News About the Latest Technological Advances 


3 Tips to Ensure the success of your company's digital transformation

Wipro's survey reveals that, although there are still barriers, companies in Brazil are more optimistic about digital transformation projects.

C-Level executives are more confident about their companies' digital transformation projects: 76% are optimistic about the strategies adopted to keep pace with this trend. This statement is from the Digital Transformation Survey 2019 report by Wipro, an IT consultancy.

The survey interviewed 1,400 leaders worldwide, 200 in Brazil. The study showed that Brazilian companies understand the need for the innovation journey: they have an average of 6.08 programs in this area. Over the past five years, 47% of respondents have invested in one to five digital transformation projects. Already 44% worked on six to 10 projects, while only 8% had 11 to 15 projects in that period.
A highlight of the survey is that most respondents agree that, even if the company is behind on the transformation journey, it can keep up with the competition in the long term (84%). This data reinforces another: of the 200 Brazilian leaders, 92% are aligned with the meaning of digital transformation. Their ambitions are focused on:
Drive revenue growth (26%)
Be more agile and follow the market (16%)
Reduce costs (11%)
Enter new segments (10%)
Modernize IT (8%)
As for the return on investment (ROI), most companies see this result after 12 months. The measurable business return from digital transformation in less than six months was seen by 29% of respondents, from six to twelve months by 38% of respondents, and from one to three years by 31% of leaders.

The challenges of digital transformation in Brazilian companies
The study also showed that companies face the human factor (the difficulty in finding qualified professionals) as a barrier to ensuring successful investment in digital transformation, but that some points can be addressed:
The company's expectations: 54% of respondents mentioned “inconsistent sponsorship of senior leadership.” The CEO must be the digital transformation leader and focus on the company's growth from business disruption. Thus, this executive will bring the desired result when approaching other C-Level and sectors of the company.
Alignment with the executive team: 55% of survey respondents indicated the need for better alignment with business stakeholders. In addition to the CEO, other executives should be engaged in the digital strategy to discuss investments and how innovation will impact the business.
Looking at employees: 56% highlighted that they were unable to train teams to change the technology already used in the company's processes or use new technologies, methods, or processes. But this scenario is different when the company engages its employees about the digital transformation by opening a dialogue with them, facilitating interaction with these innovations.
3 tips to help your business on the digital journey
Embracing the digital transformation is creating a competitive advantage and, at the same time, driving investments to grow the business. But this journey is not just the CEOs. To be successful on a project, he might consider:

1. Create a digital strategy

This can be done through meetings with all company areas to understand what innovative improvements they need: what are the pains in each sector, and how can technology solve them? How will this impact the company as a whole? It is important to establish each person's role in charge to help in this strategy and maintain an ongoing conversation with employees (internal social networks and other actions) to engage them in this digital journey.

2. Develop a disruptive project

The digital journey causes a shift in corporate culture. Many leaders quickly think about how to extract data and generate business value, but in a transformation project, you need to go further. Cultural change happens when the digital transformation takes its first steps in the company, and it is a process that starts from the inside out. In other words, it is by bringing innovation to the sectors that one can think about how the company can impact customers in a disruptive way.

3. Look for innovation outside the company
The innovation
the ecosystem is huge in Brazil, and as much as the company thinks it is advanced in the digital transformation, others are already impacting the market. Startups and companies like Embratel already have innovative projects. Following them is a way to create relationships, have a wider range of ideas and solutions, and quality professionals for a more digital environment.


9 Consequences of the new data protection law 

In a day of in-depth debates with specialists on the subject, during the EXAME Information Security Forum last week in São Paulo, three points were identified as key factors for a successful information security project: people, processes, and technology.
The consensus is that, in the short term, the change in culture and processes will be painful. Still, it will be an advantage in the medium and long term: Brazilian companies, when they are adapted to the rules of the European GDPR and its Brazilian variant, the LGPD, will be competitive in the global market.
The new General Data Protection Law (LGPD) will have at least 9 consequences directly affecting corporate environments, see which are:

1. Strengthening the industry

The information security industry is growing. Sales and budgets are increasing, companies are hiring more, but the problem is that there are not enough professionals to meet the demand. The industries that should invest the most in this area are Health, Banking/Finance, Production/Manufacturing. According to Gartner, by 2020, more than 70% of companies worldwide will constantly monitor incidents with sensitive data.

2. Decision-making Factor

According to a North American survey, half of the companies are looking for a new security system because they are proactively investing in this issue, while the other half only start this move to react to specific security incidents.

3. Security vs. technology

The main disruption is understanding that information security and information technology are not the same things. An improperly discarded paper has nothing to do with information technology but everything to do with information security.

4. The rules apply to everyone

LGPD will greatly change the way companies collect and process their customer data. It will be necessary to respect some principles about the collection, and the main one is consent. There will also be new technical rules for storing information in increasingly secure environments. And that will be true for companies of all sizes and industries.

5. Oversight

When the LGPD was sanctioned, the government did not approve the creation of an oversight agency. The importance of having a specialized body is unanimous among specialists, especially due to the dynamics of change in this area. But in the absence of such authority, companies must rely on traditional bodies, such as public ministries or the state units of Procon.

6. The danger

First, look at the organization and map out what personal data is involved in the business. Then, analyze each step of data collection and processing and understand what legal bases support this information. Not collecting data that is not going to be used is the basics. This becomes not only illegal but also dangerous.

7. Suppliers and third
The responsibility for data security rests with the company that collected it, regardless of where it is stored. In other words, everyone in the chain has responsibility, but whoever hires is legally responsible for his/her contractor.

8. Confidential information

Much of companies' internal communication, including the exchange of sensitive data, takes place in unmonitored third-party tools, such as WhatsApp. This produces unstructured data – logs, information, and conversation histories that are not necessarily stored in a database. Almost all companies today have some cloud strategy and go through digital transformation processes, and, on average, 50% of the data they produce is sensitive. Many companies are not concerned about handling this data. It is estimated that, in 2018, 38% of companies will have some problem of breach of information.

9. Governance

All areas of the company must be involved in the issue of information security, not just IT. There needs to be a cultural concern with this issue: training people to understand that it is not security for the company; it is for the employee himself and should start with his e-mail.


10 cyber threats on the rise in the first half of 2021

In addition to the well-known phishing and ransomware, cybercriminals are using voice and resume to obtain information from companies.

The cyber threat will still take many nights of sleep of executives. A survey by security company Kaspersky, released in June, showed that cyber-attacks using remote access grew by 330% in Brazil.

Another report by the same company, also reported in June, pointed to Brazil as the leader in ransomware attacks on companies during the pandemic.
This increase in attacks has everything to do with the moment experienced by companies from different sectors that needed to enable a remote operation in the name of business continuity.
And do you know why? Because it's not uncommon for employees to have to use their own devices to work.
Here, it is noteworthy that, although the company has offered a workstation, some use a personal smartphone to access internal files, respond to e-mails or interact through productivity applications adopted in the pandemic.
This opens up room for vulnerabilities, and if the team is not trained in security best practices, an intrusion into internal systems can happen. Even more, hackers have adopted new attack methodologies, adapting them to the moment lived during the new coronavirus pandemic.
1. Donation scams
Since social isolation began, there have been many e-mails fraud campaigns. They all asked for pretty much the same thing: donations to health organizations and other frontline entities in combating the new coronavirus.
The problem is that these organizations and entities when they did not exist, had their marks falsified by the scammers. An example was the triggering of campaigns on behalf of the World Health Organization (WHO), which also suffered an attempt to hack into systems.
Still, in the midst of the pandemic, the Black Lives Matter movement also became a target for scammers, who started shooting various SPAM content to different audiences in the initiative's name.

2. Mobile apps
Here we have two situations.
The first is about companies like Google and Apple that have developed tracking applications to identify people who have been close to another infected with the new coronavirus.
However, hackers wasted no time, and 12 malicious apps were made available on the Play Store (Google) and App Store (Apple), according to the InformationWeek website. All of them were only meant to download malware onto users' devices.
3. DDoS
This type of attack is already well known here at Mundo + Tech. From the beginning of the pandemic until May, DDoS attacks increased 67%, as discussed in the Embratel Talks on cybersecurity.
DDoS attacks work like this: Cybercriminals drive much traffic to a website, which cannot respond. As this attack generates an “error” in the DNS server (domain name system), the system is unavailable.
Because many people are more connected because of social isolation, these distributed attacks can go unnoticed by the security team. A DDoS attack is one of the biggest threats to the privacy of a company's data and operations.

4. Phishing
Phishing is a cyber threat, quite an ally of dependency type l. With the home office, many employees exchange emails for solving some demands and daily business.
Some of these malicious emails are fired with contamination maps and even other content related to the new coronavirus during the pandemic as if they were legitimate. However, in the small details (a changed letter, for example), the danger lies.
When an employee inadvertently clicks on any link within these emails, the chances of him having sensitive information (CPF, ID, credit card number, login, and passwords) stolen are great.

5 . Spear Phishing
If phishing we have the mass firing of emails in a generic way, spear-phishing brings greater complexity because it is a targeted attack – whether to a person, an institution or even a state or country.
This type of cyber threat will gather as much information as possible from the target and then fire off emails that will look legitimate in an attempt to deceive the target. Not long ago, the WHO also suffered this attempted attack.

6. Vishing
Even though many people are more connected, they are not just victims of “digital” attacks. For example, did you know that even before email, the use of voice was quite common in an attempt to steal someone's information?
This practice is called vishing -combines words voice (voice) and phishing - and she received an update from the remote work that gained momentum in the business. Criminals pretend to be the company's technical support to convince employees to disclose login and password or enter them on a fake website.
It is also worth highlighting the increasing smishing (phishing made from SMS) with information about COVID-19, which, in fact, has a malicious link to install malware on the smartphone.

7. Ransomware
With organizations increasingly dependent on the digital world to maintain their operations, it's no surprise that ransomware attacks have increased during the new coronavirus pandemic.
With a greater vulnerability in companies' security — the result of the rapid and necessary migration to a remote operation — cybercriminals have started to look to companies that have the critical infrastructure to lock digital systems until a ransom is paid.
How is this done? We've talked about the same tactic in other topics: fake COVID-19- related emails and websites aimed at employees who now work from home. All it takes is a download of malicious content for attackers to hijack the entire company's system.

8. Malicious Resumes
Perhaps this is one of the most “peculiar” cyber threats right now. The rise in unemployment meant that many companies started to receive resumes from possible candidates.
According to a publication by Check Point, a security solution company, the number of resumes and sick leave forms with some hidden malware has doubled since the beginning of the pandemic – usually in Word or Excel spreadsheet format.

9. COVID-19 malicious websites
Many people search the internet for information about COVID-19. This has become an opportunity for cybercriminals: 86,000 domains with keywords related to the pandemic are “high risk” or “malicious,” 
According to the cybersecurity company's publication, "1,767 'high risk' and 'malicious' domain names (C2, malware or phishing) about the new coronavirus are created daily."
10. Cyberespionage
Not every cyberattack has an independent hacker behind it. According to a report by The Washington Post, there are suspicions of countries that ordered raids on hospitals and health entities present in other nations.
Usually, these forays seek information about research related to the cure of COVID-19. However, cyber-attacks are more sophisticated and difficult to prevent and mitigate.

News About the Latest Technological Advances 


What does it take for smart automation to happen?

Computer vision and AI-generated scripts are some factors that can improve intelligent automation within the company.

Automated processes have become recurrent in companies after the start of the new coronavirus pandemic. It was a way to revisit operations and business models to continue innovating in critical situations.
However, modernization efforts with RPA (Robot Process Automation) still present a challenge: they are the rule-configured robots that generally act on individual tasks but not on the entire process chain of a company.
bot can automatically fill in the timesheet from software that logs employees in and out. However, a person and/or a second robot will need to confirm the days worked on calculating the paycheck amount.
Although RPA is configured according to a company's needs, intelligent automation still does not have a good level of maturity in the market. The topic, by the way, was even discussed in a publication by Mundo + Tech last year. 
What is the current state of intelligent automation?
According to Korolov, there are two typical use cases of Artificial Intelligence in automation: the insertion of information from a PDF file into a form or indicating the best response that an attendant can give a consumer.
However, as the author of the article points out, all technology processes still place humans at the center. That is, employees will monitor the performance of an RPA to find bottlenecks.
If found, these professionals will suggest the development of new scripts to automate processes and reduce obstacles. However, the overall visibility of flows is not simple because different systems can be used for each bot.
When it comes to creating an RPA that can take intelligent automation from end to end — in this case, from the beginning to the end of a process — the AI may not fully understand what is done in demand for the number of integrated systems.
Using computer vision
In this first example, Maria Korolov brought up a use case from Genpact, a global professional services company. The company uses intelligence to combine various individual transactions of its customers into central systems.
“But intelligence fails when, say, an employee leaves our central system to open a page in a web browser,” Sanjay Srivastava, Genpact's chief digital officer, told
For example, if one of the steps in a particular process involves looking at a pricing page. If an item has an average cost of a certain amount, an employee needs to complete that task before deciding what the next step will be. The action of seeing something on the screen is difficult to capture digitally, explains the article's author.
In this sense, computer vision can make a difference. By using cameras on employee workstations, the technology can track where that employee is looking. Even so, "it has to be done with the consent of the people," commented Srivastava.
In practice, Genpact's automated system would perform something called “process mining,” which is nothing more than an AI that will collect all actions related to a process, identify them and link them to a workflow.
Thus, Genpact can monitor and troubleshoot this flow or adjust it according to continuous feedback from employees or customers.

Scripts generated by Artificial Intelligence
The second example is from UST, a digital transformation consultancy using AI to automate complex tasks in digitizing processes. And all this with unsupervised learning - which uses algorithms to find patterns in data without tag (classification).
According to Adnan Masood, chief architect of AI and Machine Learning at UST, this learning is a patented technology in an interview with Korolov. When algorithms discover patterns, they connect any individual task—but related—to the entire process.
The article's author returns to the example of the site where an employee needs to research a price. An automated system can identify that this task is being performed (search for an item), but duplicating this action is complicated because the pages will be updated every moment.
Massod explains that to reduce this bottleneck, "we vectorized the inputs and used Deep Learning to identify what an input is." Thus, the AI can extract the data automatically whenever an employee accesses this site.
The advantage is that a developer does not need to create a manual script for this task (collect the employee's data), allowing Artificial Intelligence to improve over time – the so-called reinforcement learning.
Of course, the challenge of AI-generated scripts is the environments that store the data. For example, if you're on legacy systems, you need to consider regulatory issues and cybersecurity, Masood said.
This will also require an initial setup to group this data, and with that, the AI ​​will begin analyzing the workflows.


Artificial Intelligence: 4 sectors that are mature with technology

Artificial Intelligence Market is expected to close the year 2021 at US$ 327.5 billion. In Brazil, health, agriculture, industry, and human resources are ahead of other sectors in the use of AI.

Expectations for Artificial Intelligence (AI) are optimistic: an analysis by IDC consultancy showed that, for 2021, world revenues for this market (including software, hardware, and services) should close at US$ 327.5 billion - a growth of 16 .4% compared to the previous year.
"The pandemic has pushed AI to the top of the corporate agenda, strengthening business resilience and relevance," said Ritu Jyoti, vice president of IDC's AI research program, on IDC's own website.
With advances in Machine Learning and computer vision, the executive said AI had enabled companies to transform customer and employee experiences. That's because technology allows you to create converged business models and streamline processes.
Speaking specifically of Brazil, 4 sectors are at the forefront of innovation with Artificial Intelligence. According to a publication on the Whom website, they are health, agriculture, industry, and human resources.
Check below for a summary of how these 4 sectors in Brazil have invested in Artificial Intelligence.

1. Health
A KPMG report, cited by Whom! highlights that there are already 60 Brazilian startups focused on developing solutions for the healthcare sector. Some use cases involving AI are the early diagnosis of diseases and the development of medicines capable of killing superbugs.
Onkos, an example brought by Whom! is a startup that created a solution to help patients' uncertain diagnoses.
Recently, a partnership between FAPESP and the Ministry of Science, Technology, and Innovation (MCTI) and announced the creation of six Artificial Intelligence Centers — some of them will focus on developing solutions for health.

2. Agriculture
Agriculture is the sector responsible for 25% of the Brazilian Gross Domestic Product (GDP), and Artificial Intelligence is a relevant tool in providing insights based on the collected data.
Even more so when, in the field, the farmer or producer has connected devices – ranging from machinery to smartphones. This ecosystem helps determine the right time to harvest or identify the type of pest that affects a crop.

3. Industry
Artificial Intelligence in Industry 4.0 helps automate various processes and brings agility in decision making. This is because the technology is generally embedded in software and hardware of the Internet of Things (IoT), cloud computing, and Edge Computing.

4. Human Resources
In this regard, AI can have two distinct use cases: the first is to help technology recruit potential professionals for a company. This is the case of Job Cam, a digital recruitment company.
According to Whom! the company has a 100% digital process in which the AI creates a sort of ranking, bringing together the professionals who are most in line with the principles sought by the tool's contractors.
The second use case is to improve the experience of employees, something that Pin People does. The company uses AI to monitor and cross-reference its teams' data. In this way, it is possible to develop actions to improve the climate during working hours and even productivity.


How Native Cloud Adoption Can Transform How Companies Defend Themselves

Organizations looking for native applications in the cloud must devise new security strategies thinking about the decentralization of operations.

Since 2020, there has been an increase in adopting native cloud applications (such as Software as a Service – SaaS) and other cloud solutions by companies. However, greater use of these technologies will require new ways of thinking about security in a post-pandemic future.

An InformationWeek article, published by Joao-Pierre S. Ruth, senior writer for the site, highlights that new security scenarios will be thought out going forward. And much is due to the continuity of remote work and the decentralization of operations.
Since many companies adopted the home office, the need to protect the employees' endpoints and the urgency to control the access hierarchy became evident – which did not always happen.
“The pandemic has forced us to look around and realize that we haven't been able to capture the events in their entirety,” Guy Podjarny, CEO and co-founder of Snyk, the company that created an open-source security platform, told InformationWeek.
Snyk recently released the “State of Cloud-Native Application Security” report, highlighting how cloud-native adoption transforms how a company defends against cyber threats.
Like it or not, many organizations have sought to develop their applications already in the cloud or hire them from providers that work in this model. However, this strategy will only be successful if new versions of these platforms are delivered quickly and efficiently.
And that doesn't mean forgoing security: as the Synk report shows, 99% of respondents recognized that security is an important element in a native cloud strategy.

The challenge of adopting native cloud apps
The pandemic has caused many companies to adopt cloud applications to access files on a network, make video calls and touch the demands of everyday life. It was an impetus for a digital transformation.
In Podjarny's opinion, the security needs arising during the pandemic will be maintained in the future – when companies will decide whether to follow the remote operation or return partially or fully to the office.
Regardless of which option the company chooses, the IT team's challenge will be to continue visibility of what happens wherever employees and leaders come to work.
But threats are everywhere.
Perhaps the greatest difficulty for an IT team to work remotely is to have a holistic view of what everyone is doing. Snyk asked CIOs about incidents that occurred while producing a native cloud application.
The two main types of incidents were “misconfiguration” (45%) and “known vulnerabilities that have not been fixed” (38%). The understanding that there is a possibility of data leakage has made companies change their posture regarding security.
Although many companies are still defining security best practices when putting a native application in the cloud into operation, they are 4 times more likely to be concerned about security at all stages of the project; the research points out.
Among the reasons that may raise a concern about possible incidents are:
Configuration error (58%);
unsafe APIs (52%);
Known and uncorrected vulnerabilities (43%);
Secret leaks (41%);
Malware (23%).
"Data leaks by employees are more than twice as likely to occur in organizations with high levels of native cloud adoption"
– State of Cloud Native Application Security

What can be done to minimize security incidents?
Snyk's report suggests two options for companies investing in native cloud applications: the first is to enforce a zero-trust policy, especially in cloud environments where all processes are automated. The second is to create an automation pipeline in a cloud-native application project. This makes it possible to scale security controls, such as adopting security testing throughout the lifecycle of developing a solution.
Automation believes Jim Brennan, director of products at BetterCloud, a SaaS management company (and heard by the InformationWeek report), is a way to have more visibility into everything that flows through native cloud applications, even more so when these platforms bring high flexibility and availability for an entire company.
Added to automation is the quest to make employees aware of a certain technology — and not block it after an episode. 

© Copyright 2021 KW Development LLC. All Rights Reserved.

This web page was built with Mobirise