Disaster recovery technologies are designed to prevent or minimize the data loss and business disruption resulting from unexpected catastrophic events. This includes everything from hardware failures and local power outages to cyberattacks, natural disasters, civil emergencies, and criminal or military assaults.  As AI continues to transform and enhance a seemingly endless array of tasks and functions, it should come as no surprise that the technology has caught the attention of disaster recovery professionals.  Preparation and Response  Joseph Ours, AI strategy director at Centric Consulting, says AI can assist disaster recovery in two essential areas: preparation and response. “In many respects, speeding disaster recovery means planning and preparing,” he observes in an email interview. Ours notes that a growing number of government agencies and insurance companies are already routinely performing these tasks with AI assistance. “They use predictive and classification models to analyze historical data and environmental factors to determine potential risk.”  AI-enabled resiliency planning provides speed and precision that traditional methods lack, says Stephen DeAngelis, president of Enterra Solutions, an AI-enabled transformation and intelligent enterprise planning platform provider. “AI’s ability to process large volumes of data quickly allows it to detect anomalies and potential risks earlier,” he explains in an online interview. Unlike conventional disaster recovery plans, AI-powered solutions are adaptive, updating in real-time as conditions change. “This means companies can pivot their strategies almost immediately, reducing the time needed to return to normal operations and ensuring minimal disruption to the supply chain.”  Related:Nation-State Threats Persist with Information Breach of US Treasury Automatic Detection  In businesses, AI-enhanced disaster recovery automatically detects anomalies, such as ransomware-corrupted data, allowing technicians to skip over unusable files and focus on clean, viable backups, says Stefan Voss, a vice president at data protection and security firm N-able. “This eliminates the time-intensive, manual review process that’s standard in conventional recovery methods.”  AI can also improve boot detection accuracy, ensuring that machines will bounce back successfully after recovery, Voss says in an email interview. “Well-trained AI models can significantly reduce false positives or negatives, enhancing technician confidence in the reliability and efficiency of the restored systems,” he explains. “With AI-driven accuracy, organizations can recover systems faster, with fewer errors, and minimize downtime.”  Related:Bridging a Culture Gap: A CISO’s Role in the Zero-Trust Era AI solutions rely on access to high-quality data to generate accurate predictions. “When data is siloed or incomplete, models are likely to produce less reliable results,” DeAngelis warns. To ensure success, he advises businesses to establish robust data management practices before implementing AI solutions. “Today, we’re seeing innovators develop sophisticated techniques, such as advanced data modeling, to bridge critical data gaps and enhance AI accuracy.”  Getting Started  An important first step toward using AI in disaster recovery is conducting a comprehensive assessment of current supply chain vulnerabilities. “Identify critical points of failure and gather historical data on past disruptions,” DeAngelis suggests. Next, collaborate with an AI partner to build predictive models that simulate various disaster scenarios, such as geopolitical risks or extreme weather events. Focus on implementing AI tools that integrate seamlessly with existing systems, allowing for smooth data flows and real-time updates. “A phased approach is ideal, beginning with pilot projects and scaling up as the organization gains familiarity with the technology.”  Related:The Biggest Cybersecurity Issues Heading into 2025 Voss says the next step should be identifying any existing challenges in the disaster recovery process. “For example, if your main goal is increasing recovery testing accuracy, look for AI tools designed to improve boot detection and guarantee reliable system restoration,” he suggests. “On the other hand, if the goal is precisely detecting backup anomalies, focus on AI solutions that specialize in identifying compromised or corrupted data quickly and accurately.”   After clearly defining the issue at hand, seek out the AI solution that will meet your needs, Voss advises. “Always start with your pain points and let AI provide the answer, not the other way around.”  Challenges  AI disaster recovery can offer significant advantages, yet it also comes with several serious drawbacks. High development and integration costs can be a barrier, especially for small businesses, Voss says. “The skills shortage in AI expertise makes it difficult for organizations to develop or maintain AI-driven systems.”  Remember, too, that even with well-trained models, AI is far from infallible. False positives or negatives can occur, potentially complicating recovery efforts, Voss warns. “Additionally, an over-reliance on AI can reduce human oversight, making it imperative to strike a balance between automation and manual processes.”  Perhaps the biggest drawback is that some disasters arrive as unpredictable black swan-type events. “In this case, AI is neither a benefit nor contributor to the failure to respond because, by their very nature, humans would struggle to respond adequately as well,” Ours says.  A Competitive Edge  A proactive investment in AI not only mitigates risk but can turn challenges into competitive advantages, DeAngelis says. He notes that by being prepared to adapt quickly when disruptions occur, enterprises can maintain continuity and even capture market share from less-prepared competitors. “As we’ve seen from recent events, such as the US port strike, hurricane-related supply chain impacts, and the ongoing pressures of inflation, businesses that leverage AI to build resilience are better positioned to thrive in uncertain environments.” source

There are better and worse ways to approach private cloud, which some companies are learning the hard way. While it’s tempting to repatriate some things from public cloud to private cloud, it’s better to do it with applied cloud learning versus a traditional infrastructure mindset.  “I’m seeing people increasingly wanting to find additional efficiency on premises. If I was to pick a word for 2025, it would be, “optimization.” Everyone’s under a lot of pressure. They’re trying to bring in new compute capabilities to their data center, including GPUs to support AI and more storage to support the data activities related to AI and [analytics],” says Hillery Hunter, CTO and GM of innovation at IBM and an IBM Fellow. “[P]rivate cloud is often used as a vehicle to reset the efficiency of an environment.”  However, the on-premises environment may include many IT silos supporting different lines of business and equipment purchased for specific projects. When there’s not a consistent control plane, the aggregate utilization of all the systems is lower than it needs to be because only certain applications or workloads run on configured environments. The goal now is to optimize that for better efficiency.  “[A] private cloud environment that is virtualized and offers container support can be used as a migration destination, still on premises, but then you have more people sharing a more consistent set of resources,” says Hunter. “You’re having people develop to a common set of templates in terms of the kind of system configuration. And while it takes work to get to that kind of environment, it can have huge payoffs in terms of the security [because] the configurations are much more consistent, the compliance overheads are lower and the speed to get new capacity added to the environment.”  Related:The Network Metrics That Really Matter Following are some more private cloud trends in 2025.  1. Repatriating workloads  A lot of organizations are repatriating workloads to private cloud from public cloud, but Rick Clark, global head of cloud advisory at digital transformation solutions company UST warns they aren’t giving it much forethought, like they did earlier when migrating to public clouds. As a result, they’re not getting the ROI they hope for.  “We haven’t still figured out what is appropriate for workloads. I’m seeing companies wanting to move back the percentage of their workload to reduce cost without really understanding what the value is so they’re devaluing what they’re doing,” says Clark. “If they’d given more forethought into what they were taking to the cloud and what to be bringing back, they’d be in a better place. [T]hey don’t really understand what they’re moving back and they’re comparing apples and oranges.”  Related:Y2K and Infrastructure Resilience 25 Years Later A key factor is understanding the business value and being able to communicate that in business terms. All too often, organizations are randomly choosing what to put in private cloud as opposed to thinking critically about what workloads are where and why. In the worst cases, the organization has lost the operational skill to manage and operate things in their own data center, but they haven’t considered this issue.   2. Hybrid environments will become even more popular  Trevor Horwitz, CISO and founder at cybersecurity, consulting, and compliance services provider TrustNet believes private cloud strategies will evolve as companies seek more control over data security, regulatory compliance, and operational flexibility.   “I expect to see more organizations embracing hybrid and multi-cloud environments and integrating private clouds with public cloud resources to keep data flexible yet secure,” says Horwitz in an email interview “This shift is driven by the need for resilience and vendor flexibility, and zero-trust frameworks make this possible by securing data across multiple environments. As the regulatory landscape tightens with laws like GDPR and CCPA, private clouds will become essential for companies handling sensitive data to ensure compliance and control over data sovereignty.”  Related:Best Practices for Managing Hybrid Cloud Data Governance 3. Real-time monitoring and machine learning  Roy Benesh, chief technology officer and co-founder of eSIMple, an eSIM offering, believes private cloud will continue to be in high demand, especially in sectors like healthcare and finance that have stringent data protection regulations.  “I think businesses will depend more on real-time monitoring and machine learning to strengthen data protection as they use private clouds to satisfy security requirements,” says Benesh in an email interview. “In my experience, private clouds can have drawbacks, too, such as high upfront expenditures and the requirement for knowledgeable administration. This can be particularly difficult for smaller businesses to handle.”  4. AI and automation  Artificial intelligence and automation are also set to play a crucial role in private cloud management. They enable businesses to handle growing complexity by automating resource optimization, enhancing threat detection, and managing costs.   “The ongoing talent shortage in cybersecurity makes [AI and automation] especially valuable. By reducing manual workloads, AI allows companies to do more with fewer resources,” says Trevor Horwitz, CISO and founder at cybersecurity, consulting, and compliance services provider. “My advice is to prioritize adaptability. Be prepared to shift your strategy as business needs evolve, especially as technology advances. Mastering the private cloud is about building an agile, secure, and sustainable infrastructure, meeting today’s demands while preparing for what’s next.”  5. Multilayer cybersecurity  Security affects all aspects of a cloud journey, including the calculus of when and where to use private cloud environments. One significant challenge is making sure that all layers of the stack have detection and response capability.  “You have to protect each layer separately — network, cloud, host, server, and application.  They’re not “defense in depth. Each component — NDR, CDR, EDR, SDR, and ADR  — protects against a different set of threats,” says Jeff Williams, founder and CTO at runtime application security company Contrast Security. “The biggest code-to-cloud technology gap is the lack of application detection and response and application security monitoring (ASM) to create visibility and protection for their biggest asset — the application estate. In the last year, this area saw 100% growth in attack traffic,

I was recently speaking with a client who stated, “We’ve been doing RPA (robotic process automation) for years. What’s the difference with agentic AI? Should I really care, or is it all part of the GenAI hype?” Valid question. With the buzz around GenAI, it’s easy to see where this confusion and skepticism comes from. However, understanding the differences between RPA and agentic AI — and how they complement each other — can unlock major benefits through automation. A key tool for organizations striving for an edge, automation has become a cornerstone of operational efficiency and innovation. OK. So, what is the difference between RPA and agentic AI? RPA refers to software tools designed to automate repetitive, rule-based tasks by mimicking human interactions with digital systems. It operates through predefined workflows, handling structured data in tasks such as data entry, invoice processing, and report generation. It’s particularly effective in industries like finance, healthcare, and logistics, where efficiency in routine processes is paramount. Agentic AI, on the other hand, represents more capable autonomous decision-making, learning, and interaction. Unlike RPA, which executes static instructions, agentic AI adapts dynamically, processing unstructured data, analyzing context, and interacting conversationally with users —making it more suitable for complex problem-solving and decision-making scenarios. Since people like lists, let’s differentiate the five key ways RPA and agentic AI differ, and then I’ll wrap up by discussing how they complement each other. It’s not a binary choice (RPA or agentic AI); it’s more blended. Five key differences between RPA and agentic AI Scope of automation RPA: Focuses on automating highly repetitive, rule-based tasks that mimic human actions. Examples include copying data between systems, generating invoices, processing claims, or assigning permissions when employees are hired or leave an organization. It operates within well-defined boundaries and workflows. Agentic AI: Expands beyond task automation to include decision-making, planning, and dynamic interactions. It excels in environments requiring analysis of unstructured data, such as customer support or supply chain optimization. Agentic AI can interpret nuances, learn from interactions, and adapt its behavior over time. Flexibility and adaptability RPA: Operates on scripts and rules, making it rigid in adapting to new or unexpected scenarios. If an input or process deviates from predefined parameters, the system may fail or require manual intervention. Agentic AI: Exhibits flexibility by learning from data and interactions. It can analyze complex situations, infer context, and adjust workflows on the fly, making it resilient in dynamic environments. For instance, agentic AI could detect anomalies in a supply chain and recommend alternative routes without prior programming. Integration and orchestration RPA: Integrates with existing systems through APIs or user interfaces but often requires significant setup and maintenance. It performs specific tasks in isolation, with limited orchestration across diverse platforms. Agentic AI: Acts as a connective layer across legacy and modern systems, orchestrating processes autonomously. It ensures smooth data flow and efficient operations by making intelligent decisions about which systems to engage and how. For example, an agentic AI system managing customer support could simultaneously pull data from a CRM system, a product database, and an ERP system to resolve complex customer queries. Decision-making and context awareness RPA: Executes tasks based on fixed rules and predefined conditions. It lacks the ability to interpret broader contexts or make decisions beyond its programming. Agentic AI: Brings context awareness to automation. It analyzes intent, weighs multiple variables, and makes informed decisions, such as identifying fraud patterns in financial transactions or optimizing energy consumption in a smart grid. User interaction and autonomy RPA: Typically requires human oversight to initiate tasks and address exceptions. Its role is that of a digital assistant, working alongside human operators to enhance productivity. Agentic AI: Can operate autonomously or engage users through conversational interfaces like chatbots. It provides a more interactive experience, collaborating with humans or independently performing tasks like conducting customer surveys or troubleshooting IT issues. Complementary potential: Pairing RPA with agentic AI While these differences highlight distinct strengths, RPA and agentic AI are not mutually exclusive. Pairing them can unlock additional levels of efficiency and effectiveness for organizations. Here’s how: Enhanced workflow automation RPA can handle straightforward, rule-based tasks, while agentic AI addresses complex decision-making and dynamic interactions. For instance, in a customer service scenario, RPA might extract and populate data from a CRM system, while agentic AI analyzes customer sentiment and provides tailored recommendations during live interactions. Scalable error handling RPA systems often struggle with exceptions or unstructured inputs. By integrating agentic AI, organizations can build systems capable of interpreting and resolving exceptions autonomously, reducing the need for manual intervention. For example, an RPA bot processing invoices might hand off unusual cases to an AI system for context-based analysis and resolution. Dynamic adaptation in operations Agentic AI’s adaptability can complement RPA’s precision. In supply chain management, RPA might execute routine inventory checks, while agentic AI adjusts procurement plans based on market trends, weather conditions, or geopolitical developments. Enhanced customer experience Combining RPA and agentic AI can elevate customer interactions. RPA automates back-end processes, such as retrieving account details, while agentic AI engages customers through personalized, conversational interfaces that anticipate needs and provide proactive solutions. Intelligent orchestration across systems In IT operations, RPA can perform tasks like logging incidents, while agentic AI correlates data from multiple sources to identify root causes and recommend resolutions. Combined, they enable a seamless, end-to-end automation ecosystem. Conclusion: There is no “versus” for RPA and agentic AI RPA and agentic AI are technologies that address different aspects of automation. RPA excels at optimizing repetitive, rule-based tasks; agentic AI has the potential to deliver value in environments demanding flexibility, decision-making, and context awareness. One is not innately better than the other. They have different limitations and complementary advantages. By integrating RPA with agentic AI, organizations can build more robust, adaptive systems that combine the precision of rule-based automation with the intelligence and autonomy of AI. Learn more about IDC’s research for technology leaders OR subscribe today to receive industry-leading research directly to your inbox. International Data Corporation

By Al Barbarino ( January 10, 2025, 3:06 PM EST) — The European Commission said Friday it has conditionally approved Synopsys Inc.’s proposed $35 billion acquisition of Ansys Inc. after the companies agreed to certain divestitures, as the megadeal continues to make regulatory progress across jurisdictions…. Law360 is on it, so you are, too. A Law360 subscription puts you at the center of fast-moving legal issues, trends and developments so you can act with speed and confidence. Over 200 articles are published daily across more than 60 topics, industries, practice areas and jurisdictions. A Law360 subscription includes features such as Daily newsletters Expert analysis Mobile app Advanced search Judge information Real-time alerts 450K+ searchable archived articles And more! Experience Law360 today with a free 7-day trial. source

By Clara Geoghegan ( January 10, 2025, 5:54 PM EST) — A package of bid protections for the stalking horse of bankrupt electric-engine developer First Mode needs to be reined in, the Office of the U.S. Trustee has said, urging a Delaware bankruptcy judge to reject the debtor’s request that expenses and fees tied to the $15 million bid be paid as priority claims…. Law360 is on it, so you are, too. A Law360 subscription puts you at the center of fast-moving legal issues, trends and developments so you can act with speed and confidence. Over 200 articles are published daily across more than 60 topics, industries, practice areas and jurisdictions. A Law360 subscription includes features such as Daily newsletters Expert analysis Mobile app Advanced search Judge information Real-time alerts 450K+ searchable archived articles And more! Experience Law360 today with a free 7-day trial. source

President Biden signed a bipartisan law last April stating that TikTok must either divest from its Chinese-owned parent company, ByteDance, by January 19 of this year or face a ban in the US. TikTok has since put significant time and resources into appealing this law, leading us to today’s Supreme Court hearing. Earlier today, in a last-ditch effort, ByteDance presented arguments to the Supreme Court, asking it to block the ban or, at the very least, delay it until there’s time for further consideration. ByteDance argues that the law is unconstitutional and violates first amendment rights to free speech. On the contrary, US lawmakers argue that TikTok poses a national security threat for two main reasons. The Chinese government could: Gain access to American app user data. Use TikTok’s algorithms to manipulate Americans with content. The keyword here is “could,” as there’s no public evidence that this is happening. So … What’s Next? During today’s hearing, the justices seemed to be leaning toward upholding the law to require TikTok’s divestiture or face a ban on January 19. It’s unlikely that TikTok’s arguments over free speech will ease national security concerns, but that doesn’t mean that we’re at the end of the road. Once in office, President Trump could “trump” all of that by directing the Department of Justice not to enforce the law. In that case, users, creators, and advertisers go back to “business as usual,” at least for the foreseeable future. A Ban Bodes Well For Meta And Google, Not For Creators If the ban goes into effect (and it is enforced), Meta and Google have a lot to gain. We surveyed US TikTok users last April on this topic, and 56% indicated that they would use Reels more if TikTok gets banned, and 51% indicated that they’d turn to YouTube Shorts. Advertisers will follow suit. CMOs who we’ve spoken with confirmed that they will divert their media dollars to Meta and Google if they can no longer advertise on TikTok. This is the same behavior we saw in India when they banned TikTok in 2020. An enforced ban would be incredibly disruptive to the creator and influencer community. TikTok is the place where culture happens, where trends are made, where songs take off, where books go viral, and where people shop. There’s a community for anything you can imagine, and it’s where over a million creators have invested in making content and amassing a following that many creators have monetized. If access to TikTok simply disappears in a couple of weeks for these creators, they will have to pivot and rebuild their followings, equity, and content on other platforms — likely Instagram and YouTube. This is a lesson in channel diversification that many creators are learning the hard way. Forrester clients: Schedule a Forrester guidance session to talk about your TikTok and creator contingency plans. source

While the world has largely recovered from the chip shortage of 2020 to 2023, only 26% of organisations that rely on them currently feel that their supply is sufficient, according to a new report by the Capgemini Research Institute. The report revealed that the AI boom has executives worried about whether fabs can keep up. In fact, 59% of 800 global downstream industry leaders said supply issues are an ongoing concern when surveyed in November 2024. They expect semiconductor demand to have increased by 29% by the end of 2026. This rise in demand is almost double the growth rate anticipated by executives in the semiconductor industry, 250 of which were also surveyed by Capgemini. “Gen AI is driving accelerated demand for chips, and semiconductor companies face increasing demands from customers who want more personalised and software-centric experiences,” said Brett Bonthron, Capgemini’s global high-tech industry leader. The effects of the last global chip shortage are still being felt by downstream industries Since the inception of the current AI boom, chipmakers have thrived. Leading graphics processing unit seller NVIDIA announced record revenues of $30 billion (£24.7 billion) in the second quarter of 2024 and has a stock market value of over $3 trillion (£2.2 trillion). Switch manufacturer Broadcom and memory chip maker SK Hynix have seen similar success. SEE: Nearly 1 in 10 Businesses to Spend Over $25 Million on AI Initiatives in 2024, Searce Report Finds These record profits have been realised by only a handful of core companies that control large portions of the supply chain. NVIDIA, an American company, designs most GPUs used to train AI models. However, they are manufactured by Taiwan’s TSMC. TSMC and Samsung Electronics are the only companies that can make the most cutting-edge chips on a large scale at the moment. But it has not always been plain sailing within the industry. A global chip shortage was sparked in early 2020 due to the COVID-19 pandemic. Nearly half (47%) of downstream organisations surveyed by Capgemini had to curtail some product or feature launches as a result. By July 2023, manufacturers had accelerated production, and their customers had adjusted to a more predictable chip supply. Improvements in production capacity and demand for consumer electronics cooling off have since allowed industries to adapt and recover. However, the Capgemini report found that 49% of downstream organisations consider the impact of the chip shortage to be ongoing as of November 2024. Geopolitical tension is the biggest concern for chip-reliant businesses Only two out of five organisations that rely on semiconductors are confident in the resilience of their supply chains, Capgemini found. The main factor causing this concern is geopolitical tensions, cited by 69% of respondents. Military escalation between Taiwan and China could lead to serious disruption of TSMC’s output, creating a ripple effect on supply chains. In January, it was reported that Chinese cyber attacks on Taiwan’s government had doubled over the last year. Similarly, other countries are placing export restrictions on the sale of semiconductors to China due to tensions with the country, including the U.S., the Netherlands, and Japan. The U.K. also blocked most license applications for companies seeking to export semiconductor technology to China in 2023. SEE: China Investigates NVIDIA for Allegedly Breaking Monopoly Law In August 2023, China’s Ministry of Commerce announced it would implement export controls on gallium and germanium-related items “to safeguard national security and interests.” These rare metals are essential in chip production, and China produces 98% and 54% of the world’s supply of gallium and germanium, respectively. After U.S. President Joe Biden’s administration announced its third set of restrictions on semiconductor exports to China in December 2024, China swiftly banned the sale of germanium and gallium to the U.S., closing loopholes from its 2023 export controls, and added several U.S. defense tech startups that cannot do business in the country. What’s hot at TechRepublic Worries about fab capacity leading to quests for chip sovereignty The second and third most concerning factors impacting semiconductor supply chain reliability are inadequate fab capacity and the limited number of suppliers, cited by 65% and 52% of downstream organisations respectively. On top of human factors like geopolitics, natural disasters could also wreak havoc on supply chains if suppliers are based in just a handful of areas. A drought in Taiwan and three plant fires in Japan contributed to raw material shortages between 2019 and 2021, according to Electronic Products & Technology. While a third of the downstream organisations surveyed by Capgemini are either considering or actively exploring in-house chip design, governments worldwide are spending billions to boost national capacity for semiconductor production. The semiconductor industry executives surveyed expect a 17% increase in domestic sourcing by the end of 2026. In recent years, the U.S.: Additionally, Intel, TSMC, Texas Instruments, and Samsung — the world’s largest memory chipmaker — have all announced plans to build new fabs in the U.S. In August 2023, it was announced that the U.K. government would devote £100 million to fostering AI hardware development and shoring up possible computer chip shortages. Last September, Amazon Web Services announced plans to invest £8 billion in data centres in the country over the next five years. SEE: UK Government Announces £32m for AI Projects After Scrapping Funding for Supercomputers The European Union offered €43 billion ($46 billion) in subsidies to boost its semiconductor sector with its European Chips Act, which was adopted in July 2023. The bloc also has the lofty goal of producing 20% of the world’s semiconductors by 2030. source

Artificial intelligence is already a big deal, but not everyone is using it effectively. Many clients ask us how we’ve integrated AI into our QA process, but creating a real, usable approach wasn’t as easy as it seemed. Today, I want to share how we approached AI in quality assurance and the lessons we learned along the way.  The AI Hype and Reality  Two years ago, ChatGPT exploded onto the scene. People rushed to learn about generative AI, large language models and machine learning. Initially, the focus was on AI replacing jobs, but over time, these discussions faded, leaving behind a flood of AI-powered products claiming breakthroughs across every industry.  For software development, the main questions were:  How can AI benefit our daily processes?  Will AI replace QA engineers?  What new opportunities can AI bring?  Starting the AI Investigation  At our company, we received an inquiry from sales asking about AI tools we were using. Our response? Well, we were using ChatGPT and GitHub Copilot in some cases, but nothing specifically for QA. So, we set out to explore how AI could genuinely enhance our QA practices.  What we found was that AI could increase productivity, save time, and provide additional quality gates, if implemented correctly. We were eager to explore these benefits.  Related:What Could Less Regulation Mean for AI? Categorizing the AI Tools  Over the next few months, we analyzed numerous AI tools, categorizing them into three main groups:  Existing tools with AI features: Many products had added AI features just to ride the hype wave. While some were good, the AI was often just a marketing gimmick, providing basic functionality like test data generation or spell-checking.  AI-based products from scratch: These products aimed to be more intelligent but were often rough around the edges. Their user interfaces were lacking, and many ideas didn’t work as expected. However, we saw potential for the future.  False advertising: These were products promising flawless bug-free applications, usually requiring credit card information upfront. We quickly ignored these as obvious scams.  What We Learned Despite our thorough search, we didn’t find any AI tools ready for large-scale commercial use in QA. Some tools had promising features, like auto-generating tests or recommending test plans, but they were either incomplete or posed security risks by requiring excessive access to source code.  Yet, we identified realistic uses of AI. By focusing on general-use AI models like ChatGPT and GitHub Copilot, we realized that while QA-specific tools weren’t quite there yet, we could still leverage AI in our process. To make the most of it, we surveyed our 400 QA engineers about their use of AI in their daily work.   Related:6 AI-Related Security Trends to Watch in 2025 About half were already using AI, primarily for:  Assisting with test automation  Automating routine tasks  Developing a New Approach We then created an in-house course on generative AI tailored for QA engineers. This empowered them to use AI for tasks like test case generation, documentation, and automating repetitive tasks. As engineers learned, they discovered even more ways to optimize workflows with AI.  How profitable is it? Our measurements showed that AI reduced the time spent on test case generation and documentation by 20%. For coding engineers, AI-enabled them to generate multiple test frameworks in a fraction of the time it would’ve taken manually, speeding up the process. Tasks that used to take weeks could now be done in a day.  The Downsides  Despite its benefits, AI isn’t perfect. It isn’t smart enough to replace jobs, especially for junior engineers. AI may generate test cases, but it often overlooks important checks, or it suggests irrelevant ones. It requires constant oversight and fact-checking.  Related:Who Should Lead the AI Conversation in the C-Suite? Why Many Companies Get It Wrong  The biggest mistake companies make is jumping into AI without understanding its limitations. Many fall for the hype and end up using AI tools that don’t work well, only to face frustration. The truth is that AI is a valuable assistive tool, but it needs to be used thoughtfully and alongside human oversight.  Key takeaways from our journey with AI in QA:  AI is not a magic bullet. It provides incremental improvements but won’t radically transform your processes overnight.  Implementing AI takes effort. It needs to be tailored to your needs, and blindly following trends won’t get you far.  AI can assist, but it can’t replace human oversight. It’s ineffective for junior engineers who may not be able to discern when AI is wrong.  Dedicated AI testing tools still need improvement. The market isn’t yet ready for specialized AI tools in QA that offer real value.  AI is exciting and transforming many industries, but in QA, it remains an assistive tool rather than a game-changer. We at NIX are embracing it, but we’re not throwing out the rulebook just yet.  source

By Hailey Konnath ( January 10, 2025, 7:44 PM EST) — New Jersey’s attorney general issued guidance clarifying that the Garden State’s discrimination law applies to “algorithmic discrimination,” or discrimination and bias-based harassment stemming from the use of artificial intelligence and other similar technologies…. Law360 is on it, so you are, too. A Law360 subscription puts you at the center of fast-moving legal issues, trends and developments so you can act with speed and confidence. Over 200 articles are published daily across more than 60 topics, industries, practice areas and jurisdictions. A Law360 subscription includes features such as Daily newsletters Expert analysis Mobile app Advanced search Judge information Real-time alerts 450K+ searchable archived articles And more! Experience Law360 today with a free 7-day trial. source

Any modern business using a Voice over Internet Protocol (VoIP) phone system knows that maintaining security is essential for confidentiality, customer trust, and regulation compliance. Industries like healthcare, for example, have strict regulations governing communications, and HIPAA-compliant VoIP providers offer security, privacy, and access management tools to help companies follow these regulations — even when employees access the network from far away places. Meanwhile, poor encryption and security can also affect your bottom line, as scammers and fraudsters will find ways to exploit weaknesses to commit VoIP fraud on unsecured phone systems. Toll fraud works by hijacking a company’s phone system to make artificial and high-volume long-distance calls. The owner of the system gets charged for these calls (often without noticing), and then fraudsters are given a share of the revenue from colluding carrier services. Along with toll fraud, there are many other vulnerabilities of VoIP systems — but if you are using one of the best business phone services, your vendor is going to take over the challenging parts of VoIP security and encryption. You just have to promote basic network security at your organization (strong passwords, access control, etc.). 1 RingCentral RingEx Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Medium (250-999 Employees), Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Medium, Large, Enterprise Features Hosted PBX, Managed PBX, Remote User Ability, and more 2 Talkroute Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Any Company Size Any Company Size Features Call Management/Monitoring, Call Routing, Mobile Capabilities, and more 3 CloudTalk Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Any Company Size Any Company Size Features 24/7 Customer Support, Call Management/Monitoring, Contact Center, and more Good providers handle VoIP security and encryption A hosted VoIP service is a cloud-based communications solution offering secure voice calling and messaging over the internet. The beauty of these services is that security and encryption come baked in. The VoIP providers update software and firmware, maintain hardware, and help follow regulatory compliance for you. Of course, fraudsters and scammers are constantly evolving their game, but VoIP providers respond to these attacks in real time and keep your system safe from the latest threats. With a hosted VoIP service, your employees have individual login credentials to access their VoIP accounts, and all calls your company makes go through the service provider’s network. That means the VoIP provider handles the security and encryption while routing calls, not you. That also means your business is kept safe no matter where your employees are because a VoIP service lets them access the secure communication network from any softphone. Your employees won’t be tasked with performing any extra security-related tasks either, as VoIP services apply the latest measures across the entire network. Many of the headaches involved with remote work security are now fully off your plate. What should a secure VoIP provider have? A good VoIP provider should have robust encryption protocols to keep your data safe while it’s in transit. That way, voice calls and messages are indecipherable until they reach their destination, where only the recipient can decode them. Similarly, a stateful firewall and/or intrusion detection system helps prevent attacks and unauthorized access. Enhanced login security measures like multi-factor authentication (MFA) and two-factor authentication (2FA), for example, further secure access, and a password-and-token system can also be an effective measure against unwanted infiltration. The following technologies help VoIP providers secure their networks: Session Border Controllers (SBCs): An SBC acts as the gatekeeper of the network by regulating IP communication flow. SBCs are particularly useful for protection against Denial of Service (DoS) and Distributed DoS (DDoS) attacks. Transport Layer Security (TLS): TLS protocols use cryptography to secure a VoIP network’s signaling and media channels. TLS protocols use a digital handshake to authenticate parties and establish safe communications. Secure Real-Time Transport Protocol (SRTP): SRTP is a media encryption measure that acts like a certificate of authenticity, which can be required before granting media access. Not every organization requires SBCs, but anyone using a cloud phone system could be the target of a VoIP DDoS attack. Work with your vendor to deploy a future-proof VoIP phone system that follows network security architecture best practices. The VoIP industry has standards and frameworks in place to guide companies with the best security practices available. In fact, the International Organization for Standardization (ISO) publishes guidelines that cover this sector. A good provider should have the following accreditations and certifications: PCI Compliance: PCI compliance is an information security standard for card payments. Having this certification facilitates secure payments from major credit cards. ISO/IEC 20071: This Information Security Management System (ISMS) outlines a global set of standards that helps secure business data. ISO/IEC 27002: This Code of Practice for Information Security Controls outlines the controls and best practices for securing information. ISO/IEC 27005: This certification refers to Information Security Risk Management. It provides guidelines for assessing and managing information security risks. ISO/IEC 27017: This establishes protocols for cloud service providers. It helps explicitly secure cloud services and their ecosystems. ISO/IEC 27018: This outlines how to protect personally identifying information (PII) on public clouds. Secure VoIP providers also need to be aware of their human-layer security. Many scams originate from human error, so a business is only as safe if its staff members are reliable. As such, businesses are vulnerable to social engineering attacks. Social engineering is the process of manipulating individuals into giving up sensitive information. Rather than relying on technical vulnerabilities, many scammers use human psychology to obtain passwords, login details, and other sensitive information. Scammers often use phishing techniques to gain trust. This technique involves sending messages and emails that appear legitimate, ultimately leading individuals to give up passwords or new login details after trusting the source’s legitimacy. VoIP providers can limit opportunities for social engineering by implementing 2FA or MFA as part of IVR authentication workflows. Simply put, the more authentication steps required,