Information Week

Deepfakes are a clear and present danger to businesses. According to Markets and Markets, the deepfake market will balloon from $564 million in 2024 to $5.1 billion by 2030, which represents a 44.5% compound annual growth rate.   Deepfakes represent several types of threats including corporate sabotage, enhanced social engineering attacks, identity spoofing, and more. More commonly, bad actors use deepfakes to increase the effectiveness of social engineering.  “It’s no secret that deep fakes are a significant concern for businesses and individuals. With the advancement of AI-generated fakes, organizations must spot basic manipulations and stay ahead of techniques that convincingly mimic facial movements and voice patterns,” says Chris Borkenhagen, chief digital officer and chief information security officer at identity verification and fraud prevention solutions provider AuthenticID, in an email interview. “Detecting deep fakes requires advanced machine learning models, behavioral analysis, and forensic tools to identify subtle inconsistencies in images, videos, and audio. Mismatches in lighting, shadows, and eye movements can often expose even the most convincing deep fakes.”  Organizations should leverage visual and text fraud algorithms that utilize deep learning to detect anomalies in the data underpinning deepfakes. This approach should go beyond surface-level detection to analyze content structure for signs of manipulation.  Related:What CIOs Can Learn from an Attempted Deepfake Call “The responsibility for detecting and mitigating deep fake threats should be shared across the organization, with CISOs leading the way. They must equip their teams with the right tools and training to recognize deep fake threats,” Borkenhagen says. “However, CEO and board-level involvement is important, as deep fakes pose risks that extend beyond fraud. They can damage a brand’s reputation and compromise sensitive communications. Organizations must incorporate deep fake detection into their broader fraud prevention strategies and stay informed about the latest advancements in AI technologies and detection tools.”  Chris Borkenhagen, AuthenticID As deep fakes become more sophisticated, organizations must be prepared with both advanced detection tools and comprehensive response strategies.   “AI-powered solutions like Reality Defender and Sensity AI play a key role in detecting manipulated content by identifying subtle inconsistencies in visuals and audio,” says Ryan Waite, adjunct professor at Brigham Young University-Hawaii and VP of public affairs at digital advocacy firm Think Big. “Tools like FakeCatcher go further, analyzing physiological markers such as blood flow in the face to identify deep fakes. Amber Authenticate adds another layer of security by verifying the authenticity of media files through cryptographic techniques.”  Related:California’s New Deepfake Laws Await Test of Enforcement Deep fake detection should be a priority, with CISOs, data science teams, and legal departments working together to manage these technologies. In addition to detection, companies must implement a deep fake response strategy, he says. This involves:  Having clear protocols for identifying, managing, and mitigating deep fakes. Training employees to recognize manipulated content. Making sure the C-suite understands the risks of impersonation, fraud and reputational damage, and plan accordingly. Staying informed on evolving AI and deep fake legislation is critical. As regulatory frameworks develop, companies must be proactive in ensuring compliance and safeguarding their reputation.   “Combining cutting-edge tools, a robust response strategy, and legislative awareness is the best defense against this growing threat,” says Waite.  How Deepfakes Facilitate Social Engineering  Deepfakes are being used in elaborate scams against businesses by threat actors leveraging synthetic videos, audio, and images to enhance their social engineering attacks, like Business Email Compromise (BEC) and phishing techniques. The use of AI has also made it incredibly easy to produce a deepfake and spread it far and wide. Moreover, there is a wealth of readily available tools on the dark web.  Related:How to Protect Your Enterprise from Deepfake Damage “We have seen evidence of deepfake videos being used in virtual meetings and audio in voicemail or live conversations, deceiving targets into revealing sensitive information or clicking malicious links,” says Azeem Aleem, managing director client leadership, EMEA and managing director of Northern Europe. Financial services firms are especially worried about the use of AI or generative-AI fraud, with Deloitte Insights showing a 700% rise in deepfake incidents in fintech in 2023.”  Other examples of deepfake techniques include “vishing” (voice phishing), Zoom bombing and biometric attacks.  “Hackers are now combining email and vishing with deepfake voice technology, enabling them to clone voices from just three seconds of recorded speech and conduct highly targeted social engineering fraud,” says Aleem. “This evolution makes it possible for attackers to impersonate C-level executives using their cloned voices, significantly enhancing their ability to breach corporate networks.”  Zoom bombing occurs when uninvited guests disrupt online meetings or when attackers impersonate trusted individuals to infiltrate meetings. There are also biometric attacks.  “Businesses frequently use biometric authentication systems, such as facial or voice recognition, for employee verification,” says Aleem. “However, deepfake technology has advanced to the point where it can deceive these systems to bypass customer verification processes, including commands like blinking or looking in specific directions.”  According to accounts payable automation solution provider, Medius, 53% of businesses in the US and UK have been targets of a financial scam powered by deepfake technology, with 43% falling victim to such attacks.   “Beyond BEC, attackers use deepfakes to create convincing fake social media profiles and impersonate individuals in real-time conversations, making it easier to manipulate victims into compromising their security,” says Aleem. “It’s not necessarily targeted, but it does prey on natural vulnerabilities like human-error and fear. As AI applications develop, deepfakes can be produced to also request profile changes with agents and train voice bots to mimic IVRs. These deepfake voice techniques allow attackers to navigate IVR systems and steal basic account details, increasing the risk to organizations and their customers.”  The business risk is potential fraud, extortion, and market manipulation.  “Deepfakes are disrupting various industries in profound ways. Call centers at banks and financial institutions are grappling with deepfake voice cloning attacks aimed at unauthorized account access and fraudulent transactions,” says Aleem. “In the insurance sector, deepfakes are exploited to submit false evidence for fraudulent claims, causing significant financial losses. Media companies suffer reputational damage

“2024 Cyber Resilience Strategy Report: CISOs Battle Attacks, Disasters, AI. . . and Dust“ An InformationWeek Report | Sponsored by Palo Alto Networks There is little to no consensus when it comes to cyber resilience, not on how to do it and not on how to define it. Errors/misconfigurations and equipment degradation caused as many significant disruptions as cyberattacks and third-party cyber incidents, and natural disasters are the top cause of significant issues. InformationWeek embarked on this research to try to decode current cyber resilience trends. Our survey allowed us to gain insights into what today’s cybersecurity professionals think about cyber resilience today. Here are some key findings: Companies are defining “cyber resilience” in a wide variety of ways. Half (48%) of respondents include “maintaining trust with stakeholders” as part of their definition. Despite the need to redistribute IT budget funds to cover unexpected new technology costs like GenAI, about one-quarter (24%) devote 25% or more of their IT budget to cybersecurity. One-quarter of respondents (24%) said they do not have a cyber incident response plan at all. Errors/misconfigurations (18%) and equipment degradation (15%) caused as many significant disruptions as cyberattacks (15%) and third-party cyber incidents (15%). Download this InformationWeek report today to learn more about risk and response initiatives, cyber liability insurance, the effects of GenAI and much more. Offered Free by: Palo Alto Networks See All Resources from: Palo Alto Networks Thank you This download should complete shortly. If the resource doesn’t automatically download, please, click here. Thank you This download should complete shortly. If the resource doesn’t automatically download, please, click here. source

In many different areas, talent is an important yet often elusive goal. Just ask anyone whose piano keyboard skills have never moved beyond pecking out the first few measures of “Heart and Soul.” When it comes to generative AI, large language models (LLMs), trained on massive quantities of data, supply the capabilities needed to drive multiple use cases and applications, as well as handle an almost endless array of tasks. To get the most out of generative AI, think of it as a tool rather than a replacement, suggests Daniel Wu, an AI research fellow at Stanford University in an email interview. He notes that LLMs can already do great work. “They’re being used in coding assistance and customer service, but they work best with clear prompting.” Every organization produces large amounts of text as part of its normal business operations, observes Manfred Kügel, data scientist and IoT industry advisor for AI and analytics provider SAS, via email. Before LLMs, organizations needed to perform complex text analytics in order to get value out of unstructured text data, such as maintenance records or shift logs in a production environment. “LLMs can be used to structure text data and prepare it as inputs for machine learning models used for production optimization and predictive maintenance.” Related:How Generative AI Is Changing the Nature of Cyber Insurance Pushing it to the Max To gain maximum value from generative AI, users need to clearly define their problems and objectives, says Kevin Ameche, president of ERP software provider RealSteel, in an email interview. “Identify-specific use cases, such as content generation, data analysis, or automation,” he advises. “Then, ensure you can access high-quality data for training the AI model.” Ameche recommends collaborating with internal or external AI experts to fine-tune and customize their model to align with specific needs. “Continuously evaluate and refine the model’s performance and stay updated with the latest advancements in generative AI technology to maximize its potential for your organization.” To maximize generative AI’s value, users should first understand its inherent capabilities and shortcomings, Kügel says. “We are still in the early days of realizing the full potential of generative AI,” he states. Kügel believes that everyone involved in core business processes should interact with models in the same way they interact with their colleagues. “This will drive quick adoption and encourage organizations to provide the necessary and user-friendly generative AI tools to overcome any structural or cultural hurdles.” Related:Can Generative AI and Data Quality Coexist? Achieving Effectiveness Generative AI’s effectiveness lies in its ability to automate creative processes, generate content, and provide data-driven insights at scale, Ameche explains. “It can handle repetitive tasks, freeing-up human resources for more strategic work.” Meanwhile, the technology’s adaptability and capacity to learn from data make it a valuable tool in various industries. An AI agent can’t read minds. “If you ask a poorly defined question, you’ll get one of any number of valid responses,” Wu says. “But by giving AI a stronger sense of what you’re searching for, either through clear prompts, data, or even model fine-tuning, you’ll get more useful responses.” To empower team members, organizations should invest in generative AI training and development programs, Ameche says. “Start by identifying the specific skills and knowledge needed for working with AI,” he recommends. “Consider partnering with AI vendors or educational institutions for tailored training.” Ameche believes that it’s also important to encourage employees to experiment with AI tools in real-world projects to gain hands-on experience. “Create an environment of continuous learning and provide access to resources, such as online courses, webinars, and AI communities,” he suggests. “Collaboration and knowledge sharing within the team can also accelerate the learning process, helping team members harness the maximum value from generative AI.” Related:10 IT Trends to Watch for This Year Common Mistakes Wu notes there’s a common saying in AI research: junk in, junk out. “Users may inadvertently harm their projects by providing biased datasets or creating poor prompts,” he explains. “Model outputs should always be taken with a hint of salt,” Wu recommends. Both over- and underestimating generative AI’s potential is a serious concern, Kügel says. “So is seeing AI as a threat when an AI model produced insights that we didn’t see ourselves.” As with any breakthrough technology, Kügel sees skepticism among many IT leaders. He highlights that it’s important to clearly show that generative AI augments and supports, rather than replaces, human experts. He recommends taking a balanced approach to AI adoption by deploying guardrails and plausibility checks. “The model should report on its own when it drifts too far from reality,” Kügel says. Final Thought Generative AI holds immense potential for enterprises across many domains, Ameche says. “However, successful implementation requires careful planning, ongoing training, and vigilance to avoid pitfalls.” He believes that organizations should view generative AI as a tool to augment human capabilities, not as a replacement. “When used strategically and responsibly, generative AI can transform efficiency, creativity, and decision-making, driving innovation and competitive advantage.” source

From Innovation to Infiltration: Safeguarding Against the Hidden Dangers in Your Software Ecosystem source

Author and speaker Malcolm Gladwell probably wasn’t an obvious choice to give a guest keynote for an audience of IT leaders gathered this week at Gartner’s IT Symposium/Xpo in Orlando, Florida. His books and talks mostly focus on looking at social issues from different perspectives. But a packed ballroom of CIOs and other IT leaders learned that a conventional approach to problem solving could lead to catastrophe — especially when dealing with “radically asymmetrical” problems that don’t adhere to a normal curve of distribution. Gladwell cited several events that defied conventional wisdom, where the culprit was an exception. From a faulty assumption by health officials during the COVID-19 pandemic, to a particularly gifted North Korean cybercriminal, to LA’s explosion of bank robberies in the 1990s — homing in on outliers may have produced better outcomes and solutions, Gladwell contends. While a normal distribution would be the default way of viewing a problem, where the offenders fit into a category along with many others, radically asymmetrical problems defy a normal distribution, placing the culprits on the extreme. Normal distribution “is our default for making sense of the world,” Gladwell said. “When we look at data, it’s going to organize itself in that kind of shape. We have an expectation about the story that data tells us, and the expectation is that the story is going to be about the middle … My question is, what happens when we have a problem where that story doesn’t work?” Related:2024 InformationWeek US IT Salary Report: Profits, Layoffs, and the Continued Rise of AI The COVID-19 Superspreader Conundrum At the onset of COVID-19, one of the earliest reported largescale outbreaks happened after a Biogen event in Boston, Mass. Many attendees were infected and then traveled to various destinations around the country. According to a report in Science, as many as 300,000 people wound up being infected because of that one event. Gladwell said researchers believe the source was a single person — a superspreader — someone who was genetically inclined to release a much higher level of aerosols. “This was the Taylor Swift of aerosols,” Gladwell said. In this case, the source of the problem was an example of a radically asymmetrical one. Had authorities been able to focus their efforts on so-called superspreaders, instead of focusing on social distancing measures for the general public, the outcome may have been different, Gladwell says. Leaders could have responded differently if they thought in terms of radically asymmetrical possibilities. What Leaders Can Learn? Related:Curtail Cloud Spend With These Strategies Gladwell offered up other scenarios that illustrated his point about radical asymmetry, including a slew of bank robberies in 1990s Los Angeles, the ongoing opioid crisis, and one that hit very close to home for attendees: the case of Park Jin Hyok, a North Korean hacker at the center of several massive cyberattacks, including the massive 2014 hack of Sony Pictures. “If you talk to people who are in the … high-end cybersecurity business, they will say, ‘Look, a lot of the time, all I’m doing is worried about Park Jin. I’m not worried about those hundreds of everyday hackers in Romania or Bulgaria. No, this one guy who had little crew somewhere in North Korea, and he’s the one who keeps me up tonight.’ That is a radical and radically asymmetrical distribution.” The number of doctors who overprescribed opioids in the 1990s was a relatively small subset of doctors. But those exceptional cases launched an epidemic of drug addiction still lingering today, Gladwell says. The slew of bank robberies in Los Angeles — many of those were carried out by one gang. All these problems may have been better addressed if there was more focus on radical asymmetric problems. “So, I would simply say to all of you as you go back home after this conference is over and you participate in society … When a problem comes up and people come up with solutions, just raise your hand and say, ‘Before we go any further, what’s the shape of the curve?’” Related:Forrester Speaker Sneak Peek: Analyst Jayesh Chaurasia to Talk AI Data Readiness source

“Process Orchestration: Harnessing the Transformative Power of Automation by Everest Group, endorsed by UiPath“ Organizations looking to scale their automation programs, executives responsible for digital transformation and automation initiatives, and operational leaders responsible for optimizing business operations will benefit from this report by Everest Group, endorsed by UiPath. In the digital age, enterprises constantly seek innovative ways to streamline operations, improve efficiency, and deliver exceptional customer experiences. This has led to increased adoption of Intelligent Automation (IA) technologies, such as process intelligence, Intelligent Document Processing (IDP), and conversational AI, over the past few years. Enterprises have successfully deployed automations for low-hanging fruits and simpler, high-volume repetitive tasks. However, they face challenges when scaling these initiatives to more complex, long-running processes. This report examines Enterprise business priorities and barriers to scaling automation Why IA is incomplete without process orchestration Process orchestration solutions Process orchestration use cases across key industries Key challenges and best practices when adopting process orchestration for scaling automation Offered Free by: UiPath See All Resources from: UiPath source

Augmented reality (AR), the real-time integration of digital information into a user’s environment, has many applications in industry, entertainment, transportation, and beyond. Yet AR’s most important application could be providing enhanced healthcare.  AR’s power lies in its ability to provide additional context through images, videos, or 3D models overlaid on the physical world, says Julie Stegman, vice president and general manager in the health learning practice at information services firm Wolters Kluwer. “These tools can be invaluable in healthcare in both education and practice as users interact with anatomical structures, models, or even medical devices,” she explains in an online interview.  AR has the potential to revolutionize the healthcare sector by enhancing the precision of medical procedures, improving training and education for healthcare professionals, and providing patients with more interactive and personalized care experiences, says Shash Anand, a senior vice president at enterprise mobility management technology provider SOTI, in an email interview.  Multiple Applications  “It’s an exciting time for the integration of technology and medicine,” observes David Reitzel, leader of the healthcare consulting group at business advisory firm Crowe. Among many other uses, AR can provide surgeons with enhanced visualization of a patient’s anatomy. “By overlaying 3D images of organs, blood vessels, and other critical structures onto the patient’s body, surgeons can perform procedures with greater accuracy, both in pre-surgery evaluation and potentially during actual procedures,” he explains via email.  Related:2024 InformationWeek US IT Salary Report: Profits, Layoffs, and the Continued Rise of AI AR can also assist in diagnostics by overlaying imaging data, such as MRI or CT scans, directly onto a patient. “This can help doctors identify issues more quickly and accurately,” Reitzel says. The technology can also help patients better understand their medical condition and treatment plans. “For instance, a doctor can use AR to show a patient a 3D model of their heart and explain how a particular treatment will work.”  AR can be used in physical therapy and rehabilitation to create engaging and interactive exercises, Reitzel says. “This can motivate patients and help them adhere to their therapy regimens more effectively.”  Interactive Training  Many observers believe that AR’s most immediate benefit will be in training both current and future healthcare professionals. “AR enables students to interact with virtual content in a real-world setting, providing contextualized learning experiences,” Stegman says. Meanwhile, full virtual reality (VR), will offer a completely immersive training environment in which students can practice clinical skills without the risks associated with real patient care.  Related:Curtail Cloud Spend With These Strategies Stegman predicts that over the long term, AR and related technologies will let nursing schools “help students develop clinical judgement, be ready for the demands of a clinical environment, and ensure improved workplace satisfaction for nurses early in their careers to mitigate the ongoing nursing shortage.”  Early Adopters  As AR begins entering the healthcare mainstream, deep-pocketed large hospitals and specialized medical centers will most likely be the leading adopters, says SOTI’s Anand. He reports that his firm’s latest healthcare report found that 89% of US healthcare industry respondents agree that artificial intelligence simplifies tasks. “This gives a hint that healthcare organizations are already on the path to integrating advanced technologies,” Anand notes. “AR is the next logical step, especially when combined with AI to further enhance patient care through real-time data visualization and decision-making.”  Future Outlook  Predicting an exact timeline for the widespread availability of various AR healthcare technologies is challenging, Crowes’ Reitzel states. “It depends on various factors, including technological advancements, regulatory approvals, cost reductions, and adoption rates.”  Related:Forrester Speaker Sneak Peek: Analyst Jayesh Chaurasia to Talk AI Data Readiness AR technology is rapidly evolving, and improvements in hardware (such as AR glasses and headsets), software, and integration with other medical technologies, are rapidly making AR more practical and effective. “As these technologies mature, they will become more accessible and affordable,” Reitzel predicts.  Global governments will also play a key role in AR’s medical market rollout. “The regulatory landscape for medical devices and technologies is complex,” Reitzel says. “AR applications in healthcare need to undergo rigorous testing and receive approval from regulatory bodies, such as the US’s Food and Drug Administration (FDA).” This process can take up to several years, but ongoing advancements and successful pilot programs can expedite approval.  As with any new technology, initial adoption costs will be high. Yet prices are likely to decrease over time as the technology becomes more widespread and production scales up. “Economies of scale, increased competition, and technological advancements will likely drive down costs, making AR more accessible to a broader range of healthcare providers,” Reitzel says.  Besides cost, a significant challenge will be integrating AR into existing healthcare systems and ensuring that the data used by AR applications is secure and complies with regulations such as HIPAA. SOTI’s report found that potential adopters’ biggest concerns are data security (30%), as well as anxiety about the possibility of compromised patient records (98%). “This shows that there could be roadblocks to AR adoption,” Anand says.  Money Matters  “Emerging technologies are always challenged by funding,” Stegman says, noting that obtaining sufficient operational resources, combined with research on ROI and solutions efficacy, is critical before moving forward with AR. source

“How AI-powered Phones are Changing the Modern Workplace“ Learn how completmenting your phone system with an all-in-one collaboration platform with AI capabilities can future-proof your business The way people work together is constantly evolving. Coordinating across different teams and time zones has always been a challenge, and today, remote, hybrid, and in-office workers are trying to sync together in new ways. While these flexible working styles offer benefits, they also create gaps. The good news is that we now have more tools than ever to bridge these gaps. However, figuring out which tools genuinely enhance productivity and which ones fall short is a challenge. It becomes even more difficult when the tools you rely on don’t work well together. In this ebook, we’ll help you: Assess your current phone system and evaluate how it fits into your overall toolkit. Understand how your individual apps and platforms work together in today’s communication landscape. Learn how complementing your phone system with an all-in-one collaboration platform with AI capabilities can future-proof your business and help your teams forge stronger connections. Offered Free by: Zoom See All Resources from: Zoom Thank you This download should complete shortly. If the resource doesn’t automatically download, please, click here. Thank you This download should complete shortly. If the resource doesn’t automatically download, please, click here. Thank you This download should complete shortly. If the resource doesn’t automatically download, please, click here. source

InformationWeek is part of the Informa Tech Division of Informa PLC This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726. source

“Cabinet-Integrated Liquid Cooling Supports Rising Power Density and Maximum Sustainability for High-Performance Computing Data Center Environments“ Revolutionizing Data Center Efficiency with Integrated Liquid Cooling Solutions The white paper titled “Cabinet Integrated Liquid Cooling” by Chatsworth Products addresses the increasing demand for efficient cooling solutions in data centers. It explores the advantages of integrating liquid cooling directly into server cabinets to enhance thermal management. The paper highlights how this approach improves cooling efficiency, reduces energy consumption, and supports higher-density computing environments. It also covers the design considerations, implementation strategies, and real-world benefits of adopting cabinet-integrated liquid cooling. By leveraging this technology, data centers can achieve superior performance, cost savings, and sustainability, meeting the challenges of modern high-performance computing demands. Download this whitepaper to learn more. Offered Free by: Chatsworth Products, Inc. See All Resources from: Chatsworth Products, Inc. Thank you This download should complete shortly. If the resource doesn’t automatically download, please, click here. Thank you This download should complete shortly. If the resource doesn’t automatically download, please, click here. Thank you This download should complete shortly. If the resource doesn’t automatically download, please, click here. source