As the market becomes increasingly competitive and technology evolves rapidly, telecommunications industry leaders must find ways to achieve more with less — managing operating expenses (OPEX) without sacrificing critical capabilities. This balancing act is especially difficult in a capital-intensive industry like telecom, where infrastructure investments and IT systems are crucial for ongoing operations. In this post, we’ll examine the key drivers behind OPEX pressures in telecom and how to navigate them with greater confidence. The telecom OPEX dilemma: Managing costs without sacrificing capabilities A keychallenge for telecom executives is managing the ratio between revenue and IT/technology OPEX. While OPEX can be controlled in areas like marketing with reductions in planned spending, lowering IT and technology costs is more complicated. These expenditures are tied to core business systems and services that power the business, such as network management, billing, data storage, customer relationship management, and security systems. Success in this area has always required structured review, negotiations and tough decisions to manage resources, systems, and vendors. Establishing a system roadmap is a critical component of OPEX efficiency. Determining what systems to retire, maintain, or invest in lays the foundation for cost reductions and more effective investments. An effective roadmap involves not only evaluating current system architecture, skills availability and cost of ownership, but also considering future business needs. By assessing the total cost of ownership (TCO) and the return on investment (ROI) for each system, organizations can make informed decisions about where to allocate resources. This process also highlights areas where automation or integration can improve operational efficiency, reducing manual effort and enhancing agility. To create a successful system roadmap, involve key stakeholders from IT, operations, finance, and leadership to ensure you consider all needs. Driving consensus requires aligning the roadmap with the company’s broader business objectives, prioritizing systems for efficiency, and using data-driven decision-making. Regular reviews and feedback loops will help adjust the plan as business needs evolve. Balancing Innovation and OPEX efficiency Whether it’s new product offerings, expanded 5G networks, or building out new infrastructure, telecoms are competing heavily to differentiate themselves against established and emerging players in the market. Telecoms must find ways to fund innovation without letting OPEX spiral out of control. Technologies like automation, AI, and cloud-based services require significant upfront CAPEX investment but can drive long-term OPEX efficiency. For example, AI-driven network optimization tools may have high initial costs but improve network management, leading to long-term savings. Most will require additional funding in areas of talent management as well as infrastructure to leverage these technologies effectively — a hit against the OPEX numbers. This is where a long-term strategy that prioritizes sustainable value over short-term savings comes in handy — but only if you can help sell the vision to the board, show a clear path to achieving the goals agreed upon with IT and Finance executives, and get support from across the business to take part in the successful execution of the plans. OPEX efficiency and innovation do not happen in a vacuum, so the closer IT leaders work with their finance counterparts, the stronger the outcome. Are software vendors crunching your OPEX? Telecoms often rely on software vendors for systems like ERP, network management, and CRM for operations. These are not strategic tools, but rather, mission-critical, taking up a significant portion of the IT budget. Adding to the cost are continuous upgrades and the push to the cloud, both of which may show little to no ROI for the business but come with the threat of losing support or being locked out of new innovations. To take greater ownership of one’s IT roadmap, reduce unnecessary spending, and maximize the value of existing systems, telecom leaders should explore third-party support options that can better align with their objectives and provide better, more expert support and services. Third-party support can extend the useful life of your system while avoiding the CAPEX costs and risks of upgrades. When your existing enterprise system is stable, robust and tailored to your needs, replacing it with new technology can introduce unnecessary risk. Instead, leverage your proven system as a foundation for business innovation through third-party support, while significantly reducing support costs and saving OPEX. More importantly, shifting funds from the treadmill of upgrades to real innovation helps to close the gap between tomorrow’s possibility and today’s capability, driving meaningful change for the business.  Building a sustainable approach to OPEX management In a competitive industry where technological evolution is constant, staying ahead requires not just cutting costs but investing wisely for the future. In part two, we’ll explore strategies for managing these OPEX challenges effectively and examine what it means to embrace a flexible, composable IT strategy. Discover how Rimini Street is helping telecom clients accelerate digital transformation, regain control of their IT roadmap and significantly reduce maintenance costs, while freeing funds to invest in strategic initiatives. Learn how you too can drive digital transformation without disruption while maximizing the full potential of your investments. source

Businesses of all types and sizes are launching AI projects, fearing that failing to embrace the powerful new technology will place them at a competitive disadvantage. Yet in their haste to jump on the AI bandwagon, many enterprises fail to consider one critical point: Will the project meet its expected efficiency or profitability goal?  Enterprises should consider several criteria to assess the ROI of individual AI projects, including alignment with strategic business goals, potential cost savings, revenue generation, and improvements in operational efficiencies, says Munir Hafez, senior vice president and CIO with credit monitoring firm TransUnion, in an email interview.  Besides relying on the standard criteria used for typical software projects — such as scalability, technology sustainability, and talent — AI projects must also account for the costs associated with maintaining accuracy and handling model drift over time, says Narendra Narukulla, vice president, Quant analytics, at JPMorganChase.  In an online interview, Narukulla points to the example of a retailer deploying a forecasting model designed to predict sales for a specific clothing brand. “After three months, the retailer notices that sales haven’t increased and has launched a new sub-brand targeting Gen Z customers instead of millennials,” he says. To improve the AI model’s performance, an extra variable could be added to account for the new generation of customers purchasing at the store.  Related:Is a Small Language Model Better Than an LLM for You? Effective Approaches  Assessing an AI project’s ROI should start by ensuring that the initiative aligns with core business objectives. “Whether the goal is operational efficiency, enhanced customer engagement, or new revenue streams, the project must clearly tie into the organization’s strategic priorities,” says Beena Ammanath, head of technology trust and ethics at business advisory firm Deloitte, in an online interview.  David Lindenbaum, head of Accenture Federal Services’ GenAI center of excellence, recommends starting with a business assessment to identify and understand the AI project’s end-user as well as the initiative’s desired effect. “This will help refocus from a pure technical implementation into business impact,” he says via email. Lindenbaum also advises continued AI project evaluation, focusing on a custom test case that will allow developers to accurately measure success and quantitively understand how well the system is operating at any given time.  Ammanath believes that a comprehensive cost-benefit analysis is also essential, balancing tangible outcomes such as increased productivity with intangible ones, like improved customer satisfaction or brand perception. “Scalability and sustainability should be central considerations to ensure that AI initiatives deliver long-term value and can grow with organizational needs,” she says. “Additionally, a robust risk management framework is vital to address challenges related to data quality, privacy, and ethical concerns, ensuring that projects are both resilient and adaptable.”  Related:The Cost of AI: How Can We Adopt and Deliver AI Efficiently? Metrics Matter  Potential project ROI can be measured with metrics, including projected cost savings, expected revenue increases, hours of productivity saved, and anticipated improvements in key performance indicators (KPIs) such as customer satisfaction scores, Hafez says. Additionally, metrics such as time-to-market for new products or services, as well as any expected reduction in bugs or vulnerabilities revealed by a tool such as Amazon Q Developer, can provide insights into an AI project’s potential benefits.  Leaders need to look past the technology to determine how investing in generative AI aligns with their overall strategy, Ammanath says. She notes that the metrics required to measure AI project ROI vary, depending on the implementation stage. For example, to measure the potential ROI, organizations should evaluate projected efficiency gains, estimated revenue growth, and strategic benefits, like improved customer loyalty or reduced downtime. “These forward-looking metrics offer insights into the initiative’s promise and help leaders determine if they align with the business goals.” Additionally, for current ROI, leaders should consider using metrics that look at realized outcomes, such as actual cost savings, revenue increases tied directly to AI initiatives, and improvements in key performance indicators like customer satisfaction or throughput.  Related:Possibilities with AI: Lessons From the Paris AI Summit Pulling the Plug  If an AI project consistently fails to meet expectations, terminate it in a calculated manner, Hafez recommends. “Document the lessons learned and the reasons for failure, reallocate resources to more promising initiatives, and leverage the knowledge gained to improve future projects.”  Once a decision has been made to end a project, yet prior to officially announcing the venture’s termination, Narukulla advises identifying alternative projects or roles for the now-idled AI team talent. “In light of the ongoing shortage of skilled professionals, ensuring a smooth transition for the team to new initiatives should be a priority,” he says.  Narukulla adds that capturing key learnings from the terminated project should be a priority. “A thorough post-mortem analysis should be conducted to assess which strategies were successful, which aspects fell short, and what improvements can be made for future endeavors.”  Narukulla believes that thoroughly documenting post-mortem insights can be invaluable for future reference. “By the time a similar issue arises, new models and additional data sources may offer innovative solutions,” he explains. At that point, the project may be revived in a new and useful form.  Parting Thoughts  Establishing a strong governance framework for all ongoing AI projects is essential, Hafez says. “Further, a strong partnership with legal, compliance, and privacy teams can enhance success, particularly in regulated industries.” He also suggests collaborating with external partners. “Leveraging their expertise can provide valuable insights and accelerate the AI journey.”  When implemented and scaled properly, AI is far more than a technological tool; it’s a strategic enabler of innovation and competitive advantage, Ammanath says. However, long-term success requires more than sophisticated algorithms — it demands cultural transformation, emphasizing human collaboration, agility, and ethical foresight, she warns. “Organizations that thrive with AI establish clear governance frameworks, align business and technical teams, and prioritize long-term value creation over short-term gains.”  As AI continues to advance and evolve, IT leaders have an unprecedented opportunity to align investments with enterprise-wide goals, Ammanath says. “By approaching AI as a

AI is no longer a luxury but a necessity. And while necessity is the mother of invention, Australian CIOs may struggle to get everyone in the boardroom, well, on board. Australian organisations are not moving as quickly as their counterparts in preparing for and fully adopting AI for business transformation. Research from IBM indicates that only 15% of global businesses have established themselves as leaders in AI implementation, while the majority remain in early experimental phases. One way to address this challenge is with clarity and direction. The top barriers hindering enterprises globally from adopting AI are a lack of a clear AI strategy and investment, highlights the IBM AI in Action report. What is value stream mapping? Value stream mapping is a powerful technique making a big difference in this space. Derived from Lean manufacturing principles, this technique essentially creates a visual representation of all the components necessary to deliver a product or service, considering the people, processes, information, and inventory involved from start to finish. “Value stream mapping lays bare the delays and inefficiencies in a given workflow,” explains John Hanna, Neudesic Australia. “This allows executives, leaders, and teams to work together to find gaps, understand pain points, and build a better AI strategy.” For utilities in particular, it helps teams identify high-impact opportunities. For example, mapping the time taken for tasks such as rate case submissions can pinpoint where AI can streamline processes. By evaluating metrics like lead time (time to start an action) and cycle time (time spent on productive work), utilities can identify repetitive tasks that can be automated. “Regularly reviewing the mapped process allows stakeholders to identify outdated approvals or unnecessary steps that slow progress. Knowledge like this is crucial to help utilities face today’s uncertain economic climate,” Hanna remarks. Such insights also reveal complexities and bottlenecks that may not be apparent when teams only view their part of the process. “By collaborating across departments, organisations can gain valuable insights into how each step impacts the entire workflow so that they can make meaningful, impactful improvements,” Hanna adds. Implementing AI with confidence Mapping like this represents the first step towards building a culture of continuous improvement and adaptability, ensuring that utility companies can rapidly respond to evolving regulations and changing market demands. Working with a trusted industry leader is a surefire way to do this confidently. Global professional services leader Neudesic, an IBM Company, is a proven expert in value stream mapping. Neudesic leverages extensive industry expertise and advanced skills in Microsoft Azure, AI, data engineering, and analytics to help businesses meet the growing demands of AI. The company’s approach, which comprises four pillars, helps organisations to transform legacy systems into AI-ready environments: People: Its diverse array of internal experts spanning industries, skillsets, and Microsoft Azure and OpenAI solutions help clients address a wide spectrum of business challenges for any type of organisation Approach: It achieves results not only by implementing Microsoft and OpenAI solutions, but also by addressing today’s challenges, identifying tomorrow’s opportunities, and designing the best path forward Technology: It focuses on innovation to develop solutions that meet clients’ needs while accelerating time to value Expertise: With 20 years of expertise in Microsoft’s stack, it offers clients expert knowledge to tackle critical IT challenges and unlock new opportunities Armed with insights through mapping, CIOs can start with small, quick successes and therefore gain stakeholder support early on. For instance, using AI to automate document preparation can cut processing time from hours to minutes. One utility that Neudesic worked with recently saved nearly $1 million by streamlining less than 40 documents. Hanna goes on to share three tips for CIOs to develop an effective AI strategy. First, set clear objectives and success metrics. Agree on clear, measurable goals for AI projects that match business priorities and ensure everyone understands the desired results. Understanding customer behaviour is key to shaping these goals as it helps businesses adapt to changes, connect better with customers, and increase revenue. Next, encourage cross-functional collaboration. Involve teams from various departments, such as IT, operations, and finance, from the outset. This ensures the AI models are selected and refined to meet project requirements effectively. Finally, apply the “Goldilocks” principle when evaluating AI projects. Choose use cases that balance complexity, feasibility, and value. Consider factors like data type, problem scope, resource availability, and interpretability. Value stream mapping isn’t just a tool. It’s the flashlight guiding you through a labyrinth of inefficiencies and untapped potential. With clarity and direction, Australian organisations can leap forward from aspiration to action. With the right strategy and partners like Neudesic, you can ensure your AI journey doesn’t just keep pace but sets the standard. Learn more about how Neudesic can help Australian organisations go forward in AI, confidently. source

By Tom Zanki ( February 18, 2025, 5:25 PM EST) — The owner of President Donald Trump’s social media platform attributed its widening losses in part to rising legal costs from the Biden-era U.S. Securities and Exchange Commission’s investigations of the merger that took the company public, according to a statement…. Law360 is on it, so you are, too. A Law360 subscription puts you at the center of fast-moving legal issues, trends and developments so you can act with speed and confidence. Over 200 articles are published daily across more than 60 topics, industries, practice areas and jurisdictions. A Law360 subscription includes features such as Daily newsletters Expert analysis Mobile app Advanced search Judge information Real-time alerts 450K+ searchable archived articles And more! Experience Law360 today with a free 7-day trial. source

Threat actors are increasingly targeting trusted business platforms such as Dropbox, SharePoint, and QuickBooks in their phishing email campaigns and leveraging legitimate domains to bypass security measures, a new report released today has found. By embedding sender addresses or payload links within legitimate domains, attackers evade traditional detection methods and deceive unsuspecting users. According to Darktrace’s Annual Threat Report 2024, the authors detected more than 30.4 million phishing emails, reinforcing phishing as the preferred attack technique. Legitimate enterprise services hijacked for most phishing campaigns in 2024 Darktrace noted cybercriminals are exploiting third-party enterprise services, including Zoom Docs, HelloSign, Adobe, and Microsoft SharePoint. In 2024, 96% of phishing emails utilised existing domains rather than registering new ones, making them hard to detect. Attackers were observed using redirects via legitimate services, such as Google, to deliver malicious payloads. In the case of the Dropbox attack, the email contained a link leading to a Dropbox-hosted PDF with an embedded malicious URL. SEE: How business email compromise attacks emulate legitimate web services to lure clicks Alternatively, threat actors abused hijacked email accounts, including those from Amazon Simple Email Service, belonging to business partners, vendors, and other trusted third-parties. The report’s authors say this “highlight(s) that identity continues to be an expensive problem across the estate and a persistent source of pain across enterprise and business networks.” Phishing attacks surge with AI-generated tactics Among the phishing emails that Darktrace found: 2.7 million contained multistage malicious payloads. More than 940,000 contained malicious QR codes. The sophistication of phishing attempts continues to rise, with spear phishing — highly-targeted email attacks — making up 38% of cases. Meanwhile, 32% use novel social engineering techniques such as AI-generated text with linguistic complexity. This complexity might manifest as increased text volume, punctuation, or sentence length. Darktrace collated insights from its more than 10,000 global customers for its Annual Threat Report 2024, leveraging self-learning AI, anomaly-based detection, and thorough analysis from its threat research team. Must-read security coverage Living-off-the-land techniques: A growing security threat Another attack method involves initial network breaches via vulnerabilities in edge, perimeter or internet-facing devices, followed by living-off-the-land techniques or LOTL.This strategy exploits pre-installed, legitimate enterprise tools to execute malicious activities while avoiding detection. Darktrace found that 40% of identified campaign activity in early 2024 involved the exploitation of internet-facing devices, including from Ivanti Connect Secure, Ivanti Policy Secure, Palo Alto Network, and Fortinet. Attackers favor LOTL techniques because they eliminate the need for custom malware and reduce the risk of triggering traditional security alerts. On top of exploiting vulnerabilities in these edge devices, threat actors are increasingly using stolen credentials to log into remote network access solutions like VPNs for initial network access, before leveraging LOTL techniques. Ransomware groups exploit enterprise tools for stealth attacks Ransomware groups — including Akira, RansomHub, Black Basta, Fog, and Qilin, along with emerging actors Lynx — have increasingly been using legitimate enterprise software. Darktrace has observed these groups using: AnyDesk and Atera to mask command-and-control communications. Data exfiltration to cloud storage services. File-transfer technology for rapid exploitation and double extortion. SEE: Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds These groups are also frequently recruited for Ransomware-as-a-Service or Malware-as-a-Service, with the use of MaaS tools increasing by 17% from the first to the second half of 2024. Use of Remote Access Trojans, malware which allows an attacker to remotely control an infected device, also increased by 34% over the same period. source

Cathy O’Sullivan  00:05Hello. Welcome to CIO Leadership Live Australia. I’m Cathy O’Sullivan, editorial director for Foundry in Australia and New Zealand. And today, I’m delighted to be joined by one of our CIO50 alumni for Australia, Nicola Dorling, who is the Group Chief Information Officer for Downer. Welcome to the show, Nicola. Thanks for joining me today. Nicola Dorling  00:29Thanks, Cathy. I’m very much looking forward to this. Cathy O’Sullivan  00:32Excellent and listen, I hope 2025 is off to a good start for you. I know you’ve achieved a lot so in the last year or so but before we get into that, would really love to hear about your own start in technology, how you started your career, and what have been some of the highlights to date? Nicola Dorling  00:52Yeah so obviously, Cathy and I were talking about this just before we came online, and she said she always likes to hear about how people got into technology roles. I started my role in technology, first of all as a group CFO. So I was a CFO of a number of ASX listed organizations, and one of them being GrainCorp. And in that organization, we transformed the business. We created a fully integrated commodity management trading system integrated to SAP. So that was my first push into technology, utilizing technology to streamline the process, the data, the way that the people were working, and have it fully integrated into a full stack solution. And so that’s where I really got interested in technology. And then over the years, I focused on major technology transformation programs such as New South Wales Government equip program, Sydney trains, enterprise asset management program, and then multiple other digital transformation programs for engineering and operators and maintainers such as Downer. And while I was obviously driving my career as a CIO,  I went back to school to get some additional qualifications, and I also teach digital strategy and leading with digital technology at AGSM. Cathy O’Sullivan  02:20So interesting that you’ve had that that start as a CFO, because that role and the CIO-CFO role is also so such a fundamental relationship, so great that you have that view as well coming from that finance background. So look, you’re now at Downer, Nicola, so can you give us a bit of an overview of Downer as an organization and what you and your team are responsible for. Nicola Dorling  02:46Yeah, so Downer is a large organization. We have over 30,000 people at any one given time, and we design, build and sustain infrastructure assets and the facilities assets across Australia and New Zealand. So on any given day, we can be supporting the cleaning in a hospital, or we can be operating and maintaining the road networks that we have in Australia and New Zealand. So no one day’s the same, I think, is probably the first thing that I would say. So what do my team do? My team across the whole business support all of the run technology for all of the business units. We have heads of IT that report to me in each of the business units, and we also support the strategic programs of work. So anywhere where we think we can utilize innovation to make it more seamless for our customers to do business with them. We focus on on supporting the design and build an implementation of all of those as well. So it’s a really great team. We get to do everything from strategy, build, deployment and run and so we get to learn a lot about all the different businesses and what they need to be more efficient for their customers. Cathy O’Sullivan  03:59So speaking of strategy, then, how do you align that overall IT strategy for such a diverse organization with the overall business strategy of Downer? Nicola Dorling  04:11Yeah so as any company would do, we align to the Downer corporate strategy. So the Downer Digital strategy has got three overarching pillars and 12 strategic programs of work. And those 12 strategic programs of work align to the business unit strategies as well. So basically, everything that we do in the Downer Digital strategy is delivering for the businesses and ultimately delivering against the Downer overall strategy. So the 12 programs of work are really focusing on areas where we want to move the needle, and they’ll usually focus on areas such as innovation, such as digital twins for some of our customers, or it could be an AI solution that’s supporting safety on one of our road customers. And the 12 programs also support as how we uplift our middle office and so where we’re looking to get better at utilizing the data that we’ve got in our organization to make decisions. And then we’ve got a number of foundational programs of work that are looking at uplifting our infrastructure, making sure that we’ve got flexibility in our cloud solutions. Cathy O’Sullivan  05:22So you mentioned some of the big projects there. So tell us more about how that digital journey is tracking. What have been some of those big projects that you and the team have been driving. Nicola Dorling  05:34Yeah. So first of all, when we are kind of driving our digital journey, the most important thing for us is to be with our business. So we spend a lot of time working with our business on their customer journey. So how are they doing their work on a daily basis for their customers? So if you are working in our asset management business, what do you do from the minute that you wake up to the time when you’ve delivered to your customer and you go home? So we map out all those journeys, and we understand across those journeys, if they’ve got any pain points for our employees, but also our customers, we really try and understand what technologies they’re using today. Are they disconnected? Do they need an uplift. And then once we’ve got that really

By Julie Manganis ( February 20, 2025, 8:54 PM EST) — The city of Boston and 44 other cities, counties and elected officials around the country and, separately, the life sciences industry group Massachusetts Biotechnology Council asked a Massachusetts federal judge on Thursday to extend a temporary restraining order blocking steep cuts to National Institutes of Health reimbursement for research projects…. Law360 is on it, so you are, too. A Law360 subscription puts you at the center of fast-moving legal issues, trends and developments so you can act with speed and confidence. Over 200 articles are published daily across more than 60 topics, industries, practice areas and jurisdictions. A Law360 subscription includes features such as Daily newsletters Expert analysis Mobile app Advanced search Judge information Real-time alerts 450K+ searchable archived articles And more! Experience Law360 today with a free 7-day trial. source

Apple has removed thousands of apps from its European Union App Store for failing to comply with the Digital Services Act, which requires developers to provide a verified address, email, and phone number. This move is part of Apple’s broader efforts to adhere to new regulations aimed at increasing transparency and accountability in digital marketplaces. Developers who have not submitted the required information will see their apps delisted until they provide and verify their trader status. Why Apple is removing apps from the EU App Store The Digital Services Act, a landmark European legislation, mandates all traders distributing apps in the EU display their contact details — ensuring consumers can identify and reach businesses more easily. Apple introduced a “trader status” requirement for developers who disclose their contact details. This information is published on the App Store product page whenever an app is available in an EU member state. Since October 16, 2024, Apple has required trader status for developers submitting new apps or updates for the App Store in the EU. It also started warning that existing apps from developers without trader status will be removed from EU storefronts on Feb. 17, 2025. Apps will not be restored without verified trader status Now that the compliance deadline has passed, affected apps will not be reinstated on the EU App Store “until trader status is provided and verified by Apple.” Developers can submit their details and apply for trader status through App Store Connect. Organisations will already have provided their address by submitting their DUNS number, but individuals will need to submit theirs along with their number and email, whether they want it on the public record or not. Digital Services Act: What developers need to know The Digital Services Act has been in effect since 2022; however it only became fully enforceable for all regulated entities on Feb. 17,  2024. Prior to that, only “very large” online services — those with over 45 million monthly active users in the EU,  including the App Store — had to comply with most provisions. The specific requirement for developers to declare their trader status also became mandatory for all platforms, including the very large services, on the February 2024 deadline, but they were given a 12-month transition period. Must-read Apple coverage Who qualifies as a trader under the DSA? Articles 30 and 31 of the Act require online platforms to collect and verify trader contact details and ensure they are clearly accessible to consumers. Traders are defined as any person or entity offering goods or services in the EU, regardless of their location, for commercial purposes. An app developer may be considered a trader if they: Earn revenue from paid apps,in-app purchases, or advertising. Are registered for VAT in the EU. Develop their app professionally rather than as a hobby. Apple’s broader compliance efforts Beyond app removals, Apple has taken other actions over the past few months to ensure DSA compliance, including publishing its DSA Transparency Report, detailing content moderation and compliance measures. It also established a redress mechanism so developers can appeal content moderation decisions. Apple’s approach highlights how platforms are being forced to adapt to stricter rules on digital accountability and consumer protection. source