a massive and difficult project that

May 2023

can span many years. However, it is the project that will accomplish the greatest risk reduction in a healthcare environment and be a pillar in a proactive risk reduction strategy. What’s key for these projects is the proper planning and understanding that a segmentation project can be akin to a journey with multiple phases - discovery / inventory, behavioural and communication mapping, policy creation, prioritization, test / pilot, implementation and automation. One growing trend is a risk based prioritization approach wherein instead of a traditional method of segment lists created by manufacturer or type, healthcare organizations can achieve a much faster ROI by identifying and prioritizing the segmentation of critical vulnerable devices first - particularly patient facing devices - to achieve maximum risk reduction upfront. Additionally, defence-in-depth capabilities will start to emerge for newer medical devices. More clearly outlined security documentation and behaviours, embedded security capabilities, support for security software

and solutions, and retiring of legacy systems in favour of newer more secure devices. As a result, segmentation will start to be augmented by other security capabilities now being supported on newer medical devices such as more frequent software patching and updates. Medical device manufacturers will develop additional security partnerships and offerings. How effective this will be is still unknown at this time, but whether through professional services, technical capabilities, or new devices, we’re seeing medical device manufacturers start focusing on cybersecurity initiatives for their new medical devices. In the year ahead, I believe medical device management service providers will place additional focus on providing remediation services for medical device security advisories. Healthcare organizations will also leverage MSSPs and partner or vendor services more in order to help scale their internal operations. Using this approach can help with offloading tasks, more rapid risk reduction, as well as sharing of

information and best practices for maximum effectiveness. The cybersecurity skills shortage gap will widen. AI is being more incorporated into technology stacks, particularly as cybersecurity vendors look to harness its innovative power. It will help streamline tasks, but organizations - particularly smaller healthcare organizations with less resources - will still suffer greatly from a cybersecurity skills and experience shortage. Not only on specific technical domains, but the ability to implement and systematically mature a healthcare cybersecurity program. It’s critical to fill these gaps that HDOs look to the help of external partners to support their security programs. A foundational recommendation here is to leverage security frameworks to help build a systematic approach to improving their security posture with prioritized security efforts. A key here is to anchor the program in a framework based approach such as the NIST Cyber Security Framework (CSF) with regular reviews and gap analysis to form

a guide on priorities and efforts for the year ahead.

May 2023

FEATURED

Why 2024 will be the year RSA encryption comes under siege A2023 saw continued research into quantum computing and its potential to break current encryption standards - most famously RSA, which has been in place since 1977. Large-scale quantum computers are still years away, but academics made strides in developing new quantum algorithms and proof-of-concepts for defeating our most popular forms of encryption.

May 2023

By Tim Callan, Chief Experience Officer Sectigo

CONTINUE ON NEXT PAGE >

May 2023

CONTINUED >

Why 2024 will be the year RSA encryption comes under siege Quantum computers have mostly followed a linear progression of advancement. This advancement is about slowly building up the number of stable qubits. We have to anticipate that there will be some ‘eureka’ moments that could accelerate this advancement. The work described in this latest research took years to get to this point and will likely take longer to fully operationalise beyond experimentation. One area where we could see direct impact is the inevitable outcome that quantum computers break the cryptographic foundation stones of our modern digital systems. To solve this future problem, NIST has been leading a multi-year process to discover, test, and settle on new, “postquantum” encryption algorithms for the world to use. Last year also brought discoveries of partial shortcuts and attacks that reduced the computational time needed to break RSA. Though not practically executable yet, these advances illustrate the susceptibility of RSA in a future with quantum capabilities.

Additionally, hybrid attacks were proposed using both quantum and classical computing in tandem to optimise decryption approaches. The stage is being set for the day quantum computers can execute these complex attacks. For post-quantum cryptographic algorithms, this means that the progress path of quantum computers stable enough to crack traditional algorithms that we use today. The recent release of NIST’s standardisation selections and CISA’s call to arms to start taking inventory of systems that are likely affected by the Quantum Apocalypse means that it is time to engage with the vendor community and begin building competency on postquantum algorithms and their new associated technologies.

THE RACE TO BREAK RSA RSA will likely come under increased siege as researchers worldwide intensify their efforts to unravel its encryption. Postquantum cryptography (PQC) was a lightbulb moment for some researchers, who have shown increased focus on testing for weaknesses in the RSA scheme regardless of the presence of a sufficiently able quantum computer. Although I do not expect RSA to fall in the near future, I do anticipate additional revelations about how to reduce the attack time for RSA. Understanding how to leverage quantum algorithms to unravel RSA keys is now a matter of national security and economic advantage. Both academic and statesponsored research groups will compete to develop novel techniques for reducing decryption time. Conferences, research centres, and publishers will rush to platform any developments in this area. Even marginal gains in weakening RSA will capture headlines.

This intense competition will drive an influx of money and talent looking to make breakthroughs. We may even see clandestine efforts from some parties who wish to defeat encryption for malicious intent. The race is on to be the first to make RSA decryption computationally feasible.

May 2023

WHY RSA WON’T FALL

MAKING THE SWITCH

Despite that increased pressure in 2024, RSA encryption itself remains reliably strong for the foreseeable future when used at standard key lengths of 2048-bits or higher. The discoveries coming in 2024 may reduce the time to break RSA from geological ages down to merely beyond our lifetimes. They will likely remain impractical attacks given the computational power available today.

While RSA itself will endure, 2024 will mark a key milestone in its dominance. As organisations recognise an end-of-life is inevitable in a potentially postquantum era, they will start shifting strategically toward next-gen quantum-safe algorithms like CRYSTALS-Kyber and CRYSTALSDilithium.

While the fundamentals underpinning RSA will be stresstested, it was designed with such advances in mind. We stand by RSA as remaining the most robust public-key algorithm available, able to withstand emerging attack vectors. Any cracks uncovered in 2024 will be signals from years in the future when quantum capabilities may make such attacks possible — but not feasible any time soon. RSA remains essential and irreproachable for current encryption needs.

We will see calls to deprecate older cryptosystems in favour of these future-proof solutions. Migration timelines over the next decade will be proposed to facilitate proactive transitions. 2024 may spark this gradual ramp-down for RSA toward its eventual retirement. The attacks targeted at RSA will further bolster the necessity of next-gen algorithms. Organisations must begin budgeting now to upgrade their encryption to quantum-safe alternatives like lattice-based cryptography in the coming years. We must not forget the security challenges associated with this advanced technology. If a country

does develop a quantum computer capable of breaking current encryption methods, they would likely keep it a closely guarded state secret, as the UK did when it broke the Enigma code during World War II. For this reason, businesses must take their own proactive measures to prepare for this eventuality by transitioning to quantum-safe algorithms before it is too late. What businesses should be doing now is making themselves crypto-agile. This means to have the ability to change your cryptography as needed at will. And there are a few steps for crypto agility. One of them is inventory of cryptography. Surprisingly, most enterprises can’t even tell you what cryptography they have implemented, where it is, how it’s being used, and whether or not it meets current standards. While it seems safe for now, no organisation or country must breathe a sigh of relief. 2023 proved that the pressure is on in the world of cryptography, and ensuring future-proof encryption

is pivotal. Addressing the threat quantum computers pose to traditional encryption will require the wholesale changeover of supporting software and hardware. 2024 kicks off the decade-long countdown to a new era of quantum-safe cryptography.

May 2023

FEATURED

Top four compliance trends to watch in 2024 As financial institutions gear up for the next 12 months, it’s time to reflect on the key trends and developments, considering how they’ll shape the year ahead. While the financial landscape is constantly evolving, we believe there are four important issues that will shape 2024:

May 2023

By Robert Houghton, founder and CTO Insightful Technology

CONTINUE ON NEXT PAGE >

May 2023

CONTINUED >

Top four compliance trends to watch in 2024 AI-POWERED COMPLIANCE AI and automation are the buzzwords of the year, significantly changing our work landscape and set to transform our economy and social norms. Take generative AI. It’s a gamechanger for financial institutions in streamlining and securing compliance processes. Imagine a trading floor where every call and message is monitored. Certain phrases or words will trigger an automated alert to the compliance team. These alerts are typically sorted into three tiers of concern. A lowlevel alert might be triggered by a trader swearing in a conversation. These are common occurrences that result in hundreds of daily alerts, usually reviewed manually by offshore companies. This traditional review process is time consuming, open to mistakes and inconsistent.

Enter generative AI, with its dual capabilities. Firstly, it can spot the misdemeanour in real-time. Secondly, it can understand the context to see what risk it poses. If someone swore, perhaps because they were quoting a strongly worded news story, it’s not a risk. Generative AI can tell the difference between that and someone using bad language in anger, thereby reducing false positives. In the coming year, financial institutions will look at how these AI and automated decisionmaking processes can be explained, recorded and saved. However, it can’t be a “black box” that holds the fate of a trader within. By creating an audit-friendly trail, businesses will improve their chances of avoiding regulator penalties. A SMARTER MONITORING FOR THE HYBRID ERA In today’s work-anywhere culture, monitoring employees in regulated sectors like finance is key to managing risk.

But it shouldn’t turn into a nine-tofive spying game. It’s a mistake to treat remote work as if it mirrors an office setting; this can damage trust. Instead, monitoring should aim to understand work patterns, just like a heart monitor detects irregularities, signalling when the compliance team should take notice. In the shadow of US banks facing over $2 billion in fines for unchecked use of private messaging and personal devices[i] – with the SEC imposing a $125 million penalty earlier this year[ii] – the UK’s financial sector is on alert. The Financial Conduct Authority (FCA) is already looking into the matter and questioning banks about their use of private messaging, as the watchdog decides whether to launch a full probe. Financial firms must be proactive and ensure their Risk Review includes the provision to document all comms channels used by those personnel affected. From there clearly documented policies can be presented to the regulator. Ensuring review of those policies

are adhered to is an important part of the process. They need to maintain a delicate balance between productivity, employee wellbeing and strict adherence to regulations in the hybrid work era. A DEMAND FOR TRANSPARENCY In 2023, the banking sector was shaken by a wave of raids on giants like Société Générale, BNP Paribas and HSBC, as part of a large tax fraud probe in Europe[iii]. Over $1 billion in fines looms as the industry, still shaky from significant bank failures[iv], faces a heightened demand for transparency. Investigations into banks are essential when there’s evidence of criminal conduct, but they must be conducted with care. Raids can expose vast amounts of sensitive data, affecting not just the banks but numerous customers. Authorities should focus only on specific accounts with clear signs of foul play rather than casting a wide net.

May 2023

The Paris raids, in particular, were an alarming example of the vulnerability of personal information, with hundreds of thousands of accounts indiscriminately scrutinised. These raids have set a dangerous standard where privacy is secondary. As we approach next year, the financial sector must grapple with this double-edged sword: pursuing fraudsters while safeguarding individual privacy. The presumption of guilt will remain rife in the financial sector, however this will be partnered with a call for institutions and regulators to be more transparent with their activity. A ONE SOURCE ADVANTAGE As the stakes for non-compliance get higher and regulators scrutinise financial firms more closely, institutions will need to have a more comprehensive and centralised approach to data integrity, management, access and risk management. This includes creating ‘one source’ of data, which is a single, authoritative source of truth that can be used for

risk analysis, proof of adherence to policy, reporting, analysis, and compliance. Currently, many banks have a patchwork of data silos, which are collections of information that are not easily accessible to the bank because they are recorded or stored differently. This makes it difficult for banks to get a complete picture of their data and to comply with regulations. Historically, this would have required a significant investment in time and resources. Now, modern solutions simplify this process, offering a more efficient path. In the long run, having a single source of data will help banks reduce costs, improve compliance and make better decisions. For those who continue to turn a blind eye to this issue will face financial penalties, operational risks, and irreparable reputational damage. Overall, it’s safe to say that 2024 will continue to prove the need to strike a balance between technology and people in a bid for demonstratable compliance. As financial institutions prepare, they must consider their position

on the work-anywhere spectrum, and how the combination of AI, automation, transparency and leadership can ensure they’re living by the letter of the law next year. Roll on 2024!

May 2023

FEATURED

AI’s role in the workplace of 2024 In 2024, governments and organisations are placing big bets on AI. By announcing last year’s AI Summit at Bletchley Park, Rishi Sunak made clear his intention for the UK to become a leader in international AI regulation. But to achieve this, we need to think practically about AI – the vague speculating about industry transformation is over, and organisations must decide the most effective ways to use AI to streamline operations today.

May 2023

By Jaeger Glucina, MD and Chief of Staff Extreme Networks Luminance

CONTINUE ON NEXT PAGE >

May 2023

CONTINUED >

AI’s role in the workplace of 2024 INCREASING EFFICIENCY WITH AI AI has already begun to alleviate some of the pressure of labourintensive tasks for time-stretched employees – and nowhere is this more needed than within small businesses. The legal sector gives us a great example here, as a recent survey found that 80% of in-house lawyers say manual work detracts from time spent working towards wider business goals. Legal departments spend several hours a day reviewing highly standardised contracts and agreements, manually redlining contracts and highlighting nonstandard language. By using AI to automate the reading and analysing of standard contracts, legal professionals can produce a mutually agreeable contract where humans have only needed to be brought in right at the point of signing, taking contract negotiation from hours to minutes. For example, the in-house legal team at UK-based technology company, proSapient, decided to employ AI to automate high-volume, repetitive, and

routine legal tasks after scaling rapidly. With a lean legal team, proSapient knew the business needed a way of streamlining internal workflows and meeting growing business demand. With next-generation AI, proSapient completely automated the negotiation and review of highly repetitive and standardised contracts such as NDAs and Master Service Agreements. With AI streamlining these legal process, the team has saved 40% on administrative tasks per week. CLOSING THE AI SKILLS GAP If we’re to realise Rishi Sunak’s ambitious goal of the UK as an AI superpower, businesses will need to use 2024 to arm their employees with the knowledge to use AI safely and to the best of its ability. At the moment, only one in ten workers has the right skills to keep pace with AI’s current rate of development, with the digital skills gap costing the UK government £12.8bn. The UK government is already investing millions into scholarships for educational courses about AI and Data, but more can be done to ensure

May 2023

access to reskilling programs for those already in the work force and training programs for those looking to enter the booming sector. Still, while not everyone needs to be a technical expert, there needs to be broader work done to educate the general public on the key concepts underpinning AI, such a probability and risk. Along with educating the workforce on what AI can and can’t do, and how to spot true AI. As home to some of the educational institutions in the world, companies in the UK are well placed to partner with universities and research bodies to drive innovation and tap into emerging talent. THE IMPORTANCE OF SPECIALISATION Despite its huge promise, wellpublicised mishaps involving generative AI last year, such as citing fictitious case law and producing false accusations of sexual harassment, have highlighted the importance of specialist AI. While generalist models like ChatGPT cannot

necessarily meet the strict requirements and standards of industries like law and healthcare, specialist AI platforms can deliver greater productivity and efficiency with an understanding of specific language, industry context, and the outcomes of its decisions. Importantly, AI can only be as good as business’ employees. Going forward, the focus will shift to how businesses are marrying the power of the technology with human critical and creative thinking. By freeing up employees’ time to work on creating new ideas, identifying business opportunities, and strengthening the business, AI will be on its way to realising its promise of a technological revolution.

May 2023

FEATURED

Manufacturing: reaping the rewards of smart factories Manufacturing is entering Industry 4.0, giving rise to the world’s first smart factories. A golden rush of data now pours from previously offline machinery, offering an unprecedented overview and insight into the entire manufacturing process. And that’s just the beginning. From digital twins to biometric screening and payment, intelligent energy and climate management, smart sensors, digital signage and 360 analytics for IT, Operations, and Marketing, the modern factory is becoming a marvellous technological beehive. And the honey?

May 2023

ByDahwood Ahmed, Regional Director UK&I Extreme Networks

CONTINUE ON NEXT PAGE >

May 2023

CONTINUED >

Manufacturing: reaping the rewards of smart factories Rich, actionable data. Digital tonnes of it. However, all this data needs to be collected, analysed, and used in real-time. And when there’s that much traffic, it can easily overwhelm and crash a traditional network infrastructure. In other words, one of the biggest problems in modern manufacturing isn’t building a smart factory. It’s keeping it running safely at maximum capacity – and reaping the rewards. A SMARTER WORLD As we all know, every industry on the planet has been forced to adjust over the last five years. Manufacturing was no exception to this abrupt disruption of the status quo. Not only was it because of war, a pandemic, and economic headwinds, but also because several game-changing technologies matured or were invented, introducing nextgeneration tools in areas such as cloud technology, IoT, robotics, blockchain, AI, and more.

All these changes and challenges created unprecedented pressure to keep the world’s production and supply chain flowing.

monitor equipment performance, identify potential problems before they occur, and automate manual processes.

Luckily, manufacturing is an experienced and mature industry used to handling significant changes. Its leaders are already embracing digital transformations and innovative technologies, making impactful strides towards increased productivity, production, and capacity without sacrificing resilience and safety.

And on top of data-driven decisions, there’s predictive analytics. By extracting actionable intelligence from new and existing data sources to predict future trends and behaviours, manufacturers can make further improvements to machine maintenance, supply chain optimisation, the quality of goods produced, the customer experience, and safety procedures.

Consequently, manufacturing machines and everything else connected to the factory is coming online, providing manufacturers with something they have never had before. A real-time digital overview of – and insight into – the entire manufacturing process. IT ALL COMES DOWN TO DATA So, by gathering and analysing data from sensors, machines, and other IoT devices, manufacturers gain real-time insights into their operations. They can measure and

On the topic of safety, smart factory technology also provides significant benefits. Smart factory solutions can help prevent accidents and keep workers safe by monitoring the environment and equipment, identifying potential hazards, and alerting workers to potential dangers. In addition to safety, smart factory technology can help optimise energy usage, reducing costs and making it more sustainable.

Needless to say, these are massive changes that will have considerable effects on an operation’s efficiency and effectiveness. This is particularly significant for manufacturing because the industry is full of operations where even minuscule improvements can yield massive results. BUILDING SKYSCRAPERS ON OUTDATED FOUNDATIONS However, all these new trains need tracks. Legacy network technology wasn’t built to handle the complexity or sheer amounts of data circulating in a smart factory. Nor does it have the other capabilities of modern networking, such as running digital twins. Digital twins and simulation technologies are arguably some of the most transforming manufacturing tools to emerge from Industry 4.0. They revolutionise how manufacturers design, test, and optimise their operations by letting them create virtual models of their networks and processes. Using these models, they can simulate and

May 2023

test different scenarios without impacting production. Yet this also requires a modern network infrastructure because of the incredible amounts of data passing between physical manufacturing processes and digital twin simulations. And the more processes come online, the more important it becomes to stay online. Production line downtime, regardless of its cause, whether it’s system overload, equipment malfunction, or connectivity loss, is a costly affair. Between 20192020 and 2021-2022, the annual cost of downtime for Fortune 500 companies worldwide soared by 65%, to more than £102 million.

be taken seriously. From network disruption to halted production, lost data, compromised security, and reputational damage, cybercriminals seek to hold manufacturing operations hostage in any way they can, fully aware that a million-pound payout could be cheaper than an idle operation. Network hardening strengthens a factory’s defences and can mitigate both passive (data is left intact) and active (data is corrupted or destroyed) forms of cybercrime. It provides industrial security and mitigates risk by providing a robust, secure network for a high density of connected devices. Which brings us back to the heart of the matter.

And that’s per facility. STAYING SECURE

THE NEED FOR NEW INFRASTRUCTURE

It’s not just network failure or equipment malfunctions, either. One of the few downsides of coming online is the exposure to bad actors, who are a relatively new threat to manufacturers. But cybercrime is a threat that needs to

Industry 4.0 is undoubtedly the next step in the evolution of manufacturing. Just like our brains process millions of nerve signals daily to transform our bodies into cohesive entities, smart factories can use technologies and the

data they produce to create interconnected manufacturing marvels. But information must flow, and fast. If manufacturers want to reach their goals, if they want to build and run their smart new factories to the absolute pinnacle of their potential, they need to start at the beginning. They need to start with the foundation. In other words, the network infrastructure.

P R O U D PA RT N E R S O F

Find us at these events or subscribe to tbtech at tbtech.co for the latest news on technology for business.

Want us to attend your event, promote your story or showcase your brand on our website? Email us at hello@tbtech.co

EVENTS

STORIES INSPIRED BY MODERN LIVING.