Monthly Archives: February 2023

Awards, Food & Drink, News, Scotland, Tourism

Stirling Distillery Win Visitor Attraction of the Year

Stirling Distillery, situated in the shadow of Stirling Castle, has been awarded Visitor Attraction of the Year at Stirling Business Awards.

The distillery beat off competition from Stirling Castle and the Stirling Smith Art Gallery and Museum to win the award. Stirling Distillery is situated in a converted Victorian building on Lower Castlehill just a short walk from the Castle and has been awarded a Tripadvisor Travellers Choice Award for their gin and whisky experiences for several years.

Boasting over 600 5-star reviews on Tripadvisor, a 3 star VisitScotland rating and a popular destination for coach tours, thousands of people visit the distillery to enjoy their whiskies and award-winning gins and gin liqueurs every year as well as attending their weekly gin school. The distillery also hosts monthly cocktail masterclasses and can be hired out for events for 60 people. Visit https://stirlingdistillery.com/ for more information.

More than 16,000 votes were cast for the companies nominated in the ten categories for the inaugural awards which are run by Go Forth Stirling BID. The event was headlined by Celtic rock band Red Hot Chilli Pipers and hosted by Central FM.

Stirling Distillery is well known for celebrating the rich history and folklore of the famous Scottish city through their product range. To celebrate their win, Stirling Distillery are offering 50% off tours until the end of March. Use code Winner50 at check out. Book here: https://stirlingdistillery.com/visit-our-distillery/

 

About Stirling Distillery

Stirling Distillery, established in 2015, is steeped in Scottish history. Located in the shadow of Stirling Castle, central Scotland, it is the city’s first legal distillery. Offering a range of gins and whiskies all with historic relevance, the distillery is open daily for gin experiences, tastings and a weekly gin school.

News, Telecoms, Telecoms News

£5.4 million-valued broadband start up Brillband eyes international growth as investors back business with £1m in just nine months

  • Fresh £475,00 investment will help broadband start-up expand across the UK and into international markets by 2025 
  • Glasgow-founded Internet Service Provider (ISP) rolls out across Scotland as customers join in Edinburgh, Aberdeen, Stirling, and Inverness  
  • New jobs promised in software development, marketing, and customer contact divisions as business grows 
  • Start-up expert hails ‘opportunities for growth and scalability’ as investors back entrepreneur and Brillband founder Duncan Di Biase 

SCOTTISH broadband start up Brillband has revealed plans for national and international expansion after securing an additional £475,000 investment.

 

The money – including personal backing from digital infrastructure banking experts based in Australia and Norway-based angel investors – takes overall investment in the Glasgow-founded broadband start-up to more than £1 million in just nine months.

£5.4 million-valued Brillband – the first Scottish internet service provider (ISP) designed for full-fibre network capability – launched in Glasgow and Renfrewshire in November last year, and has since expanded across Scotland with new customer bases established in cities including Edinburgh, Dundee, Aberdeen, Stirling, and Inverness.

The new investment will be used to develop Brillband’s pioneering technology – including the expansion of its software development team – as well as growth in its marketing and customer experience divisions, with the ISP primed to expand across the UK in early 2024 with sights then set on Europe the following year.

 

Brillband – whose model revolves around a single rate for the fastest speed for the duration of a customer’s contract with no mid-contract price hikes – is available exclusively on the rapidly growing the Cityfibre network, and is already one of the network’s fastest growing ISPs in Scotland on a list that includes Vodafone and Talk Talk.

Cityfibre is already available to more than 2.2 million UK homes, with plans to grow that number to eight million homes across 285 cities, towns, and villages across the UK by the end of 2025.

The UK telecoms regulator, Ofcom, recently launched a new review into whether inflation-linked mid-contract price rises give phone and broadband ISP customers “sufficient certainty and clarity about what they can expect to pay.”

Duncan Di Biase, Brillband’s founder and CEO (Pictured above), says Brillband’s reliability and price point have been popular with customers, and added that the software-based ISP’s capability for scalability and commitment to ‘doing things differently’ has helped attract fresh investment.

 

He said: “This investment opens the door to our next phase of growth across Scotland, with expansion across the UK next and then into Europe by 2025.

“The message is spreading and momentum is building around the brand as consumers wake up to the realisation they have been overpaying for broadband. We have growing customer bases in all Scotland’s major cities, and as CityFibre grows so will we.

“Our investors believe in the brand we have built, our purpose, the people behind it, and the potential for Brillband. No other provider has the growth and scale potential we offer and the faith our investors have shown in us demonstrates that.

“Our software-based model creates agility competitors reliant on traditional copper infrastructure do not have. Legacy networks and infrastructure mean the big providers would need to invest hundreds of millions to move as fast and as far as we can.

“Brillband is a pill not a vitamin – it is driving the change the broadband industry needs. Our model and our software has the potential to transform broadband forever.

“2023 will be a huge year for Brillband, and we have major announcements on the horizon. However, our purpose – to provide the best possible broadband connection with outstanding customer service – will remain regardless of how big Brillband gets. That is what will always set us apart.”

 

Emma Loedel, Glasgow director of global entrepreneur network Start Up Grind, believes Brillband’s potential for scalability and focus on doing things differently make it one of the most exciting prospects in Scotland’s start-up community.

She said: “Scotland’s tech scene is buzzing at the moment and entrepreneurs such as Duncan (Di Biase) are the reason for it. It’s a community rich in ideas and the determination to deliver them, and that’s what’s so attractive to investors.

“Brillband’s fresh perspective on how broadband can be delivered – backed up by technology – offers its customers a genuine alternative to the accepted norm and that builds interest.

“Investors are putting their hands in their pockets because they see the scalability potential for Brillband’s model beyond their borders, and that’s a really exciting prospect for the company, and what could become another Scottish tech success story.”

 

Brillband is committed to providing broadband sustainably, with its technology designed to minimise the amount of hardware required. The provider is also working with Amazon to offer customers eero 6 routers, which will last for the duration of a customer’s relationship with Brillband.

Brillband’s commitment to customer service is already evident, with the ISP already rated 4.4 on independent review website Truspilot,

 

To find out more about Brillband visit brillband.com

 

Charity & CSR, Finance and Banking, News

Managing fraud risk in five steps

Written by Arlene Clapham, Senior Risk and Assurance Manager, Sayer Vincent

Fraud is a very real risk but something that tends not to be discussed enough in charities despite figures showing it’s on the rise.

According to Action Fraud there was a 44% increase in the value of frauds between January and November 2022 compared with the same period last year[i].

Also, a survey found that almost six in ten charities believe the risk of fraud will increase in 2023 with misappropriation of funds by staff now posing the biggest threat[ii].

Charities identified the economic downturn and the cost-of-living crisis as potential catalysts, while 40% of respondents felt that hybrid working had increased their fraud risks.

Charity fraud is an important issue for charities to address, not only because of the financial loss but because of the potential reputational damage which could affect future income, as well as the charity’s ability to recruit and retain staff.

 

Several factors about the current working climate could have contributed to the rise in fraud.  There has been a growing reliance on technology; more people are working remotely and cost cutting in organisations which has meant workforces are more streamlined and there is less time to oversee people and processes.

There is also the cost-of-living crisis so staff and volunteers will be experiencing this in varying degrees. It’s therefore vital that charities focus identify their weaknesses and risks and put measures in place to help prevent fraud.

Below are five steps to managing fraud risks:

1. Accept fraud exists.

Fraud is a real risk both externally and internally, so charities need to accept this. It could be the dominant CEO, the trusted finance manager or someone on the board of trustees. It could be a volunteer in a retail shop, or the office temp. Fraud is conducted by people so it could be anyone inside or outside the organisation.

Cybercrime through phishing emails and ransomware is an area of growing concern too. Last year it was reported that one in eight charities had been affected by cybercrime in the past 12 months[iii]. Also, people using a charity’s name to fundraise is something organisations need to be aware of and monitor.

 

2.Understand vulnerable areas.

When thinking about fraud risk charities should take a step back and think through where the opportunities are for fraudsters to commit fraud. They will be different for each charity but the common areas where fraud occurs are:

  • Payroll and expenses
  • Payment and procurement processes
  • Fundraising activities
  • Grant making
  • Cyber risks

It’s the duty of management teams to identify weak spots and to regularly assess these.

 

3. Build awareness and the right culture.

Build awareness of where fraud could happen and develop a culture where people are willing to challenge non-compliance. Openly discussing the risks and developing genuine accountability which is part of good governance is essential.

The senior management team and trustees should always lead by example and ensure they adhere to policies. Charities also need to encourage the management team to test policies and try to go outside of the guidelines to see if staff reject requests that do not follow due process.

Some charities don’t have fraud, bribery, and corruption policies but it’s important to create these and ensure they are aligned with other procedures and that they are transparent across the organisation.  Also having a culture that regularly communicates fraud risks such as reminding staff not to click on phishing emails can help prevent fraud.

Finally, whistleblowing is a common route for becoming aware of fraud but charities need to consider where whistleblowing reports go and who is responsible for what happens if someone highlights a potential fraud. It’s important that staff and volunteers see that action will be taken if they do report something, otherwise it can feel like a waste of time or that the organisation doesn’t care.

 

4. Review and assess your controls.

As working practices have changed with more people working at home, it is a good time to review what controls are in place and check they are still fit for purpose.

This may feel like just one more thing that charities don’t have time to do as they are already stretched but it’s really important to be proactive in this area. For charities that haven’t considered fraud as a high priority risk area now is the time to re-evaluate this.

Thinking about how the organisation would respond to an allegation of fraud and having a fraud response plan is vital too. This should include how the charity decides if they have the skills and capacity to investigate internally and whether those with the right skills are suitably independent.

 

5. Report and take action.

If fraud does occur, it should be reported to the appropriate organisation, which may be the police, Action Fraud, or the Charity Commission. It’s also essential to think about whether insurers, donors or auditors need to know, as well as brief spokespeople if it’s expected to be picked up by the media.

 

To conclude

Most frauds are identified by having good internal controls so making sure these are robust and fit for purpose is the first arm of defence. Whistleblowing is the next way fraud is uncovered but charities must make sure they have a process for collating and dealing with these allegations.

Taking time to understand the organisation’s vulnerabilities, and having policies and response plans in place that are transparent and communicated across the organisation will help safeguard the charity, as far as possible from fraud.

We recently ran a webinar on fraud which offers tips for managing fraud and outlines the ‘fraud triangle’ – a model that predicts the conditions that lead people or companies to commit fraud. To listen to this informative session, click here.

 

Other recommended resources include:

 

[i] https://www.civilsociety.co.uk/news/charity-fraud-losses-up-44-in-2022-data-shows.html

[ii] https://fundraising.co.uk/2022/12/15/almost-6-in-10-charities-expect-fraud-to-rise-in-2023/

[iii] https://fundraising.co.uk/2022/10/17/1-in-8-charities-affected-by-cyber-crime-in-past-12-months/

Data, Data & Analytics, News

Cohesity Named a 2023 Leader in the Omdia Universe: Protecting and Recovering Data in the Cloud Era

Cohesity today announced that it has been named a Leader in the Omdia Universe: Protecting and Recovering Data in the Cloud Era, 2022–23 report.

Omdia, a global technology research leader, positioned Cohesity as a leading solution provider for its latest Omdia Universe for Data Protection and Backup in the Cloud report. Cohesity is recognised for its modernised data protection approach and strong capabilities in core backup and recovery, and monitoring and reporting. Additionally, Cohesity earned the top capability score, above other market vendors, due to its high ratings in solution breadth, roadmap and strategy, and solution capability – underscoring Cohesity’s robust innovations for data security and management, and value to customers.

Other highlights in Omdia’s report include:

  • Strong Security and Ransomware Capabilities:Cohesity ranked at the top in the subcategory score in the security & ransomware category, largely in its capabilities to “protect the data from attack, detect an attack early, and recover rapidly from an attack” with automated management approaches. Cohesity grants customers the ability to safely recover their data through control over its storage repository and immutable backup architecture.

  • Cohesity DataProtect: Omdia acknowledged Cohesity’s unified and highly automated data protection solution offering easy recovery by eliminating the complexity found in traditional or legacy solutions. This is thanks to DataProtect’s data store mapping capabilities and more controlled appliance approach that is “paramount to providing near-instant recoverings, individual file restores and automating the process of recovery.”
  • Cohesity Helios: Cohesity’s all-in-one management and reporting solution earned high reviews from Omdia with its holistic view of monitoring and recovery of data. Helios offers robust end-to-end monitoring and granular-level analysis to ensure operational efficiency and agility.
  • Quality Customer Experience: Cohesity received the highest recommendation score from its customers, proving Cohesity’s strength in delivering on customer experience beyond its technology.

“Our customers continue to face an evolving and complex cybersecurity threat landscape, and the protection and recovery of their data remains our top priority,” said Lynn Lucas, CMO, Cohesity. “Omdia’s recognition further validates our commitment to providing innovative and reliable solutions to this growing challenge for our customers.”

News, Supply Chain

Navigating Supplier Collaboration: Short, Medium & Long-Term Wins

Written by Sarah Clarke, Head of Marketing, Vizibl 

CDP’s disclosure scores, announced in December 2022, showed a large uptick in the number of responding companies on the previous year (41%) and strong performances from many familiar names. However, despite the obvious progress made on encouraging corporates to measure and manage their environmental impacts, more than 29,500 businesses with market capitalisations of US$24.5 trillion received failing grades from CDP last year, for either declining to respond to disclosure requests from their clients and investors, or for responding with insufficient details.

With sustainability efforts now seen as a priority for stakeholders, it is imperative that all large businesses successfully deliver on sustainability targets. The good news is that procurement teams can take a leading role in ensuring this happens.

Procurement has historically been viewed as a back-office function, tasked with quality, cost reduction, and receiving all goods and services on time, but it’s moving into an expanded role – and as a result of new challenges, supplier sustainability through collaboration and innovation is emerging as a priority.

Yet, most enterprise organisations don’t know where or how to begin, with many businesses struggling to achieve collaboration systematically and at scale. However, the development of short, medium, and long-term goals can certainly help:

 

Short term: 

Set an objective based on your strategic needs and align it with value trackers

Initially, it is vital that you define what you want to achieve by collaborating with suppliers and setting a strategic goal before you begin. This means you have a benchmark of achievement as you begin your collaboration.

Once launched, it’s important to align your collaboration project with value trackers. Procurement is typically measured on cost and time savings, finding it notoriously difficult to measure things other than transactional metrics on the value it brings back to the business. As procurement gains importance and new responsibilities, the value it adds to the business must be tracked in correspondingly new ways.

Having set a general objective for your collaborative projects and supplier collaboration programme, it is vital that you narrow down and focus on your strategic needs. Once defined, align the KPIs you set against the performance of your strategic suppliers so that you can have a metric for success as you progress through your supplier collaboration programme.

 

Identify innovation opportunities

Innovation is key to unlocking value and change at scale within any organisation and there are few better places to source innovation than the supply base. Through supplier innovation, your collaboration can lead to growth, new value streams, emissions reductions, and a faster track to customer of choice status.

Suppliers come armed with their own talent pool, a wealth and breadth of knowledge across competitor organisations, insights from other verticals, and an intimate understanding of local markets in an increasingly global landscape.

It is important to ensure that your business keeps an open mind to new ideas, new approaches, and new strategies for your procurement process, alongside communicating the value that supplier innovation can bring to your organisation.

 

Define success

For supplier collaboration projects to develop, it is vital to define what success will look like at the outset and to ensure that your objectives aren’t too wide-ranging and difficult to measure. Daunting and complex deadlines can often lead to disappointment as you try new things and learn what is effective.

To begin with, it is best practice to define smaller successes. Set leading metrics that you would like to accomplish throughout your supplier collaboration programme, and regularly check up on them. These definitions can be from the number of strategic suppliers you are collaborating with, all the way to tracking metrics on savings, sustainability, or customer of choice status.

 

Medium term:

Segment your supply base

Enterprise organisations tend to have thousands of suppliers, each of varying importance and strategic need, making it a daunting task to collaborate with each one.

Start by defining a small number of your most strategic suppliers and begin your collaborative & innovative projects with them. As you learn and further define success within your collaborative processes, you can begin to identify different tiers of suppliers based on their importance to your business and begin to scale your projects more broadly.

 

Standardise your processes

By standardising your processes, it will be easier to define what success looks like for your supplier collaboration journey. Collaboration with suppliers must begin with a collaborative mindset, so begin by working closely and transparently with your internal team, at all levels.

Clear, documented processes are the most straightforward way to track success and establish routines in the medium term of your supplier collaboration strategy.

 

Long term:

Define your motivational attitude

Motivation is a key aspect that should be a long-term consideration when establishing, starting, executing, and eventually scaling your supplier collaboration programme. It is an aspect of collaboration that should always be considered, even for the most mature collaboration programmes.

Although it seems like a simple mental step, it is a vitally important and complex element of supplier collaboration. Motivation and attitude must be monitored both with suppliers and internally to make sure that everyone is in the best mindset possible to deliver mutual value. Frequent check-ups with your team and suppliers at all levels are important to understand if any frustrations or doubts are being experienced. A positive, understanding approach is crucial to getting the most out of your supplier relationships.

 

Communicate and be transparent

Communication is another aspect of supplier collaboration that needs to be continuously monitored and adjusted. The best communicative practice for executing, and scaling in the long term, is to speak clearly, openly, and positively along your journey. This is a vital component of achieving customer of choice status with your strategic suppliers, who will respond better to buyers who have communicated with them clearly and regularly throughout the relationship.

To ensure long term success for your collaborative projects, it is also crucial to be open with your suppliers and to not withhold key information. Traditionally, procurement held an oppositional relationship with suppliers, withholding key business information lest it put the perpetual cost savings in jeopardy.

In the current business climate, this is no longer an option. Transparency and communication are the fastest ways to become customer of choice. Be honest, open, and communicative with your suppliers to define success for both sides of the relationship, so that you can work towards your goals together.

Supplier collaboration takes time and isn’t easy. It is a complex approach to managing your suppliers, but mature enterprise organisations have already seen vast benefits in profit, resilience, and sustainability. Navigating different stages of a supplier collaboration journey will require nuanced approaches, but if carefully monitored and nurtured, this will ensure that your programme drives value back to your business.

Cloud Migration, Digital Transformation, News, Tech Thought Leadership

Optimising Hybrid Cloud Application Delivery

Written by Adrian Taylor, VP EMEA at A10 Networks

For digital businesses, success depends on application performance. Organisations must deliver the best possible experiences for employees and customers while driving innovation and ensuring security. To do this, enterprises are increasingly migrating application delivery to hybrid/multi-cloud environments to achieve increased agility and resiliency.

But are businesses achieving these benefits? A10 Networks and Gatepoint Research surveyed senior technology decision-makers around the globe, revealing key insights into their experiences delivering applications in the cloud and their priorities around application delivery controllers (ADC).

Today, the industry is at a crucial inflection point in evolving digital infrastructure. To ensure the success of their move to hybrid and multi-cloud environments and deliver the best service for customers, organisations must overcome the limitations of their current ADCs. Reducing the complexity of IT operations will be essential, especially as new technologies and evolving systems expand the skills required of IT staff.

Ultimately, the ADC will either enable digital success or impede it—depending on the choices IT leaders make now.

 

Cloud complexities

Businesses are now hosting their applications in a variety of environments, both public and private, and yet 74% of respondents continue to host applications in an on-premises data centre.

The combination of environments reported by respondents show the prevalence of a hybrid approach in which an on-premises data centre is leveraged in tandem with one or more types of clouds and vendors.

While this hybrid/multi-cloud approach offers great flexibility to choose the ideal environment for each application, it also increases the complexity of application delivery. Organisations need to manage application delivery and consistent policies across heterogeneous environments, including requirements such as performance optimisation, load balancing, and troubleshooting.

 

Application Migration initiatives show moderate success

Given the strategic importance of cloud migration, you’d expect that companies would be diligent in the planning and investment needed to achieve optimal results—but our findings tell a different story: only 26% of respondents said they had been highly successful in these efforts.

These unimpressive results show a clear need for better planning. Not all applications are suitable for all clouds, or for the cloud in general. IT organisations need to make the right choices about the right environment and provider for each application, and clearly think through the migration process. The more thought companies put into their cloud initiative, the more they’ll get out of it.

 

The role of an ADC is expanding

ADC functions are growing beyond the baseline uses, such as global server load balancing (GSLB), TLS/SSL Offload, and application acceleration and optimisation.

As cloud-native, microservice architectures transform the way applications are developed and delivered, 15% of respondents reported that they are using their ADC to control access to containerised applications. With security a perennial and rising concern, 12% of organisations are using their ADC for authentication and CAPTCHA access controls, a common feature in public commercial environments that is now making its way into enterprise planning. Given that digital business runs on DevOps, 10% of respondents are also using their ADC to support continuous integration/continuous delivery (CI/CD).

 

ADC satisfaction shows room for improvement

As a critical element of digital business infrastructure, companies have a right to expect exceptional results from their ADC. Unfortunately, most fall short.

Only a third (34%) of IT leaders are highly satisfied with their solution, likely due to the limitations of older solutions in meeting the newer challenges like observability, analytics, and feedback to DevOps.

ADC requirements have changed over the years as companies adopt new technologies to support their business and employees. Meeting today’s standards for an exceptional digital experience calls for a fully modern infrastructure.

 

ROI is king

As organisations evaluate their next ADC solution, one consideration stands above all others: return on investment (46%). Over time, ROI depends on the lifetime value of a solution, so it is important to avoid getting locked into a deployment model that no longer fits an organisational needs. Interestingly, 9% of respondents cited flexible and portable licensing as a crucial consideration, a relatively new concept.

While moving to hybrid/multi-cloud environments can help companies achieve the application performance, business agility, and IT resiliency demanded by today’s digital businesses and markets, many are struggling to realise these benefits. Outdated application delivery infrastructure can make it difficult to address security threats, ensure availability, and deliver the best possible experience for customers and employees.

IT leaders are increasingly recognising the potential of the latest application delivery capabilities to solve problems more quickly, empower staff for greater effectiveness, and put data to work to improve performance, security, and uptime throughout the infrastructure, moving digital businesses into the future.

Cybersecurity, News, Tech Thought Leadership

Why Security Leaders and AppSec and Development Teams Need to Collaborate More to Ensure Robust API Security

Written by Filip Verloy, Field CTO for EMEA, Noname Security

API Security Incidents Set to Increase

As we look towards 2023 and the growing cyber threat landscape, what do CISOs, and other senior security professionals need to think about when it comes to securing their APIs and preparing their environment for the year ahead? APIs are at the heart of digital transformation initiatives and, as such, organisations depend upon them to evolve their digital strategies, innovate, and grow. Effectively, APIs enable applications, containers, and microservices to exchange data and information quickly so consumers experience more convenience on their digital devices and when using online services. However, they are also an increasingly common attack vector for cybercriminals because they’re a pathway for hackers to access vast amounts of sensitive data.

According to IBM’s 2022 Cost of a Data Breach Report, the average costs increased to USD 4.35 million in 2022, climbing 12.7% from USD 3.86 million in the 2020 report. Additionally, a stunning 83% of organisations surveyed reported having suffered more than one data breach. This means there will be even more need for comprehensive threat intelligence, monitoring, and alert detection solutions in place, including more robust API security solutions.

In September 2022, to understand how CISOs and senior cybersecurity professionals are approaching the challenge of securing their APIs in this intense and complex threat environment, we commissioned research. We surveyed 600 senior cybersecurity professionals in the UK and USA. Within this cohort there was a mix of CISOs, CIOs, CTOs, senior security professionals and AppSec professionals from a range of industry verticals including: Retail & eCommerce, Financial Services, Government & Public Sector, Manufacturing and Energy & Utilities.

A Disconnect Around What is Happening in the Real World

What we found was a clear disconnect between what is happening in the real world and organisational attitudes towards API security. There was a level of misplaced confidence around API security which was disproportionately high in comparison to the number and severity of API-related breaches. This points to the need for further education by Security, AppSec, and Development teams around the realities of API security. Overall, the research exposed a disconnect between the high level of incidents, the low levels of visibility, effective monitoring and testing of the API environment, and a level of over-confidence that their tools and providers were preventing attacks.

The responses also highlighted notable variations in how different roles view their security operations and API security. Delving into the responses from the different job functions surveyed, we found that CISOs were most likely to say they have experienced an API incident (81%) and AppSecs were least likely, with 53%.

The above was reaffirmed by the Google Cloud 2022 API Security research report which described there being “a gap between the existence of security incidents and confidence that the tools are doing the job”.

Disparities Across Different Job Functions

Again, there were also disparities across the different job functions and what respondents considered to be the top API attack approaches, indicating that attacks are coming from all sides with no one approach dominating. CIOs (19%) and Senior Security Professionals (21%) cited Network Firewall, CISOs said Dormant/Zombie APIs (23%), CTOs felt that DDoS was the top attack type (21%), while AppSec teams said Authorisation Vulnerabilities (24%).

In terms of visibility into their API inventories, CIOs appeared to have the best visibility around which APIs returned sensitive data, while surprisingly AppSec teams had the lowest insights, with 44% saying they only had a partial understanding of their inventory or those APIs which returned sensitive data. This could be attributed to education, with AppSecs more aware and likely to admit than other roles that there are gaps in API security.

AppSecs More Exposed to Daily Realities

Interestingly, 58% of CIOs said it was easy to scale solutions, while well over a quarter (29%) of AppSecs admitted this was difficult. Again, AppSecs are more exposed to the daily realities than senior personnel and are likely to be more aware of how challenging it is to scale solutions.

When we asked about how their API security platform provider helped to maintain regulatory compliance, CTOs rated their provider highest (96%) and likewise a relatively high proportion (58%) said their provider helps them to achieve compliance with GDPR. Overall, AppSec teams reported the lowest levels of support in maintaining compliance out of all five roles, with 93%.

Surprisingly, CIOs were undertaking more testing in real-time (14%) compared to other roles and AppSec teams were testing the least (7%). CISOs also scored highest in testing once per day (33%) while 45% of CTOs admitted to testing less frequently than once per day but up to once per week. As well as their lack of real-time testing, AppSec teams also scored highest in testing less than once a week and up to once a month, with a quarter stating this.

And finally, CISOs were most likely to say they had confidence in their SAST and DAST tools with 70% replying in the affirmative, while AppSecs were least likely (62%). Senior Security Professionals were least confident in the API security provided by their partner, with 40% saying they were not confident, and likewise they were most likely to lack confidence that their partners were meeting their SLAs (33%).

Collaboration Across Teams will be an Imperative

It was interesting to see how the various role types view API security and clearly there is a need for more collaboration between the different groups. In 2023, we will see API security become much more of a focus area for many of the big enterprise organisations. This is a result of increasing Sustainability goals with API re-use reducing infrastructure costs but it is also because the lack of control, security, and governance around APIs aren’t just exposing companies to serious risks, but also to massive amounts of operational inefficiency caused by APIs being developed and deployed independently across multiple teams. And, as security shifts left, developers become more responsible for ensuring the code they write is secure. This means there is also a need for more collaboration between security and DevOps teams.

As development and security teams embrace a more agile and collaborative way of working, they will seek out API security solutions and services that enable their businesses to grow and scale quickly. Additionally, as budgets come under more scrutiny in 2023, ensuring operational efficiency will be paramount and this is where senior technology leaders, security and development teams need to ensure they are much more coordinated.

 

Cybersecurity, News

Hoptroff calls for recognition of the potential vulnerabilities of GNSS with launch of Roundtable Event

Hoptroff, the global timing solutions provider offering resilient, traceable and precise time to enterprise businesses, today announces its thought – leadership industry roundtable event. The event will explore the impact of escalating GNSS (Global Navigation Satellite System) vulnerabilities to business continuity and how organisations can best protect business-critical operations.

The GNSS has become ubiquitous in modern society and plays an essential role in numerous industries including transportation, broadcast media and global financial services. However, GNSS and GPS are vulnerable to various types of interference and cyber-attacks that can have a detrimental impact on the trust, resilience, and accuracy of GNSS based systems.

“Businesses and financial institutions need to accept and start planning how they are going to mitigate the risks associated with GNSS,” said Tim Richards, CEO at Hoptroff. “This livestream roundtable will allow business and financial institutional decision-makers to better understand the impact and disruption GNSS vulnerabilities can have on their bottom line and why they need to act now.”

The livestream roundtable will be moderated by the Deputy Assistant Secretary for Research and Technology, US Department of Transportation, Dr Robert Hampshire.  The roundtable is an opportunity for those in the financial and business sector to learn more about the status of GPS, the growing potential risks from increased jamming, spoofing and cyber-attacks, what disruption looks like and the new technologies that are available providing complementary PNT technologies to help mitigate risk.

 

“GNSS vulnerabilities create serious consequences for critical infrastructure,” said Richard Hoptroff, Founder and Chief Time Officer at Hoptroff. “To effectively mitigate these threats, complementary PNT solutions need to be deployed”.

 

The livestream roundtable will be held on Tuesday 21st of March 2023 at 07:00 PDT, (10:00 EDT & 14:00 GMT). Speakers at the roundtable event include:

  • Dr Robert Hampshire – Deputy Assistant Secretary for Research and Technology, US Department of Transportation
  • Diana Furchtgott – Roth – Heritage Foundation and George Washington University
  • Judah Levine – Fellow, National Institute of Standards and Technology (NIST)
  • Karen Van Dyke – Director for PNT, US Department of Transportation
  • Steve Suarez – Global Head of Innovation, Financial Services
  • Kathryn Condello – Sr Director, National Security/ Emergency Preparedness, Lumen Technologies
  • Richard Hoptroff – Founder and Chief Time Officer, Hoptroff

 

Areas of discussion at the roundtable include:

  • The rising GNSS vulnerabilities and the potential consequences of GNSS disruption such as service outages, errors, or inaccuracies
  • Example use cases where GNSS vulnerabilities can have a significant impact on your business continuity
  • How to enable new resilient complementary technologies for your disaster recovery plans
  • How to start utilising these technologies today in your real-life applications such as precision timing for global financial services
  • Practical advice for businesses on reducing GNSS risk in financial transactions, fraud detection, compliance and data integrity

 

To attend the ‘GNSS the time is up’ livestream roundtable, sign up here. https://www.hoptroff.com/business-continuity-planning-gnss-vulnerabilities

International News, News, Technology

Colt expands partnership with Equinix in three key regions

New software-driven connectivity simplifies user experience and helps business grow and scale in Spain, Italy and Sweden 

Colt Technology Services, the digital infrastructure company, today announced new software-driven connectivity in three countries, expanding its longstanding collaboration with Equinix, Inc (Nasdaq: EQIX). Businesses now have access to Colt’s On Demand infrastructure interconnecting with Equinix Fabric™ in Spain, Italy and Sweden, as well as in the UK, Germany, France, the Netherlands, Singapore and Hong Kong. The extended collaboration between Colt and Equinix deepens their long running commitment to a global partner ecosystem and meets growing demand across key regions.

The Colt On Demand network interconnnects seamlessly and dynamically with Equinix Fabric across Europe and Asia, giving flexible last mile access to Equinix International Business Exchange™ (IBX®) data centres and in particular to Equinix Digital Services; offering businesses choice, diversity and visibility of their infrastructure to help them succeed in today’s global digital world. With Colt On Demand Interconnect, organisations can:

  • Connect in near real-time to their own premises through the Colt On-Demand footprint of 31,000 on-net buildings interconnected through 11 regions to Platform Equinix®, offering end-to-end connectivity to Equinix data centres and Digital Services
  • Quickly upscale their infrastructure to meet customer requirements
  • Respond faster to rapidly changing market conditions
  • Deliver complex digital transformation programmes, knowing they have a flexible, resilient consumption-based infrastructure as a foundation
  • Accelerate and optimise their shift to the cloud, eliminating the need for on-premise hardware and supporting ESG initiatives
  • Remove the need to manage multiple partners and connectivity contracts across multiple geographies, instead benefiting from access to secure, resilient end-to-end infrastructure and best-in-class after-sales support as part of a single global partner ecosystem

Colt is seeing a significant increase in the number of On Demand customers who self-provision their network services, with a high double digit revenue growth in 2022, and this trend is expected to continue into 2023 and beyond.

Mark Hollman, Vice President for Partner Development and Success at Colt said, “The network is the catalyst for transformation, for businesses looking to flex, digitalise and stay relevant, but managing this infrastructure can be incredibly complex – especially across multiple countries. Businesses are already facing headwinds in 2023, and the last thing they need is to be held back by lengthy contracts and inflexible services.” He continued, “In this latest evolution of our longstanding partnership with Equinix, we’ve invested in joint API development to deliver a simplified, automated and improved customer experience across Colt On Demand and Equinix Fabric platforms. We’re really excited to offer this in Spain, Italy and Sweden as well as the existing regions in Europe and Asia, driving extraordinary connections for our customers.”

Mark Anderson, Vice President, Global Technical Sales at Equinix said “Combining Colt’s global network with Equinix’s global digital footprint provides enterprises with complete dynamic digital solutions, addressing end-to-end requirements from architecting a global network backbone, to optimising the last-mile experience of users every day. Further expanding and automating this can only be a good thing, and a great opportunity for customers to take their connectivity to critical business partners to the next level.”

Colt is one of the few Network Service Providers on Equinix Fabric able to offer flexible On Demand connectivity and digital services at global scale plus last-mile connectivity to tens of thousands of on-net addresses via API or portal-based self-provisioning. Find out more about the Colt and Equinix partnership here: https://www.colt.net/why-colt/partners/equinix/

Business Advice, Marketing, PR and SEO, News

Can signage colours attract customers?

Most of us have a favourite colour or two, and whilst it might influence what t-shirt you wear or the colour of your living room, you wouldn’t expect it to have much influence over the decisions you make. However, there is evidence to show that we have subconscious reactions to certain colours, and this can play a part in drawing us towards a business.

This is an important factor that you should keep in mind when it comes to designing the signage for your business. As one of the biggest and most important advertisements you can have, you should be aware of what the colours of your signage say about you and which ones can be used to your advantage.

To explain further, signage specialists Judson Signs, share the hidden psychology behind the colours of signage and why it matters for your brand.

Red

We all know that we can associate the colour red with emotions such as love or anger, so it stands to reason that it will impact on what we think about when we see a sign in this colour. Red is usually associated with urgency and grabbing attention, and so it is likely to make a customer feel like they need to take a particular action such as coming inside or taking you up on a special offer. When you look around, you will notice that most sales are advertised using a red background or red lettering for this very reason.

Red is something that is used across a number of different industries, but it is most commonly seen in entertainment, food, sport, and children’s products as it is one of the three primary colours.

Blue

Blue is a colour that is often associated with trust, and so is used in an environment where you might be trying to tell a story or making your customer feel relaxed. It can be very calming and is good for a gentle suggestion rather than a firm point. Darker hues of blue bring about thoughts of loyalty and security which makes them a winner with both security and health businesses, whilst light blue shades tend to express freedom and joy and can most commonly be seen in signage adopted by communication and children’s projects.

Green

Thanks to its frequency within nature, green is also a very relaxed colour and so it is typically used in anything relating to the environment or the natural world. That means it is great for anything that might be eco-friendly, or even natural food, health supplements or fabrics. It is worth remembering that green is also the colour of money and can create thoughts of wealth and so is often used in signage to promote financial products or simply for things that might make you feel a little richer.

Lighter greens are considered the more natural, kind, and dependable shades that are used in environmental and educational signage whilst the darker shades are preferred by those working in property or banking.

Orange

As a lively colour, orange can often be used as a motivator. It is also used as part of a call to action and so is great for limited time offers and promotions as it encourages customers to act immediately. As orange can also represent creativity and adventure, you might see it most commonly used around art, entertainment, and adventure.

Yellow

The colour of happiness, yellow is a great colour for drawing people in. It can be combined with red for promotional messages or used in conjunction with some of the calmer colours for a more relaxed and positive vibe. When we think of yellow, we very often picture the sunshine, and many positive connotations, which is why it is used so frequently by the travel and leisure industries.

Pink

As a very feminine colour, pink is still a good way to target a particular demographic. It can demonstrate that this is a business that might appeal to young females and is generally associated with something fun or caring. Pink is seen as a very youthful colour and so it can often be associated with beauty or fashion.

Purple

Purple is most commonly used around royalty, so it can create images of grandeur, riches, and sophistication. It is a great colour to help give your business an air of prestige. However, if you choose a violet shade, then you will find that people start to think about spirituality and compassion making it perfect for anything creative or humanitarian, rather than the luxury of deeper hues of purple.

Gold

Gold might also be associated with wealth and prestige, but it is also linked to power. When matched with purple or gold, it can symbolise wealth and pedigree.

Grey

Grey was once thought of as a very weak colour, but it has crept back into fashion thanks to the fact that it can evoke feelings of quietness and composure. It can be used in conjunction with other relaxing colours, and it remains a mature and timeless option for many brands.

Brown

Brown is also directly linked with nature, but is also seen as a very stable, reliable, common-sense colour, making it great for anything in the world of agriculture as well as food, and even construction, transportation, or the law.

Black

Black is a very powerful colour, and it gives a strong sense of control and authority. Given the strength of feeling that it can convey, it is rarely used alone, and is incorporated into signage of other colours to give a hint of this without being overwhelming.

When you look around, you will see that many of the biggest brands in the world have stuck with their chosen colour scheme for a very long time, and this is not an accident. The colours that they have chosen to do a lot to project who they are as well as who they want to attract, and this is something that we are all now aware of. Giving your own colour choices some careful thought can help you to pitch your business in a particular way and ensure that your signage is not just seen but recognised as well.