Knowledge Exchange

How technology is changing the landscape of workplaces and workforces. 

There is no question that the working world is constantly evolving and adapting to modern life. Since the first industrial revolution in the 18^th century, which saw the advent of machines for mass production, the way we work has been continually advancing. The age of the internet and computers began in the late 20^th century, bringing a further shift towards automation and digitalization.  

Now with what has been deemed the “Fourth Industrial Revolution”, cloud computing, machine learning (ML), artificial intelligence (AI), and Internet of Things (IoT), further blur the lines between physical, digital, and biological domains.   

We have started to see the impact of these technologies in the workplace, but looking ahead to the future, how could they be further integrated into our day-to-day working environment? 

Evolution of the hybrid workplace: 

The Covid-19 pandemic was a catalyst for one of the biggest shifts seen in the labour market in recent history, as companies had no option but to adapt to a remote working environment if they wanted to stay operational during strict global lockdowns.  

Now, more than three years later, more companies than ever look set to make remote and hybrid working environments a permanent fixture according to Scoop. The latest Flex report for Q2 2023 found that 51% of companies offer work location flexibility, up from 43% in Q1.  

Challenges of Remote Working: 

Despite the popularity of remote and hybrid working, it is not without its challenges. Some of the biggest obstacles faced by companies incorporating remote working into their working environment include:  

• Collaboration and communication 
  In the absence of face-to-face interactions, businesses can face difficulties in ensuring effective communication and collaboration among colleagues and teams. The absence of non-verbal cues can result in misunderstanding and miscommunication which can lead to an absence of trust amongst employees.   
   
• Technology  
  In order to complete there work efficiently remotely, employees need to have access to the right technology. Not having the right telecommunications solutions can hinder a team’s productivity.  
  IT teams also need to be able to access and manage devices remotely in order to provide quick and efficient support for their employees.  
   
• Cybersecurity 
  Security is a major concern for all businesses, especially when implementing a remote workforce. There is a greater threat of data breaches if employees are using personal devices, as employees who use the same device for both personal and professional use may not have adequate back-up and recovery options.   

How to create a hybrid work environment with the right technology: 

• Invest in collaboration software 
  Whether your team is fully remote or hybrid, they need access to the right resources in order to be able to work efficiently. Cloud-based business applications allow your employees to communicate and collaborate with ease.
  
  Additionally, the right telecommunications solutions play a large role in providing a face-to-face experience irrespective of where they are based. They are vital for business efficiency. Streamlining communication processes empowers employees to act faster, facilitates decision making and improves business efficiency.  

• Provide the right hardware 
  Choosing the right hardware that can keep pace with your business needs is pivotal to enabling efficient collaboration and innovation, particularly as more companies are embracing a “work from anywhere” mindset.  
   
  In order to maintain a high level of security, businesses need to provide their employees with modern, trusted devices that are solely for professional use, to avoid a potential data breach. Using devices for both personal and professional tasks can increase cybersecurity threats.  

• Make cybersecurity a priority
  Having a remote workforce expands your attack surface and therefore increases the risk of cyberattacks, but keeping cybersecurity at the forefront of your digital transformation strategy can keep your business safe.
  
  Employees should use company issued devices which have been protected with the latest anti-malware protection, using multi-factor authentication to verify their identities when logging in. Implementing these measures alongside steps such as virtual private networks will enhance your company’s security.

AI advancements in the workplace

Last month’s Knowledge Exchange focused on how AI is evolving - for better or for worse. But how will it affect workplaces and the more pertinent question on everyone’s lips – will it be used to replace a large part of the workforce?  

Chairman and CEO of Microsoft, Satya Nadella, described the next generation of AI as “moving from autopilot to copilot” in terms of how we can incorporate AI into our work processes.  AI is already second nature to most digital experiences and from automation to job creation, its effects are quickly being felt across the workforce.  

• Automation and augmentation of tasks:  
   Generative AI will disrupt working patterns as we know them but will also add a new dimension of human/machine collaboration to the workplace. Large Language Models (LLMs) such as ChatGPT will impact 40% of working hours across industries according to Accenture.
  
  Companies such as Google and Microsoft have started to integrate generative AI technology including LLMs into their workspace software allowing users to maximise the potential of business applications and enhance their work processes.

• Job displacement: 
  Due to the automation potential of AI, certain jobs will decline in the coming years as AI replaces the need for humans to complete repetitive, manual tasks such as data entry and admin. While many individual tasks can be automated, it is hard to predict precisely how many jobs will be lost due to AI. Research shows anything from 9 – 47% of jobs.  
   
  The World Economic Forum predicts that the top five jobs that will face a decline in the coming five years are Bank Tellers, Postal Service Clerks, Cashiers, Data Entry Clerks and Administrative Secretaries.  

• Job creation:  
  While there are worries about job displacement, AI also brings opportunities for job creation. This era of AI will invoke a shift in the skills required of the workforce. In particular there will be a demand for advanced technological skills such as programming, data analytics, and machine learning science.
  
  The World Economic Forum predicts that by 2025, the shift in the labour market will result in 85 million jobs, but this will be offset by the creation of 97 million new positions. However, the workforce will need to have an open mind to upskilling and reskilling. 

Since the industrial revolution, technology has always been there alongside a human workforce to streamline processes and make them more efficient. AI has powered online experiences for years, and there will be no exception in how it will increasingly power the workplace.

Final Thoughts

Although many hybrid and remote workplaces were set up practically over night following mandated lockdowns due to Covid-19, companies continue to embrace remote working environments with the help of technology. 

Despite the skepticism over job losses caused by AI, it is poised to create more jobs than it will automate. In order to embrace these opportunities, the workforce will be required to upskill or reskill as an investment in their future.  

Technology has revolutionized how we work since the Industrial Revolution and now with robust digital transformation strategies and technologies such as generative AI, workplaces will continue evolve, no longer relying on physical offices and becoming ever more digitalized and automated.  

Improve productivity, retain more staff, hire the best talent and reduce office and energy costs.

This month’s Knowledge Exchange will examine why more firms are not only adopting a work from home strategy (WFH) but also a WFA strategy, and what effects this is having on technology purchasing decisions, productivity, staff collaboration, corporate culture, and staff wellness including mental health. It will also examine what potential pitfalls to avoid, when looking to adopt a WFH policy. 

Introduction

According to the United States Bureau of Labour and Statistics, remote work has risen by 31% in the US in the last couple of years. While many associate this trend as a by-product Covid, allowing staff to work from home has been experimented with since another energy emergency gripped the world back in the 1970s, the Oil Crisis1.

During this time, which scarily mirrors the current energy crisis, rising inflation, the pressure on cost of living and energy, as well as the soaring costs for commuting forced the hand of some companies to allow its knowledge workers, to work from home.

While these experiments were primarily aimed at supporting employees working from home, the proliferation of the Internet, email and other communications technology was making it easier for people to work from other places too such as customer sites, airports, and other places with reliable internet connection. Remember those Internet Cafes in the ‘90s?

Even before the Covid pandemic, around 20% of US workers were already working at home, according to the Pew Research Center. And this trend looked likely to grow, especially in the IT sector. The rapid and widespread onset of Covid naturally accelerated this adoption with office closures and lock downs, in another mass human experiment, this time on how businesses could continue to operate, and workers could effectively work remotely. After three years of WFH experimentation, the genie seems to be truly out of the bottle for a lot of workers with 54% of workers surveyed by Pew expressing a wish to continue to WFH now the pandemic has been declared over.

More recently, WFH has expanded the ability to work from anywhere (WFA) for cohorts of workers and especially Millennials and Gen Z who are attracted to being ‘digital nomads’, living in different parts of the world and working for companies that encourage remote, hybrid, WFH and WFA environments.

Technology, security, and infrastructure considerations

As we examined in last month’s Knowledge Exchange, the move to hybrid cloud is somewhat making it easier for organisations to adopt more WFH and WFA practices as a lot of the concerns of distributed computing can be managed in the cloud and with water-tight IT policies. Of course, the endpoint devices must be secure and have the right anti-virus and anti-malware detection on them as well as virtual private networks (VPNs) to encrypt traffic between the end point and the company environment, but with collaborative cloud-based office platforms, CRMs and video calling and instant messaging tools, the consistent threat to IT managers are the employees themselves and the email inbox!

Despite spam, malware and other malicious software screening, the level of sophistication of hackers and bad actors is constantly putting networks and infrastructures at risk either in a centralised office or in a distributed environment. Throw Artificial intelligence (AI) into the mix and IT Managers have another headache. AI can be immensely helpful in detecting suspicious activity and patterns, but also extremely tricky at the same time to detect as we examined in our recent cybersecurity articles.

Making sure remote workers are regularly trained in IT policy and best practice as a mandatory policy to be able to WFA is a prudent step to take when adopting a WFH/WFA strategy. And in a distributed cloud environment looking at a unified security solution should also be part of the strategy, according to Lloyd Tanaka of Checkpoint Software who thinks:

“Traditionally, organizations have established security protocols in conjunction with internet gateways. However, this approach only works when the number of access points are minimal and controlled, such as in a company’s office building,”

“When it comes to securing a WFA environment, making remote access work for all your employees requires must-haves, including, VPNs, real-time threat intelligence, a Zero-Trust approach to access management, and mobile and Internet of Things (IoT) device security.”

Tanaka also suggests IT Managers think about a unified approach to security in a distributed cloud environment and adopting Secure Access at the Service Edge (SASE) instead of managing point solutions. This, Tanaka suggests allows organisations to protect remote users and offices, consolidate networking and provide security-as-a-service.

“With SASE, organizations can lower OpEx and increase security at scale. Protect your distributed workforce with security that’s simple to implement, easily scalable and offers optimal management controls,” Tanaka said.

87% of employers said they anticipate prioritizing tech and digital infrastructure investments that support sustained remote work, according to the Boston Consulting Group

Lloyd tanaka

This month’s Knowledge Exchange will examine both the benefits and the potential dangers of unregulated Artificial Intelligence on Enterprise resourcing, business IT platforms, sales and marketing strategies and also on customer experience. It will also ask if it is possible to pause AI development to roll out ethical and regulated AI that protects and enhances jobs rather than potentially replace them; protects personal data, privacy, and preferences rather than manipulate it for nefarious reasons and that doesn’t spiral us into a “Terminator” or “Matrix” like future where the machines are in control!

The Good Side of AI

As we discussed in last month’s Knowledge Exchange on Hybrid Cloud, Artificial Intelligence (AI) has some compelling usages for ITDMs especially when it can help tame IT complexity by automating repetitive and time-consuming tasks. It can also be used to learn and write code from past data and be used to autogenerate content and images from multiple sources by mimicking human intelligence and human labour. As the technology develops, there seems to be a whole raft of plug-ins and algorithms that people such as Microsoft’s chief executive, Satya Nadella believes will: “Create a new era of computing.”

Copilot (sic) works alongside you, embedded in the apps millions of people use every day: Word, Excel, PowerPoint, Outlook, Teams, and more…it (sic) is a whole new way of working.

Microsoft 365 head I Jared Spataro

And as corporations and investors are constantly looking at growth, efficiencies and ultimately profit, the lure of AI to support this new paradigm must be insatiable proposition right now, especially as we are seeing a lot of economic pressure from various financial, energy and geopolitical crises.

This is perhaps why, as news service Reuters notes, since the March 2023 launch of Microsoft’s AI “Co-pilot” developer tool, over 10,000 companies have signed up to its suite that can help with the generative creation and optimisation of its Office 365 Word, Excel, Powerpoint and Outlook email software that some commentators are calling “Clippy on Steroids”

Speaking to Senior editor of the Verge, Tom Warren, Microsoft 365 head Jared Spataro said: “Copilot (sic) works alongside you, embedded in the apps millions of people use every day: Word, Excel, PowerPoint, Outlook, Teams, and more…it (sic) is a whole new way of working.”

Microsoft has also invested $1bn into former non-profit, OpenAI a company co-founded by billionaire inventor and investor, Elon Musk who has since left the company to concentrate on his Tesla automotive and SpaceX Aeronautical business. Now a for-profit business, OpenAI, is working on an Artificial Generative Intelligence (AGI) to perform like a human brain.

Microsoft and OpenAI will jointly build new Azure AI supercomputing technologies. OpenAI will port its services to run on Microsoft Azure, which it will use to create new AI technologies and deliver on the promise of artificial general intelligence. Microsoft will become OpenAI’s preferred partner for commercialising new AI technologies,

Microsoft 365 head I Jared Spataro

The partnership will offer Microsoft the chance to not only catch up with Google’s AI developments of late, but also give it more muscle for AI development due to its combination of resources and hardware combined with the researchers and developers at OpenAI, according to industry watcher, TechGig it noted:

“Microsoft and OpenAI will jointly build new Azure AI supercomputing technologies. OpenAI will port its services to run on Microsoft Azure, which it will use to create new AI technologies and deliver on the promise of artificial general intelligence. Microsoft will become OpenAI’s preferred partner for commercialising new AI technologies,” according to an official Microsoft statement.

Back in November 2022, OpenAI launched its much lauded and controversial text generator ChatGPT, ahead of rivals Google that launched its rival Bard text generator product later in February 2023. Until then, Google had been largely considered at being ahead of its rivals by integrating AI tools into products such as its search engine, something Microsoft also started to implement into its Bing search engine in February. But unlike ChatGPT, Bard is still not available or supported in most European countries.

As the AI ‘arms’ race heated up in April this year, Google launched a raft of tools for its email, collaboration and cloud products, according to Reuters, that reported Google had combined “Its AI research units Google Brain and DeepMind and work on “multimodal” AI, like OpenAI’s latest model GPT-4, which can respond not only to text prompts but to image inputs as well to generate new content.”

And there certainly seems a tsunami of AI development projects that are either in development or planned to be rolled out from seemingly all collaboration, content, cloud, data and security vendors that can see the potential that AI could do to enhance current offerings and workflows. As we examined in March’s Knowledge Exchange whitepaper, adding AI to Cybersecurity applications to prevent increasing vulnerability and sophistication of attacks, including AI generated malware, was one of the main hopes and priorities of ITDMs for 2023 and beyond.

In other applications of AI, from a customer user experience point of view, having the ability to generate not just content but localised or personalised content is also very attractive for companies to generate Website content, emails and sales and marketing communications, because they don’t require hundreds of content and digital specialists to create it. For example, in the UK, Press Association (PA), has recently launched its Reporters And Data and Robots (RADAR) service to supply local news media with a mixture of journalist generated content and AI generated content to supplement their local coverage.

This venture is beneficial for local areas that have seen local news coverage drop in favour of centralised national news coverage and shines a light on how AI and Human intelligence can be combined to create quality content. And from a marketing point of view, the ability to generate personalised emails by AI using data from multiple sources would seem like discovering the Holy Grail. Imagine a scenario where AI looks at intent data from a customer Ideal Customer Profile list to see who is currently in market for a product or service by analysing what content a company or individual might be consuming. Using some predictive analysis, autogenerated content could be used to nurture those companies or individuals to a point where more predictive analysis could be deployed to analyse where they are in the purchasing process and create content accordingly. Or it could be used send invitations to follow up with a sales person or drive people to a website where there are AI enhanced chatbots that can gather yet more information about a product or service requirement in more of a conversational style, as Cloud giant AWS is developing:

Businesses in the retail industry have an opportunity to improve customer service by using artificial intelligence (AI) chatbots. These solutions on AWS offer solutions for chatbots that are capable of natural language processing, which helps them better analyse human speech.

By implementing these AI chatbots on their websites, businesses can decrease response times and create a better customer experience while improving operational efficiency.

Lastly, from a sales and business development point of view, having AI enhanced tools to generate less cold call intros and help with following up with more personalised and less generic emails is also a compelling application of AI in the lead and pipeline generation space.

With increasingly leaner SDR and BDR teams, it is often difficult for companies, especially start-ups, to get sales staff up to speed on complex IT solutions. But having a product matter expert involved in the modelling of AI algorithms that can enhance conversational email and follow up allows the BDR/SDR not only achieve the right messaging but also allows them to manage and communicate with more potential leads.

The bad side of Artificial Intelligence

As a species, humans have always seemingly developed tools, products, medicines, industries, and societal frameworks that have the potential either help or harm society. But more recently we’ve really accelerated the ability for our tools to impact our world for better or worse.

But often, we are too distracted by the “wow isn’t that cool” part of technology before we think: Should we be doing this? What are the down sides? Who is regulating this? What are the long-term impacts. Can we stop it if we have to?

AI systems with human-competitive intelligence can pose profound risks to society and humanity, as shown by extensive research and acknowledged by top AI labs. As stated in the widely-endorsed Asilomar AI Principles, Advanced AI could represent a profound change in the history of life on Earth, and should be planned for and managed with commensurate care and resources.

Pause Giant AI Experiments: An Open Letter

And while we marvel at dancing robotic dogs from Boston Dynamics or AI infused technology into computer generated imagery and text there are many leading tech and industrial figures that are worried of the implications of rapidly evolving, unregulated AI upon businesses and society at large. They are very worried.

Before his death, eminent physicist, Stephen Hawking, forewarned that AI could help to end the human race. And in March this year, Elon Musk, who has started his own AI company and a whole host of tech leaders put their signatures to an open letter to the Tech industry to “pause giant AI experiments” for at least 6 months and not surpass any technology that exceeds frameworks like ChatGPT 4. The letter at the time of writing had nearly 30K signatures.

This month’s Knowledge Exchange white paper on emerging and existing Cyber Security threats will examine why ITDMs and Business Leaders are extremely worried about a ‘catastrophic cyber event’ that could have more of a societal impact than Covid-19 in next few years, and what ITDMs can do today and longer term to mitigate those risks. 

It may be pure co-incidence, but it was certainly chilling to see that in a matter of weeks after the World Economic Forum’s (WEF) 2023 annual summit in Davos, Switzerland that warned of a total “grid down” scenario caused by a ‘catastrophic cyber event;’ a mysterious high-altitude balloon was seen floating across America. 

And while many in the mainstream media have quickly judged this and subsequent other balloons to be a surveillance or spy balloons, other commentators claim that most state sponsored espionage is done via satellites¹ and that this vehicle has potentially a more sinister capability: The ability to activate an electromagnetic pulse or EMP at high altitude (HEMP) using a smaller lighter nuclear payload. 

Therefore, if the balloon was carrying an EMP device or was just a drill to test the detection and response time of such devices, at the sort of altitude the vehicle was flying it would have a greater geographical reach than a ground detonated device and could have knocked out a big chunk of the infrastructure it was flying over.  

A grid down scenario would make Covid’s impact seem like, ‘a small disturbance’

Klaus Schwab, founder of the WEF. 

he result would be an instant shut down of power, communication, finance, and business systems that would have a devastating effect to emergency services and supply chains that could tip society into chaos in a matter of days. 

A grid down scenario would make Covid’s impact seem like, ‘a small disturbance,’ according to Klaus Schwab, founder of the WEF.  

President of the Centre for American Defence Studies, Paul Crespo also confirmed the high-altitude vehicles could be a trial run for a cyber-attack using a balloon-mounted weapon.  

Speaking in the Epoch Times Crespo said: 

“While China has tested hypersonic missiles launched from balloons in the past, that isn’t a likely use for these airships."

“The biggest threat is sending one or more of these high-altitude balloons over the US with a small nuclear EMP device.” 

While we hope the vehicle may be nothing more than a ‘weather balloon,’ with rising geopolitical tension between the US with China², over Taiwan, tensions with Russia, over Ukraine; an increasingly unstable regime in Iran and a reescalation of tension with North Korea, the usage of EMP enabled weapons for a global pre-emptive strike seems alarmingly possible.  

Military strategists at these countries may be in favour of a high-altitude pre-emptive HEMP strike over a conventional full blown nuclear attack as it limits immediate death, radiation fall out and keeps the infrastructure intact, albeit broken, that can be repaired in time.

Research Round Up

THIS MONTH'S LATEST CYBER SECURITY RESEARCH From security vendors, bloggers, and analysts

Checkpoint Security: Cyber Security Report 2023

Author: Maya Horowitz, VP Research at Check Point Software Technologies

• “In 2022, the proportion of email-delivered-attacks has increased, reaching a staggering record of 86% of all file-based attacks in-the-wild.”
• “The Russia-Ukraine war demonstrated how traditional, kinetic war can be augmented by a cybernetic war. It has also influenced the broader threat landscape in the rapid changes of hacktivism and how independent threat actors choose to work for state-affiliated missions.
• The war has also seen enhanced usage of wiper malware, malware that intends to erase or wipe data of the drive it infects, and this trend has been adopted by several actors, reaching a point where 2022 has seen more wiper attacks globally, than in the previous decade altogether.”

IBM Security Report: Cost of a Data Breach Hits Record High During Pandemic

• In 2021 systems and software giant, IBM Security found that over half of SMBs had experienced a cyber-attack largely as the result of the pandemic where new hybrid working models were introduced or with the increased migrations to cloud infrastructure.
• IBM notes that 40% of SMBs do not have comprehensive and updated cyber-security incident plan. Other findings of the IBM research found that or companies with less that 500 employees the cost of an average Cyber breach was around $3m per incident.

Venture Beat/ Forrester 2023 Cyber Security Predictions

• More than 50% of chief risk officers (CROs) will report directly to the CEO.
• A C-level executive will be fired for their firm’s use of employee monitoring.
• A Global 500 firm will be exposed for burning out its cybersecurity employees 

SecureList by Kaspersky: What your SOC will be facing in 2023

Authors: Sergey Solatov, Roman Nazarov

• Ransomware will increasingly destroy data instead of encrypting it
• Public-facing applications will continue to be exploited for initial access
• More supply chain attacks via telecom
• More reoccurring targeted attacks by state-sponsored actors
• Rise in attacks on Media outlets

EMP Research

• Future-proof: bunkered data centres and the selling of ultra-secure cloud storage
• Challenges in Protecting Cyber Critical Infrastructure-GOA
• North Korea’s Satellites Could Unleash Electromagnetic Pulse Attack
• Critical Infrastructure Cyber Recommendations Go Largely Unaddressed-Nextgov
• EMP/Solar flare-Grid Down Consulting
• Infrastructure Security-CISA

Cyber Security Podcasts-Compiled by Fabian Weber

• Darknet Diaries
• Security Weekly
• Simply Cyber
• 7 Minutes Security
• 2 Cyber Chicks
• The Hacker Factory
• Securing Bridges
• Security Now
• Malicious Life
• Human Factor Security
• Unsupervised Learning
• Hacking Humans
• The Privacy, Security & OSINT Show
• Smashing Security
• CyberWire Daily
• Risky Business

Summary

The first three blogs of our cybersecurity and digital transformation series focused on the threats and security challenges faced by businesses when implementing a digital transformation strategy. In this concluding installment we will lay out the steps you can take to protect your company from potential attacks.

How can businesses reduce the risks of cyber-attacks?

SMBs face a significant risk of cyber-attacks and security breaches. Businesses can take this steps to improve cybersecurity practices. A single attack can cause irreparable damage to the business. Therefore, it's essential for businesses to establish robust security practices to mitigate security threats to their infrastructure and organization. In this fourth and final installment of our cybersecurity series, we will lay out the best ways to tackle these challenges and threats.

Preparing your business for potential security breaches may seem daunting, but there are many steps you can take to improve your security measures. Here are some ways to improve your business's cybersecurity practices:

• Implement access controls:

Access control policies limit access to your business's critical assets. Avoid sharing user IDs for accessing systems and data. Instead, use unique IDs and login credentials to make it easier to track who is accessing your resources. Implementing automated Identity Access Management (IAM) systems helps streamline this task and eliminates a large amount of risk.

• Thoroughly train employees in best practices:

Humans are often the weakest link in the cybersecurity chain. It is essential that your employees and adequately trained in your more updated security procedures. They need to be equipped with the knowledge and skills to be able to identify and avoid potential threats. Without this, they may be more likely to fall victim to sophisticated phishing attacks, and unintentionally expose the company’s data or put it at risk of an attack.

• User Authentication:

User authentication is the process of verifying the identity of a user before they are granted access to a system or application. Multi-factor authentication creates a layered security system that requires employees to use a randomly generated one-time code sent via SMS or email in addition to their password to verify their identity. This type of security system protects your data by preventing unauthorized third-party users from gaining entry to business systems and websites.

• Implement a Managed Detection and Response (MDR) service:

Small businesses and their IT security teams can struggle to keep pace with their growing volume of technology and threats. A Managed Detection and Response (MDR) service is a cybersecurity service that combines high-end technology with human expertise to rapidly identify and limit the impact of cyber threats without the need to hire additional staff. This service monitors your systems and applications 24/7 to detect and respond to any security incidents.

Final Thoughts

In conclusion, improving your business's cybersecurity practices is essential to safeguarding your data and ensuring the continuity of your business. By implementing these security measures, you can help protect your business from cyber threats and avoid the devastating consequences of a security breach.

☉☉☉