Futurum Tech Webcast

In this video vignette from a recent episode of the Futurum Tech Webcast, I'm joined by my colleague here at Futurum Steven Dickens for a conversation around IBM's hybrid cloud ambitions, which are clearly the driver behind IBM's latest announced acquisition, this time of BoxBoat, and the company's preparation for a post-Kyndryl spinoff. BoxBoat, while small, is known as an enterprise Kubernetes certified service provider and premier DevOps consultancy. The company has customers in finance, government, ecommerce, online publishing, and higher ed. Once the acquisition is complete, it is expected the business will be slotted into IBM's Global Business Services' Hybrid Cloud business. During the course of our conversation, we discussed IBM's focus on significantly expanding the company's multi-cloud transformation, management expertise, and hybrid cloud capabilities, as well as the critical (and profitable) role that services plays in all things digital transformation these days. Obviously, no project centered on cloud modernization can succeed without a containerization strategy and a cloud architecture that allows them to operate across both public and private clouds. Steven shared insights on IBM's pivot to hybrid cloud, the repackaging of IBM software into Cloud Paks, IBM Cloud Satellite, and of course the spinoff of Kyndryl. Of particular interest and focus was the expansion of IBM's Global Business Services, how this acquisition complements the company's hybrid cloud strategy — and IBM's services business — especially in a post-Kyndryl spinoff world.

For this episode of the Futurum Tech Webcast I am joined by my colleague, fellow analyst and our VP of business development, Steven Dickens, for a conversation about happenings this week in the tech world. In this episode, we covered: The leadership change at IBM this past week, with widely presumed heir apparent President Jim Whitehurst stepping down, clearly cementing IBM's CEO and board chair Arvind Krishna's position. The other material changes at IBM, with new leadership and direction in marketing, new leadership in IT, changes ahead with the Kyndryl spinoff and thoughts from Steven (a former IBMer) on what's ahead. BMC Software announcements centered on new capabilities related to security, the Open Mainframe and the newly announced Workflow WiZard tool, and the importance of (and role that) mainframe transformation is to organizations' success with digital transformation. IBM's acquisition of BoxBoat and how that's a clear indicator of the company's focus on hybrid cloud services being key to its future success.

On this special episode of the Futurum Tech Podcast – Interview Series I am joined by David Dobson, Global Industry Director Retail, Hospitality, & Consumer Goods at Intel and John Buckley, Consumer Products Industry Advisor for SAP. This is the second episode in a new series — done in partnership with SAP and Intel — where I will be speaking with advisors and executives across seven different industries on the state of their industry and how SAP Industry Cloud powered by Intel technology plays a vital role in the future. The Future of the Consumer Products Industry In our conversation we discussed the following: The top areas CPG companies must be focused on to win 2021 Some of the biggest obstacles companies are facing today that could impact 2022 How consumer products companies are leveraging technology in new ways What the future of the industry looks like for the next 3 to 5 years. The consumer products industry has experienced huge shifts in the last decade thanks to the recession, the rise of eCommerce and the global events of 2020. My conversation with David and John explores these changes and a little bit more. It's definitely one you don't want to miss. If you'd like to learn more about the industry cloud and the Intelligent Enterprise strategy, be sure to check out our research brief: Transforming to an Intelligent Enterprise is Table Stakes for the Consumer Products Industry. Disclaimer: This show is for information and entertainment purposes only. While we will discuss publicly traded companies on this show, the contents of this show should not be taken as investment advice.

On this episode of the Futurum Tech Podcast – Interview Series I am joined by Tom Madonna, an Industry Advisor for the Automotive Industry at SAP. This is the first episode in a new series — done in partnership with SAP — where I will be speaking with advisors and executives across seven different industries on the state of their industry and how SAP Industry Cloud plays a vital role in the future. The Future of the Automotive Industry In our conversation we discussed the following: A look back on 2020 in the automotive industry A highlight of the changes retailers and dealers have dealt with recently How customer ownership changes are impacting dealers and OEMs An overview of the state of service Why the SAP Industry Cloud is a gamechanger for the automotive industry The automotive industry is experiencing one of the biggest transformations in recent years. My conversation with Tom explores these changes and a little bit more. It's definitely one you don't want to miss. If you'd like to learn more about the industry cloud and the Intelligent Enterprise strategy, be sure to check out our research brief: Adopting the Intelligent Enterprise is Table Stakes for the Automotive Industry. Disclaimer: This show is for information and entertainment purposes only. While we will discuss publicly traded companies on this show, the contents of this show should not be taken as investment advice.

On this episode of the Futurum Tech Podcast – Interview Series I am joined by Caroline Chan, Vice President, Data Platforms Group and General Manager, Network Business Incubator Division. She is responsible for driving advanced technology solutions that are enabled and accelerated by 5G capabilities. We had an exciting conversation about the key announcements made during Mobile World Congress 2021 including looking into Private 5G Networks. Intel's Private 5G Networks In our conversation we discussed the following: A primer on the rise of private networks A highlight of the work down through 5G Open Innovation Lab What Intel's announcements mean for the market An overview of TIP's 5G Private Network Group An overview of how Intel's overall, end-to-end 5G strategy evolving Intel has made some big announcements this week. If you'd like to learn more about each one check out their websiteor listen to the full episode below. Don't forget to subscribe so you never miss an episode. Disclaimer: This show is for information and entertainment purposes only. While we will discuss publicly traded companies on this show, the contents of this show should not be taken as investment advice.

In this episode of the Futurum Tech Webcast, Cybersecurity Shorts series, I'm joined by my colleague and fellow analyst Fred McClimans, for a conversation about the goings on in the world of cybersecurity. Our conversation covered: Storage drive maker Western Digital tells owners of its WD My Book Live and My Book Live Duo to disconnect from the internet immediately. What's the responsibility of a brand who stops support equipment still in use in the instance of a hack? What are the ramifications for users and what kind of loss are we talking about? Antivirus software maker John McAfee, a pioneer in many ways and a rebel in many others, took his life while awaiting extradition in a Spanish prison. Our conversation touched on some of McAfee's accomplishments and how he ended up in jail. The DOE has requested some $201 million earmarked for cybersecurity in its 2022 budget request. This joins requests by the Biden administration for $9.8 billion for federal civilian cybersecurity and $10.4 billion requested by the Pentagon. Senators draft bill that would require the reporting of cyber breaches specific to vendors of the Federal government within 24 hours. And we wrapped up our show talking about some new malware to be on the lookout for and a ransomware note: VMware bug in the Carbon Black App Control (AppC) management server, and another high-risk bug in VMware Tools, VMware Remote Console for Windows, and VMware App Volumes products. LV ransomware appears to have the same code structure as REvil, which could indicate the the code was either sold or shared by another threat actor group.

On this episode of the Futurum Tech Podcast – Interview Series I am joined by Durga Malladi, Senior Vice President and General Manager, 5G, Mobile Broadband and Infrastructure for Qualcomm Technologies, Inc. for an exciting conversation about the key announcements made during Mobile World Congress 2021. Qualcomm's Key Announcements at MWC 2021 In our conversation we discussed the following: A quick recap of MWC 2021 so far An exploration of the innovation we see happening in mobility and connectivity What Qualcomm's announcements around small cells mean for the market and for Qualcomm An overview of 5G Accelerator Card How 5G Accelerator Card will enable faster 5G deployments Qualcomm has made some big announcements this week. If you'd like to learn more about each one check out their website and press releases or listen to the full episode below. Don't forget to subscribe so you never miss an episode. Disclaimer: This show is for information and entertainment purposes only. While we will discuss publicly traded companies on this show, the contents of this show should not be taken as investment advice.

In this episode of the Futurum Tech Webcast, my colleague Olivier Blanchard and I engage in a drill-down conversation around the five new antitrust bills congress brought forward last week aimed at Big Tech, and what the likely ramifications are for reach. Our discussion examined: The Ending Platform Monopolies Act which proposes that Congress can have the ability to break up a company "when the covered platform's ownership or control of that line of business gives rise to an irreconcilable conflict of interest." This would apply to Facebook, Google, Apple, and Amazon just to name a few. The Platform Anti-Monopoly Act which is aimed at companies with over $600bn in annual revenue and 500,000 Monthly Active Users (MAU) and would prevent these companies from prioritizing their own products in the market. The Augmenting Compatibility and Competition by Enabling Service Switching Act of 2021 (also known as The ACCESS Act of 2021) which would target data sharing practices. The Merger Filing Fee modernization Act of 2021 which would add more support and resources to the FTC and the antitrust division of the DOJ. The Platform Competition and Opportunity Act which would increase the difficulty for Big Tech companies to acquire other companies. For a deeper understanding of each proposed bill check out Olivier Blanchard's breakdown here: The Problem With Congress's 5 New Antitrust Bills Aimed At Reining In U.S. Big Tech Disclaimer: This show is for information and entertainment purposes only. While we will discuss publicly traded companies on this show, the contents of this show should not be taken as investment advice.

In this episode of the Futurum Tech Webcast, Futurum's Shelly Kramer and Shelly Steven webcast cover announcements of note coming out of HPE's HPE Discover event held this past week. Their conversation included analysis and insights about: HPE's announcement of the company's vertical optimization of its GreenLake cloud services, which are primarily focused on Financial Services, Healthcare, and Telecommunications. Key focal points of their conversation centered around the value of scalable solutions that can easily support business growth, and a shift to pay per subscriber and pay per use models, as well as the increasing importance of hybrid cloud solutions in the marketplace. The selection by Salomon Group, a French sports equipment manufacturer, of HPE GreenLake as a solution to not only modernize its IT infrastructure and drive business agility and resilience, but also as a step toward helping the company attain its impressive corporate sustainability goals in carbon emissions reductions. We also discussed the rise of environmental, social and corporate governance and how we see this as a competitive business advantage, for vendors who provide solutions to organizations who embrace ESG, moving forward. HPE's launch of Project Aurora, its new zero-trust offering as a part of the GreenLake hybrid cloud platform, which we can expect to see later in 2021. Project Aurora will focus on helping enterprises address security from edge to cloud. HPE's acquisition of Determined AI, which we see as a solid move by HPE to enhance its own HPC and AI capabilities, and speed ML training capabilities. The need to be able to quickly and easily train ML models to provide faster and more accurate insights is going to continue to increase and an incredibly rapid pace. Strategic acquisitions of this kind on the part of HPE add incremental value to its portfolio of offerings and, to our way of thinking, make perfect sense. Note that all of the content from HPE Discover is available on demand, and these were but a few of the announcements that we wanted to highlight. You'll find access to the full event here. Last but not least, if you've not yet subscribed to the Futurum YouTube and Futurum Tech Podcast in those channels, take a moment and do that. You won't be disappointed.

On this episode of the Futurum Tech Podcast – Interview Series I am joined by Chris Eidler, Vice President and GM of HPE GreenLake Lighthouse and Flynn Maloy, Vice President for HPE GreenLake Cloud Services Marketing for an exciting conversation about some of the announcements made during HPE Discover. HPE Discover took place June 22-24, featuring three jam-packed days full of insights and announcements from HPE and their partners. If you want to learn more about the event. Check out the website. Introducing HPE GreenLake Lighthouse In our conversation we discussed the following: A quick recap of HPE Discover An exploration of the trends accelerating on-prem cloud adoption A look at how the acceleration is impacting HPE GreenLake An overview of the new product offering HPE GreenLake Lighthouse Where Lighthouse fits into the overall company strategy and some use case examples Lighthouse is a purpose-built cloud platform that is designed to run cloud-native applications across the organization in the hopes of maximizing performance. If you'd like to learn more about HPE GreenLake Lighthouse, check out HPE's website. And while you're at it be sure to hit the subscribe button so you never miss an episode of the podcast.

On this episode of the Futurum Tech Podcast – Interview Series I am joined by Ian Pratt, Global Head of Security, Personal Systems for HP, Inc. He leads the business unit responsible for creating the endpoint security solutions that are deployed on millions of machines across the globe. Our discussion centered on the critical nature of endpoint security in today's business world and some exciting new announcements as well. New Breed of Endpoint Security My conversation with Ian also revolved around the following: Why we need a greater visibility into cybersecurity and endpoint security An exploration into the impact of the shift to work from home had on endpoint security A highlight of HP's current security positioning An overview of their new security product HP Wolf Security A brief look at the future of endpoint security HP Wolf Security is a comprehensive solution that works for business and homes alike. If you'd like to learn more about the offerings, be sure to check out their website. And while you're at it be sure to hit the subscribe button so you never miss an episode of the podcast. Disclaimer: This show is for information and entertainment purposes only. While we will discuss publicly traded companies on this show, the contents of this show should not be taken as investment advice.

On this special episode of the Futurum Tech Podcast – Interview Series I am joined by guests from Qualcomm, UScellular and Nokia to discuss big news with 5G millimeter wave. My guests include: Narothum Saxena, Vice President of Technology, Strategy and Architecture for UScellular; Randy Cox, Head of Product Management, Small Cells and 5G mmWave at Nokia; Gautum Sheoran, Senior Director of Product Management at Qualcomm. Our discussion centered on the exciting extended-range 5G world record over mmWave. This impressive achievement means that we are just one step closer to bringing 5G service to more areas across networks in the US. Qualcomm, Nokia and UScellular's Extended Range 5G World Record My conversation with Narothen, Randy, and Gautum also revolved around the following: Details about the extended-range 5G world record Why this is a big deal in the US and what we can likely expect from carriers An overview of the applications that will benefit from the continued development of extended-range mmWave The market opportunity this news creates as well as future deployment plans. This milestone will likely be a key stepping stone for ensuring better broadband connectivity in all parts of the US and eventually the world. It will be exciting to see where this takes us. You can read more about the world record here. Disclaimer: This show is for information and entertainment purposes only. While we will discuss publicly traded companies on this show, the contents of this show should not be taken as investment advice.

On this episode of the Futurum Tech Podcast – Interview Series I am joined by Esam Elashmawi, Chief Marketing and Strategy Officer for Lattice Semiconductor. Lattice is a leader in building small, powerful, efficient FPGAs that are used across all end markets and critical infrastructure. Our discussion centered on their recent Investor Day and the impressive announcements that are defining the future of the company. Lattice Semiconductor's Investor Day My conversation with Esam also revolved around the following: The promises Lattice made in 2019 and everything that the accomplished in that two year span A quick look into the quarterly growth the company is seeing A teaser of a new product launch coming this June A recap of the announcements that were made including Avant Lattice Semiconductor has had an impressive growth in the last two years and after their Investor Day it's clear they have no signs of slowing down. If you'd like to learn more about their products or more about the company, be sure to check out their website. And while you're at it be sure to hit the subscribe button so you never miss an episode of the podcast. Disclaimer: This show is for information and entertainment purposes only. While we will discuss publicly traded companies on this show, the contents of this show should not be taken as investment advice.

Futurum's Fred McClimans and Ron Westfall analyze the ongoing crisis in the global semiconductor supply chain and its impact across key industries such as the automotive, telecommunications, and medical equipment verticals. They discussed the reasons for the constraints in the chip supply and what actions the U.S. government is taking in response to the crisis. Plus, they address the moves being made by the major semiconductor supplies to stabilize long-term supply chains and the challenges involved in building out new foundries.

Futurum's Ron Westfall and Shelly Kramer examine the value assigned by CSP decision makers to cloud design principles in fulfilling their cloud BSS journey goals. We discussed the top three cloud design principles and how each of the principles are integral to advancing CSP BSS-to-cloud journeys.

We discuss key takeaways from our recent survey and research report, 'The BSS-to-cloud journey: Powering innovation across the digital value chain" done in partnership with Ericsson. We discussed the strategic commitment of CSPs to a multi-cloud strategy, the competitive advantages that each of the major cloud providers offer, and which cloud design principles are CSPs identifying as the most important. Plus, we address the AWS announcement that extends its long-term partnership with Ericsson by certifying Ericsson's Telecom BSS on AWS and why it is a high impact move across the telco industry. Download the report today: report The BSS-to-cloud journey: Powering innovation across the digital value chain.

Colonial Pipeline rapidly paid ransomware provider DarkSide $5 billion Bitcoin to unlock and restore its IT systems, but this ransomware attack exposed a glaring weakness in critical infrastructure security: the IT/OT issue. Futurum is an independent research, analysis, and advisory firm focused on digital innovation, market-disrupting technologies, and industry trends. Every day our analysts, researchers, and advisors help business leaders from around the world anticipate tectonic shifts in their industries and leverage disruptive innovation to either gain or maintain a competitive advantage in their markets. Get the latest tech news and opinions on: http://wwwfuturumresearch.com/ Follow Futurum Research on Facebook: https://www.facebook.com/futurumxyz Follow Futurum Research on Twitter: https://twitter.com/FuturumResearch Follow Futurum Research on Instagram: https://www.instagram.com/futurumresearch

The US Department of Justice recently revealed it had completed an operation, authorized under a court order, where the FBI electronically accessed privately-owned Microsoft Exchange servers to fix vulnerabilities exploited by Hafnium, a suspected state-sponsored group operating out of China. Futurum is an independent research, analysis, and advisory firm focused on digital innovation, market-disrupting technologies, and industry trends. Every day our analysts, researchers, and advisors help business leaders from around the world anticipate tectonic shifts in their industries and leverage disruptive innovation to either gain or maintain a competitive advantage in their markets. Get the latest tech news and opinions on: http://wwwfuturumresearch.com/ Follow Futurum Research on Facebook: https://www.facebook.com/futurumxyz Follow Futurum Research on Twitter: https://twitter.com/FuturumResearch Follow Futurum Research on Instagram: https://www.instagram.com/futurumresearch

There has been yet another DarkSide attack, this time on a subsidiary of Toshiba's European operations. The company reported that as a result of the attack, they shut down network connections between Europe and Japan to mitigate potential risk as the hack is being investigated, and the scope of the cyberattack is not yet known. Futurum is an independent research, analysis, and advisory firm focused on digital innovation, market-disrupting technologies, and industry trends. Every day our analysts, researchers, and advisors help business leaders from around the world anticipate tectonic shifts in their industries and leverage disruptive innovation to either gain or maintain a competitive advantage in their markets. Get the latest tech news and opinions on: http://wwwfuturumresearch.com/ Follow Futurum Research on Facebook: https://www.facebook.com/futurumxyz Follow Futurum Research on Twitter: https://twitter.com/FuturumResearch Follow Futurum Research on Instagram: https://www.instagram.com/futurumresearch

The News: Reuters reported on May 13, 2020 that Ireland's health service announced it was completely shutting down all IT after experiencing a "significant" ransomware attack. This attack was blamed on threat actors targeting healthcare records. This attack has completely shut down COVID-19 testing, has forced hospitals to cancel not urgent appointments, and shut down diagnostic services. More from Reuters. Ireland's Health System Victim of Ransomware Attack, Completely Shuts Down Analyst Take: Ireland's Health Service system made the decision to shut down all IT systems to protect from the attack and also to allow the thorough assessment of the extent of the damage. In what is a 'zero day' attack, meaning the software maker has zero days to be aware of and remedy a problem, threat actors exploited a previously unknown software vulnerability. The attack targeted computers storing patient records. HSE reported that patient data hadn't been compromised and that equipment was operating as needed, except for radiography services. The hospital quickly made the switch to paper records, but as of the initial reporting hospitals shared they were unable to access lists of patients scheduled for appointments in the coming week and operations might continue to be limited and/or in some instances shut down. Hospitals all over the country are affected by this ransomware attack, including a hospital in Dublin that was reported limiting admissions to pregnant women who are at least 36 weeks pregnant and emergency cases only. This on the heels of the attack on Belgium last week shows that cyber threats are everywhere.

The News: The Biden administration signed an executive order on Wednesday, May 12, 2020 aimed at hardening the Federal government's cybersecurity cybersecurity defenses following the Colonial Pipeline hack. More at CNBC. Biden Administration Signs Executive Order Aimed at Hardening Fed Cybersecurity Defenses Analyst Take: The executive order signed by President Biden directs the Commerce Department to create new standards for software vendors supplying the federal government. While this executive order immediately followed the Colonial Pipeline ransomware attack and the fallout from that, no doubt the recent SolarWinds attack, along with the Microsoft Exchange server attacks play a role in the government stepping in. The Executive Order addresses the fact that the incremental improvements that have heretofore been made along the way are not effective at providing the security the Federal government needs and that "bold changes and significant investments" are needed to defend the many institutions that are a necessary part of American life. It finally seems clear that cybersecurity is and must be a top priority for the Federal government and, more importantly, that the Feds intend to lead by example as it relates to standards and requirements. Under the executive order, the standard for software vendors supplying to the federal government will essentially be a rating system that mandates multi-factor user verification to new technology, and also requires added encryption. Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency (CISA) remarked on this in a podcast on CBS this last week saying that this action by Biden is a "dramatic game change" and showed a commitment by the administration of prioritizing cybersecurity concerns. He also mentioned that establishing these kinds of standards will have a "cascading effect" for products sold to others, not only impacting government entities. Now is a great time to be in the business of selling solutions that provide enhanced security, like IBM's Confidential Computing and AWS's Nitro Enclave, both of which we've written about before here. This order establishes a Cybersecurity Safety Review Board that is modeled after the National Transportation Safety Board and which includes members from both private and public sectors. Equally as important, it also clearly shows the administration's intent to move the federal government to cloud systems that are more secure. My colleague Fred McClimans and I covered this Executive Order in our Cybersecurity Shorts series of the Futurum Tech Webcast this last week. You'll find our discussion on that topic here: You can find the full text of the Executive Order on Improving the Nation's Cybersecurity here.

In this episode of the Futurum Tech Webcast, Cybersecurity Shorts series, my colleague Fred McClimans and I cover major happenings in the world of cybersecurity over the course of the past week. Our discussion centered on: The Colonial Pipeline cyberattack and the targeting by threat actor DarkSide of the IT system housing Colonial's corporate and business data. This is a prime example of how targeting the weakest link can take down the whole system. DarkSide's Ransomware-as-a-Service offering and why that's so attractive for the hacker community. The surprise shut down of DarkSide's servers, which caused the group to lose access to its blog, payment processing capability, and denial of service (DoS) operations. The Biden Administration signing of a new executive order aimed at strengthening the Federal government's cybersecurity defenses. The FBI's court-ordered effort to disrupt exploitation from Microsoft Exchange Servers.

The News: Enterprise Password manager Passwordstate, an Australian-based enterprise password management app offered by Click Studios alerted customers late last week of a breach that the company said occurred between April 20 and 22nd. Read the advisory from Click Studios here. Enterprise Password Manager Passwordstate Hacked in Supply Chain Attack Analyst Take: The compromise of Click Studios' enterprise password manager Passwordstate involved an automatically delivered in-place upgrade delivered to customers between April 20 and April 22. Hackers inserted a malicious file alongside regular Passwordstate updates, which made its way, largely by way of automatic, in-place updates, onto Passwordstate users's computers. When customers performed the updates over the course of a two-day period, a potentially malicious fie was downloaded, which then set off a process that extracted a bunch of information. This included all data stored in Passwordstate (think URLs, usernames and passwords), and also included information about the computer system itself. Supply Chain Dangers and Why Your Password Management App is Targeted How does a password management app get breached? It's not as rare as you might think, and Passwordstate isn't the first password manage to be breached. While password managers can be an important tool for requiring that different passwords are employed by users, they also a represent danger because they can be a single point of failure, especially for enterprise users. What's the possible damage? Passwordstate's parent, Click Studios, claims a Fortune 500 customer base of 370,000 security and IT pros, and a smaller customer base of 29,000. Since IT pros manage credentials across the organization for devices and services, it's impossible to know at this point what the damage is, even though the breach is claimed to have occurred only during a little more than a 24-hour period. This is an example of risk at the supply chain level. You can have all the best security practices and procedures at the enterprise level, but have a vendor that you rely on for something like password management services and just like that, you're in trouble. And this is exactly why threat actors target various players in the supply chain. My colleague Fred McClimans and I covered the Passwordstate breach as part of our Cybersecurity Shorts edition of the Futurum Tech Webcast this last week.

The News: A joint advisory was published on Friday, May 7, 2021 by the Cybersecurity & Infrastructure Security Agency (CISA) and the UK's National Cyber Security Centre, the FBI, and the NSA focused on Russian Foreign Intelligence Service (SVR) and their tactics, techniques and procedures used to target victims. These reports focus on threats posted by APT29, how its methods have evolved, and provides best practices to defend against the threat actor. Read the Joint Advisory here. The US/UK Governments Issue Cybersecurity Advisory on Russian Threat Actor Activity Analyst Take: This past Friday was a big day for cybersecurity advisories related to Russian Foreign Service (SVR) threat actors. The threat group APT29 has been attributed to Russia's SVR and have operated since about 2008, largely targeting government networks in Europe and NATO member countries, research institutes, and think tanks. APT29 is also known by the names Dark Halo, StellarParticle, NOBELLIUM, UNC2452, YTTRIUM, The Dukes, Cozy Bear, and Cozy Duke. In the recently issued joint advisory, the US and UK governments outlined tactics and techniques that the Russians are using in their hacking efforts and outlined how they are targeting their victims. In an earlier alert issued the week prior, SVR operations were outlined, along with trends and some recommended best practices for network defenders. These reports also provide more details on the SolarWinds attack spearheaded by those same Russian SVR threat actors. The SolarWinds attack saw malicious updates from compromised SolarWinds systems breaching hundreds of organizations – and we don't yet know the full scope of the damage. Last year we also saw that same SVR group targeting vaccine R&D operations, which involved malware tracked as WellMesshttps://us-cert.cisa.gov/ncas/analysis-reports/ar20-198c and WellMail. What caught my eye here and what is highlighted in the report is that threat actors embrace best practices for digital transformation. They are agile and adaptable. Once they are detected, they pivot. For instance, once the WellMess/WellMail breach was detected, APT29 pivoted. And this pivot was a really pretty brilliant. The threat actors began using Sliver, which is a security testing tool developed by Bishop Fox, an offensive security assessment firm. Sliver is a legitimate tool used for adversary simulation. This new report focuses on helping threat hunters detect Sliver, but here's the rub: just because it's detected doesn't necessarily mean it's malicious. Have a headache yet? I do. My colleague Fred McClimans and I covered this jointly issued report in our Cybersecurity Shorts series on the Futurum Tech Webcast this past week. Threat Actors Make It Their Job to Know When Servers Are Vulnerable The newly published warning report said that threat actors are actively scanning the internet for vulnerable servers, including vulnerabilities affecting VMware's vCenter Server product and Microsoft Exchange servers, which have already been exploited by many. There are five vulnerabilities the government warns that need immediate attention in addition to the newest Microsoft Exchange Server updates just made available in mid-April. These five are: CVE-2018-13379 Fortinet FortiGate VPN CVE-2019-9670 Synacor Zimbra Collaboration Suite (advisory here) CVE-2019-11510 Pulse Secure Pulse Connect Secure VPN CVE-2019-19781 Citrix Application Delivery Controller and Gateway CVE-2020-4006 VMware Workspace ONE Access A final note that organizations have been slow to apply the available fixes, leaving organizations massively at risk. Access the full Joint NCSC-CISA-FBI-NSA Cybersecurity Advisory on Russian CyberSecurity here: Advisory: Further TTPs Associated with SVR Cyber Actors The government also released Fact Sheet: Russian SVR Activities Related to SolarWinds Compromise that they recommend all security personnel familiarize themselves with.

The News: Peloton's leaky API, which exposed private user data, was in the news alongside some other not-so-great news for the fitness brand this last week. The leaky API was first reported by Tech Crunch's Zach Whittaker, and you can read his story here. Analyst Take: It has most definitely not been a great few weeks for Peloton. With the recall of all Peloton Tread and Tread+ treadmills after the death of a child and some 70+ injuries after the brand first tried to shake off the concerns of the CPSC, and then later admitting it was wrong, Peloton was already in the spotlight. Adding to the Tread disaster is the that the Peloton API is leaking private customer data and it made a bad period for the brand reputation overall. Regarding concerns about the Peloton API, this is an important user data privacy issue. Peloton has a community of some 3 million plus members. When setting themselves up in the Peloton system, members can choose to keep their profiles private or make them public, so that their friends can see their stats, workouts, etc. User profiles also include things like height, weight, age, gender, you know …. personal details. Many users, myself included, prefer to have a private profile. That means you still enter in that information, but you keep your settings private, not public. Easy, right? Except when it doesn't work. The Peloton API vulnerability was disclosed by Jim Masters, a researcher at Pen Test Partners, a security consulting company and the bug allowed anyone to pull users' private information directly from Peloton's servers, even if a profile is set to private. Pen Test reported that the Peloton APIs required no authentication and that the information was simply available for anyone who went looking. This information included things I. mentioned earlier: User IDs, Instructor IDs, Group Membership, Workout Stats, Gender and Age, Height, Weight, and city where the user is located. Pen Test Partners published an article last week stating that they reported the issue to Peloton in January and provided a 90-day deadline to fix the bug. Pretty common operating procedure. Masters got a confirmation from the company that the notice was received. Two weeks later, Pen Test noticed that Peloton executed what they observed was a partial fix and said nothing about it. This partial fix meant fixing the API so that the data was no longer available to anyone, but instead only to anyone with a Peloton account. What? Pen Test Partners tried hard to connect with Peloton about this and were soundly ignored. It was only when Zach Whittaker, writing about the leak for Tech Crunch asked about it that the company decided it was probably a good idea to do something. Jim Masters published a blog post on this issue that he updated on May 5th following a conversation with Peloton's new CISO who advised the vulnerabilities were mostly fixed within seven days. My colleague Fred McClimans and I covered the leaky Peloton API as part of our Cybersecurity Shorts series of the Futurum Tech Webcast. There's more to the conversation, so check it out.

In this episode of the Futurum Cybersecurity Shorts series, I'm again joined by my colleague and fellow analyst, Fred McClimans for a conversation on cybersecurity issues in six quick vignettes. Today, we covered: Google's rollout of mandatory 2FA The targeting of Passwordstate, an Australian-based enterprise password management app, by hackers The discovery of over 40 apps with more than 100 million installs between the found leaking API keys Peloton's leaky API and what that means for user data privacy The massive DDoS attack targeting Belgian ISP Belnet, and the impact of that attack on the government, public, science, and education agencies, including the Belgium Parliament and some law enforcement agencies.

Findings from Syhunt, an application security assessment firm that helps organizations actively guard their mobile and web apps, reported recently on the biggest known compilation of password leaks by a hacker on an internet form. The 100GB data set, called COMB21 (a/k/a Compilation of Many Breaches) was published on an online forum on February 2, 2021 and the ties to government emails are, at best, alarming. Online cybercrime forums are where hackers post passwords, links, and other information related to data breaches, and the COMB21 data set is one gigantic data set. This particular data set is the result of data pulled together from a variety of sources and comes from leaks and breaches of a variety of organizations (and government entities) over a fairly significant period of time. The potential impact is — significant. For starters, there were some 3.2 billion passwords from 2.18 million unique emails and 26 million email domains in the COMB21 data. This includes some 1.5 million world government emails and 625,000-ish U.S. government passwords. Gets your attention, doesn't it? In its coverage of this breach, Syhunt pointed out the danger of deep learning tools being applied to the COMB leak, which increases the risk exponentially. Bottom line, 100 gigs of 3.2 billion leaked passwords, leading directly to government entities across the world is about as serious as it gets.

It was reported last week that at least two groups of hackers linked to China have spent months taking advantage of a flaw in Ivanti's Pulse Connect Secure VPN suite to break into what was defined as a 'very limited number' of customers' systems — but which included at least five federal civilian agencies and financial institutions in the U.S. and beyond. Hackers were able to break into the devices as they were being used. More from Reuters. Hackers suspected to be linked to China have exploited vulnerabilities in Ivanti's Pulse Connect Secure VPN products targeting multiple government agencies, defense companies, and financial institutions in the U.S. and Europe. Cybersecurity company FireEye, (who also discovered and reported the recent SolarWinds hack) reported tracking 12 malware families associated with the exploitation of Pulse Connect Secure VPN devices. All of this malware was related to circumvention and backdoor access and circumvention to the VPN devices. China-linked Hackers use Pulse Connect Secure VPN Flaw to Target US Defense Industry Researchers FireEye's Mandiant reported on April 20th that they believe multiple threat actors are involved in the attack, and that these intrusions targeted government, defense, and financial institutions globally. Each instance of hacker activity was ultimately traced back to the Pulse Connect Secure VPN devices. It's probably also important to note here that Pulse Connect's parent, Ivanti, has contracts with the Nuclear Regulatory Commission, the Pentagon, the Bureau of Fiscal Service, and the Coast Guard. Check Vulnerability and Patch Your Pulse Connect Secure VPN Devices In acknowledging this attack, CISA issued an advisory on April 20, 2021, advising that Ivanti has developed a checker tool or an 'Integrity Tool' that can be used by any agency using the Pulse Connect products to check their vulnerability and strongly encourages all Pulse Secure customers to use the took to check for malicious activity. While the initial press around this hack has worked to minimize damage, CISA has identified 24 federal civilian agencies that use Ivanti's Pulse Secure Connect VPN devices and issued a directive last week that every agency using these devices figure out how many VPN devices they have and also that they run Ivanti's 'integrity tool' to determine whether or not they are at risk, and report back to the agency. It was announced today that Ivanti has released a security update for the Pulse Connect Secure, addressing a new authentication bypass. Ivanti urges customers using Pulse Connect Secure 9.0RX and 9.1RX to immediately upgrade to Pulse Connect Secure 9.1R11.4, which fixes the vulnerability.

In this episode of the Futurum Tech Webcast, we focus exclusively on cybersecurity, in a series we're calling Cybersecurity Shorts. Today, I'm joined by fellow analyst Fred McClimans for a conversation on six cybersecurity topics in quick succession. This episode covers: News of hackers linked to China using a flaw in Ivanti's Pulse Connect Secure VPN to target defense industry researchers in the US. Efforts by a bipartisan group of lawmakers who are pushing for legislation funding cybersecurity training and developing programs to attract and retain cybersecurity talent in the federal government along with other efforts by lawmakers to combat cybersecurity threats. A warning from the UK's security experts about threat actors' use of LinkedIn to target government officials and others. A new study from HP on nation-state cyber incidents going back over a decade and how that's not predicted to get any better any time soon. If ever. News of a leak of 3.2 billion passwords containing 1.5 million records with government emails, and what that means from a cyber risk standpoint. AI-powered cybersecurity platform Vectra AI raises $130 million — evidence of the new world of artificial intelligence and machine learning in threat detection.

In this episode of the Futurum Tech Webcast, Interview Series, I was joined by my colleague here at Futurum Research, Ron Westfall, and Jason Keane, Head of Digital BSS Product and Solution Line at Ericsson for a conversation around moving BSS journeys to the cloud, and what to consider from the platform prospective with insights from our recently released research report The BSS-to-cloud journey: Powering innovation across the digital value chain Ericsson on Moving BSS Cloud Journeys Forward – The Platform Perspective This is the second of two events connected with that recent research into BSS-to-cloud journeys. Ron and I were joined a few weeks ago by Ericsson's Head of Product Domain BSS Customer & Partner Engagement, Rick Mallon and BSS Senior Solutions Marketing Manager, Miriam Deasy for a conversation about cloud transformation and digital engagement — you can watch (or listen) to that conversation here: The BSS-to-Cloud Journey: Powering Innovation Across the Digital Value Chain. Our discussion was far-reaching and included the following: Why BSS journeys to cloud are underway, what's in it for customers, and the complexity of the cloud journey. Jason shared insights on the increased pace of demand, faster time to market, as well as the closer alignment between the commercial and technical reality of legacy systems that aren't agile enough to do what's needed today. We then moved into customer benefits as well as the complexities of cloud journeys and how to think about most effectively starting down that path. The diversity of cloud approaches across the Ericsson customer base and the nuances of how Ericsson caters to this massive amount of variation and how that impacts software development as well as deployment of BSS-to-cloud journey initiatives. Cloud and cloud native, Ci/CD pipelines, and what level of readiness needs to be in place on the customer side for cloud native software, as well as what's involved in supporting customers' success. Myth-busting the hype surrounding cloud and what impact, if any, that has on cloud transitions and digital transformations to live up to their promises. The advantages to a multi-vendor strategy using different cloud providers versus using all services of just one provider, and how to think about that as organizations are strategizing their BSS-to-Cloud journey, including key considerations like avoiding vendor lock-in. Some day-to-day challenges customers experience and how integrating BSS with OSS and packet core are essential and how to think about measuring success as it relates to the BSS-to-cloud journey and what 'completion' really looks like. It was a terrific conversation and if you're exploring migrating your BSS to the cloud, one you won't want to miss.

On this episode of the Futurum Tech Podcast – Interview Series I am joined by Gerardo Giaretta, Senior Director of Product Management for Qualcomm. Gerardo leads the 5G Ran Infrastructure Product team, which is experiencing huge growth right now. Our discussion centered on Qualcomm's recent 5G RAN partnership announcement and how that is going to impact the industry as a whole. Qualcomm Teams up with Vodafone My conversation with Gerardo also revolved around the following: An exploration into Qualcomm's partnership with Vodafone Why Open RAN is such a huge focal point for service providers and network manufacturers right now Who are the biggest beneficiaries of the partnership with Vodafone How the partnership will likely evolve in the coming years This partnership could be a huge opportunity for growth for Qualcomm who announced a renewed focus on network infrastructure last October. This technology could ultimately lower the barriers of entry for smaller service providers and network operators looking to leverage silicon for 5G base stations — which is an exciting prospect for the industry as a whole. Disclaimer: This show is for information and entertainment purposes only. While we will discuss publicly traded companies on this show, the contents of this show should not be taken as investment advice.

In this new episode of the Futurum Tech Webcast, Interview Series, I'm joined once again by Don Schuerman, the CTO of Pegasystems. As a preview of Pega's upcoming Pegaworld iNspire 2021 event, which is being held this coming Tuesday, May 4th from 9am to 11:30am EDT, I wanted to corral Don and talk a little bit about what's going on in the industry, what's new and exciting at Pega, and what kinds of problems they are solving for their customers. For starters, Don and I talked about low code and its proliferation within the industry as a whole. As someone who's covered both the automation industry and Pega for a number of years, I first heard about low code functionality from the team at Pega — they were definitely forging an early path there. Today, it's obvious that low code is not only catching on, but that's a key driver facilitating the rapid digital transformation that organizations are working toward today Don and I had a great conversation, covering: What's causing the dramatic shift for everyone to become a low code user or provider. Some business use cases of low code, including real world client examples. We explored Pega's offering in the low code space and the impact the booming interest in low code is having on Pega's business. What customers saying about the use of low code and how whether they are full on embracing it, dipping their toes in the water, or thinking about next steps, they are seeing great results. Why certain industries are more apt to be drawn to low code. Why low code is attractive to enterprises today, as something that tech savvy employees understand and enjoy getting the opportunity to immerse themselves in, as well as for those who are interested in providing reskilling and upskilling opportunities for the workforce Bottom line, if you're thinking about the benefits of low code and how integrating process automation can change everything about your organization's digital transformation journey, I encourage you to make time to register and attend the Pegaworld iNspire 2021 event next Tuesday from 9:00am to 11:30am EDT. You can learn more about the event and register for free here. And hopefully I'll see you there. Lastly, if you're interested in digital experience and providing best-in-class experiences tailored around the customer journey for your customers, check out my recent interview with Pega's Jeff Nicholson, VP of CRM Product Marketing. If customer service is your focus, I think you'll enjoy this conversation. You'll find it here: Pega's Take on Digital Experience: What's Ahead in a World Powered by Autonomous Customer Service

In this episode of the Futurum Tech Webcast, Interview Series, I had a fascinating conversation with Jeff Nicholson, the VP of CRM Product Marketing for Pegasystems about digital experience and what's ahead in a world powered by autonomous customer service. Our discussion centered on the future of customer service, especially as it relates to digital experience, the ever-changing world of customer expectations, and how autonomous customer service is a game-changer. Pega's Take on Digital Experience: What's Ahead in a World Powered by Autonomous Customer Service In our conversation about digital experience and a look at what's ahead in a world powered by autonomous customer service, Jeff and I touched on: What is today's digital experience and what that looks like — for both customers and for the brand side. How the landscape of customer experience has changed, not only in the last handful of years, but also how that's been impacted by the impact of a global pandemic. The change in customer expectations and how brands are shifting to address those expectations. The role technology plays in the customer journey (and meeting customers where they are, when they need it). What kind of technology is needed to most efficiently, most effectively, allow brands to do that. How COVID-19 has changed customer demand, buying preferences, and customer loyalty and what brands are doing to step up and adapt to those changes. And we explored autonomous customer service and where this technology fits in the customer engagement timeline? As always, my conversation with Jeff was a fascinating one. He also shared some customer use cases that you'll find valuable, so I encourage you to dive into this one. If you're focused on improving the customer journey and customer experience within your organization, if you'd like to learn more about autonomous customer service and how you can employ it to deliver better, more efficient customer service and empower your team to both do more and enjoy their jobs more, I encourage you to make time to register and attend Pega's upcoming Pegaworld iNspire event on May 4th from 9:00 to 11:30am EDT. The event is a virtual one and I can promise it will likely be the best, most interesting virtual event you attend this year. Register for free here and I'll see you there!

In this edition of the Futurum Tech Webcast, my colleague Ron Westfall and I take a deep dive into the collaborative world of virtual reality and 3D simulations offered by NVIDIA's Omniverse. First announced as a beta version last fall, NVIDIA's Omniverse Enterprise is set to hit general availability this summer and has the ability to reshape the future of manufacturing and design, and perhaps much more. It's not unusual for technology companies to offer tools to help their customers get the most value of their products or services. But these tools are generally limited to configuration and optimization. NVIDIA's Omniverse suffers from none of those limitations and while it may help manufacturing and design teams better utilize NVIDIA's chip technologies the real value of the Omniverse is in helping manufacturers collaborative design, update, and improve their manufacturing operations. In this webcast we discuss: How the NVIDIA Omniverse looks a lot like the Marvel Cinematic Universe. The role of Pixar's open-source Universal Scene Description (USD) software in the Omniverse. How the Internet of Things (IoT) and a concept known as a Digital Twin are making helping organizations create real-time virtual versions of the real-world, physical operations. How the Omniverse can help organizations improve factory and manufacturing efficiency and safety. The benefit of running simulations in the Omniverse and leveraging machine learning and predictive analytics to improve asset maintenance and availability. The five different components that make up the Omniverse Platform (the Nucleus, Connect, Kit, Simulation, and RTX Renderer). How the Omniverse allows real-time updates and collaborative changes to be distributed throughout an organization's supply chain and distribution ecosystems. As we wrap up our conversation, Ron highlights some of the core RTX technology that makes the Omniverse possible and discusses how NVIDIA is working with partners like Microsoft and how competitors like AMD might need to respond. And finally, we ponder the ultimate question, when will tools like the Omniverse allow us to not just model manufacturing but extend to the entire operations of an entire business, from the first supplier to the last customer. More Insights from Futurum Research: NVIDIA's Omniverse Enterprise Platform Has The Potential To Reshape The Future Of Manufacturing And Collaboration NVIDIA's AI-On-5G Ecosystem Kicks Off At NVIDIA GTC 2021, Designed To Turbo Boost 5G Vertical Use Cases NVIDIA GTC 21 Brings Key Innovation to Enterprise AI NVIDIA's Future is Bright as its Many Bets are Paying off: Q4 Earnings Update NVIDIA's DRIVE Platform to Power Hyundai's Newly Launched Connected Car OS Across Entire Fleet

On this episode of the Futurum Tech Podcast – Interview Series I am joined by Rebecca Weekly, VP and GM, Hyperscale Strategy and Execution for Intel. Rebecca leads the team that ensures that all products across the spectrum are optimized for hyperscale. Our discussion centered on Intel's the 3rd Generation Xeon Scalable Processor launch and the role cloud innovation has played in Intel's ability to deliver high performance for the most in-demand workloads. Cloud Performance Made Flexible My conversation with Rebecca also revolved around the following: The role cloud technologies have played not only in business but in our everyday lives in the past year A quick look into Intel's agile and flexible approach How Intel unlocks the full potential of hardware with software optimizations The drivers behind the world's largest cloud providers using the 3rd Gen Intel Xeon Scalable processor An inside look at Intel Software Guard Extensions Cloud computing is, as Rebecca said, how wonderful gets done. This technology is driving the future of digital transformation and will likely lead to other advancements for years to come. If you'd like to learn more about how Intel is leading in the cloud space, be sure to check out their website. And while you're at it be sure to hit the subscribe button so you never miss an episode of the podcast. Disclaimer: This show is for information and entertainment purposes only. While we will discuss publicly traded companies on this show, the contents of this show should not be taken as investment advice.

On this episode of the Futurum Tech Podcast – Interview Series I am joined by Wei Li, VP, General Manager for Machine Learning Software for Intel. Wei spearheads all aspects of AI software product development for deep learning, statistical machine learning and big data analytics, as well as hardware co-design for AI acceleration on CPU, GPU, and XPU architectures. Our discussion centered on Intel's leadership in the AI space following the 3rd Generation Xeon Scalable Processor Launch. It was an excellent conversation and one you don't want to miss. The Evolution of AI My conversation with Wei also revolved around the following: An exploration into the democratization and evolution of AI in the last few years How Intel is approaching AI to make it accessible to meet the shifting needs of businesses The rapid proliferation beyond the data center including the growth at the edge What Intel is doing to enable faster development and deployment of AI software at scale How real-world organizations are leaning on Intel to drive their AI journeys AI and machine learning are, as Wei said, where the magic happens. These ever-evolving technologies will be at the forefront of advancements for years to come. If you'd like to learn more about how Intel is moving the AI space forward, be sure to check out their website. And while you're at it be sure to hit the subscribe button so you never miss an episode of the podcast. Disclaimer: This show is for information and entertainment purposes only. While we will discuss publicly traded companies on this show, the contents of this show should not be taken as investment advice.

On this episode of the Futurum Tech Podcast – Interview Series I am joined by Manoj Leelanivas, EVP and Chief Product Officer of Juniper Networks. Manoj spearheads all aspects of product development and strategy including the AI-driven enterprise business unit — an exciting role in today's business world. Our discussion centered on how Juniper is different from other companies in the networking space including an overview of their experience-first networking strategy. It was an excellent conversation and one you don't want to miss. The Future of Networking My conversation with Manoj also revolved around the following: An exploration of the growth Juniper has experienced in recent years including some background on the company for those who might not know about this tech giant Details on Juniper's software initiatives What Experience-First Networking means for customers Key outcomes Juniper is seeing from Experience-First Networking How Juniper stands apart from competitors Exciting developments Juniper has in the works 2020 showed the need for better, faster, stronger networks, but complexity comes right along with progress. Juniper is looking to solve this by championing simplicity through everything they do, starting with engineering of networks. This episode is a must listen for anyone interested in how networks are changing the way we work. Disclaimer: This show is for information and entertainment purposes only. While we will discuss publicly traded companies on this show, the contents of this show should not be taken as investment advice.

In this episode of the Futurum Tech Webcast, Interview Series, we're taking the conversation to LinkedIn Live, and focusing on the BSS-to-Cloud journey that so many communication service providers (CSPs) are currently exploring. I was joined by my colleague here at Futurum, fellow analyst Ron Westfall, and also joined by Miriam Deasy and Rick Mallon from Ericsson. In our conversation, we focused on the findings of a research report that our team at Futurum partnered with Ericsson to develop: BSS-to-Cloud Journey: Powering Innovation Across the Digital Value Chain. For CSPs, embracing customer-centric business operations and digital engagement allow them to monetize on improved customer experiences and support business models for current or future innovations. But sometimes all of that is much easier said than done and knowing where to start can be challenging — thus the impetus for our research. From a strategic perspective, CSP decision-makers must recognize the most important considerations that are driving the BSS-to-cloud journey, and that's what we set out to both map out in the research report, as well as to have a discussion around on this episode of our Futurum Tech Webcast Interview Series show. Miriam and Rick introduced themselves and shared a little about their roles at Ericsson, and we then jumped in. Here are some of the things our discussion covered: What the Ericsson team is seeing, from their vantage point in Ericsson Digital BSS across their customer base in terms of challenges customers face. What different approaches they are seeing on the customer side (and what can be learned from this). How Ericsson manages to cater to this massive amount of variation across their customer base and prospects, as well as in product development. What advice and insights can be offered to customers as they progress through their cloud journeys. The reality of continuous improvement/continuous development (CI/CD) play, and the role it plays for overall success. The top goals and objectives customers have identified, either to achieve or fix, as they progress in their cloud journeys. The top challenges customers shared that they face in their BSS-to-cloud journeys and what can be learned from that. We wrapped up our discussion with a look at what the Ericsson team feels is working well for their customers, as well as a conversation around how CSPs can increase the likelihood of successful outcomes, and we closed our show with thoughts on what CSPs can do and/or focus on as they progress on their BSS cloud journeys.

In this episode of the Futurum Tech Webcast, I was joined once again by my partner, Daniel Newman, for the next installment on our series on Confidential Computing and how vendors are looking to deploy trusted-based computing models, specifically in areas such as Trusted Execution Environments, Enclaves, and homomorphic encryption, as well as a discussion on what's ahead. These conversations are a precursor to a research brief we are in the midst of completing and will hopefully serve to whet your appetite for a deeper dive very soon. Confidential Computing: How Vendors are Looking to Deploy Trust-Based Computing Models To recap our conversation of last week, Daniel and I touched on the instances of cybersecurity breaches in the news, the average cost of a data breach, the impact on careers that a data breach inevitably causes, as well as current legislation that's been introduced in the U.S. around requirements for reporting of data breaches in a specific and timely manner. Today, our conversation centered around: Revisiting Operational Trust vs. Technical Trust Operational Trust is the kind of trust within an organization that we're accustomed to and revolves around the thought that better and regular training, stricter rules, compliance, certifications, etc. are what will keep an organization safe. While that may be in part true, Technical Trust, which is the focus on removing people from the security equation altogether through deployment of technological solutions rather than those other things is where we need to be heading. What is the Goal of Confidential Computing and the Complexities Around the States of Data We discussed the goal of Confidential Computing, which is at its most basic the goal of reducing the ability for a systems administrator of a platform to access data and code inside Trusted Execution Environments sufficiently so that this path is not an economically or logically viable attack during execution. Data exists in one of three states: At rest on a storage device, in transit between two locations across a network, and when it's in use as its being processed by applications. Confidential Computing is the protection of data in use by performing computation in a hardware-based Trusted Execution Environment and covers software attacks, protocol attacks, cryptographic attacks, and base physical attacks. The Confidential Computing Consortium The Confidential Computing Consortium is a group founded by the Linux Foundation and comprised of some of the biggest names in technology who have partnered to focus on security data in use using hardware-based TEEs and accelerating the adoption of Confidential Computing through open collaboration. The Role Hardware Plays in Security (and Confidential Computing) When security is your end game, rooting security in silicon and working outward should be the foundation of your strategy. This was a quick but wide-ranging conversation. Daniel and I spoke more about the specifics on Trusted Execution Environments, and what is in scope as it relates to Fully Homomorphic Encryption, a class of encryption methods first envisioned in the 70s and now a fundamental part of Confidential Computing. Whether you're a senior leader focused on making security a fundamental part of business strategy (and we hope that you are), or a CISO charged with keeping your organization safe, this is a conversation you won't want to miss. Be sure to be on the lookout for our soon-to-be-published research brief on the topic of Confidential Computing — we think you'll find great value in it.

On this episode of the Futurum Tech Podcast – Interview Series I am joined by Tien Tzuo, CEO of Zuora, a cloud-based subscription management platform. Zuora enables any company in any industry to be part of the subscription economy, which Tien believes is the future of the business world — and I have to agree. Our discussion centered on how Zuora is furthering their vision of "The World Subscribed" by delivering software that is a central system of record architected for dynamic, recurring subscription business models. It was an excellent conversation and one you don't want to miss. The World Subscribed My conversation with Tien also revolved around the following: An exploration of the growth of the subscription economy in the last few years How the growth of the subscription economy has helped Zuora grow including a quick recap of their recent earnings report What potential changes B2B and B2C businesses might be facing as we emerge from the pandemic What The End of Ownership trend means for businesses Exciting developments Zuora has in the works Consumer behavior is changing. People, and businesses too, want access to products and services instead of ownership. Tien anticipated this shift back in 2007 when Zuora was founded. I fully believe that it will continue to grow in the years to come. This episode is a must listen for anyone interested in how the subscription economy is changing the way we work and live.

In this episode of the Futurum Tech Webcast/Futurum Tech TV Daniel and I jumped on LinkedIn Live to talk about the news of the new Intel campaign featuring Justin Long, previously known as "The Mac Guy." We talked about the new M1 chip that Apple is building as the company shifts from reliance on Intel powering Apple products. We then talked about Intel's new campaign, bringing back Justin Long, the "I'm a Mac" guy in a campaign designed to spoof Apple, this time, someone that's all in on Team PC. What I did not know before we recorded this webcast is that Apple started this clever twist, bringing in John Hodgman, the "I'm a PC" guy from the original Apple "Get a Mac" campaign to kick off its reveal of the M1 processor replacing Intel's chips. And Intel, with agency partner VMLY&R, responded with its own #GoPC campaign. This is a clever. As a long-time Apple product user, and owner of more Macs than I can honestly count, it was great to see the Intel campaign highlight the very real limitations that all Mac users live with. It's true, we really do just live with them. As John Coyne, Intel's vp of brand, creative and media said to AdWeek, "It's a fun challenge: How do you highlight the limitations that Mac users just live with and help highlight that we have a more compelling choice available with PCs? Who better to tell that story than Justin Long, who spent more than four years and 66 commercials representing the personification of 'I'm a Mac'?" It was great to see Intel step up here and counter Apple's Hodgman campaign. In addition to being clever, for Intel, it was a great way to showcase the many, many benefits a PC affords in terms of user experience, flexibility, and usability that, well, Apple devotees don't have. Want to watch the Intel spots, you can do that by checking out the Intel YouTube channel here. Daniel wrote about this in a separate article for the Futurum blog: Intel's New Ads Target Apple M1 With Former Mac Spokesman Justin Long

On this episode of the Futurum Tech Webcast, Interview Series, I was joined by Dell Technologies' Rick Martinez and John Boyle for a conversation about navigating the hardware security journey. Rick is Senior Distinguished Engineer, Sr. Director at Dell Technologies and John is part of Dell Technologies' Cyber Security and Supply Chain Defense Product Management team. Enterprise-wide security requires a shield, or a security posture, that follows and protects devices throughout all aspects of the hardware journey, encompassing the external supply chain, internal implementation, and ongoing end-user operations and device management. Four Keys to Navigating the Hardware Security Journey Our team at Futurum partnered with Dell Technologies to develop the white paper: Four Keys to Navigating the Hardware Security Journey and this conversation covered some of the key insights in the report. This was a long-term research initiative that began in 2019 and concluded in mid-2020. We wanted to better understand the level and types of threats encountered by companies today, and the measures, practices, and policies those organizations employ to address these threats throughout the entire security journey. Our research included an in-depth study of over 1,000 technology and security pros directly involved in the planning, implementation, management, or operations of security, risk, and compliance activities related to device-level security. The demographics of our survey group included:US Federal Government – 29% State of Local Govt & Education – 30% Defense Industrial Base – 17% Critical Infrastructure Sectors – 22% Commercial Industries, 2% Our conversation in this roundtable discussion centered on the four key insights derived from this research • Understanding you are the target —security threats can come from all directions, both internal and external, malicious or accidental, found in your end-user devices and throughout your partner ecosystem and supply chain. And they can be in software and in hardware. • Security is built from the ground up —and needs to be a foundational part of business operations. Security breaches must be detected to be observed, and organizations with a security framework in place may be better able to identify and stop attacks. • Every security journey needs guardrails and frameworks — 75% of enterprises that utilize a security framework say they have experienced a security breach in the past. Conversely, enterprises that do not utilize a security framework say they have not been breached — ever. • Security paradise is found by the dashboard lights — really! We believe that it's hard to identify what you can't see. When it comes to the enterprise security journey, dashboards are mission critical. What's ahead in the industry as it relates to hardware security and what are security teams focused on? We shared insights around that in our conversation. Rick and John and I wrapped up our conversation sharing thoughts on what executives can do to prepare their businesses for the current threat landscape as well as future changes. They also shared some use case examples of what Dell is doing for customers and how that is working. And we hope you'll download the research report: Four Keys to Navigating the Hardware Security Journey for tons more information and insights to help you plot a strategy for your own enterprise security journey.

In this episode of the webcast, I'm joined by Shameem Smillie, the Director of Global Contact Center Solutions at Mitel for a conversation around connection, personalized customer experiences, and what 'meaningful connections' mean in a digital world, what the future of work looks like in post-pandemic times — and some practical ways businesses can think about strengthening their communication skills. Let's face it, the last year has been a slog. Almost a year ago to the day, for many of us the world shut down, our companies shifted almost overnight to remove work, kids shifted to remote learning, and we hunkered down. And in case you've not noticed, it's largely been cloud solutions and collaboration applications/platforms that have made this shift possible. We kicked off our conversation talking about the rapid shift involved globally as organizations and their workers shifted to work from home and how navigating work, family, obligations regarding children and beyond have played a role. Shameem shared with some of her thoughts on a change in the demographics that has embraced technology, how the BandAid solutions that were initially put in place by many organizations in the early WFH days are now being evaluated (and often replaced), and how her expertise in customer experience helps her be especially attuned to meaningful moments of conversation and the things organizations can do to empower and facilitate them. Our conversation touched on: Remote work is here to stay Consumer appetite is for faster, more personal interaction and the businesses rising to the top are those that understand that and put good communications first What businesses seem to have struggled with the most as they adapted to a WFH, distributed workforce What kind of adjustments companies are going to need to make as we gradually ease back into a more normal of doing things The tangible ways that businesses can strengthen communication skills What the foundational technology is, the must-haves, in order to get communication technology and communications skills where they need to be so as to deliver not only the optimum in customer experience (think contact centers) as well as the optimum in employee experience. Shameem also shared some great customer use cases, including touching on some verticals who have experienced hyper accelerated growth over the course of the last year, and how they've navigated a sudden pivot in their work, collaboration, and communication style, and their experiences and success stories that we can all learn from. If you're looking to up your communication game and focused on how to create more meaningful digital communications in a remote (or hybrid) world, this is a conversation that I think you'll enjoy — and benefit from. If you'd like a deeper dive into this topic, download an ebook developed by Mitel that I was thrilled to participate in, Mitel's Now of Work. The ebook features insights from a group of well-known industry experts and focuses on the integrated solutions for remote, hybrid, and in-office workforces that are the future of work, and how using streamlined communication for better collaboration, understanding best-in-class practices around security and compliance for tech solutions is the path to a future of work that is personified by meaningful communications that are both collaborative and hassle free.

In this episode of the Futurum Tech Webcast I was joined by my partner and fellow Futurum analyst, Daniel Newman, for a conversation about cybersecurity. Security breaches are frequent, inevitable, can have a big impact on customer trust, can also impact corporate profitability, and quite often can cost a CISO or CIO his or her job. From the Microsoft Exchange Server attack this past week, to the SolarWinds attack of the last few months – both at the hands of state sponsored actors, one suspected to be of Russian origin and the other Chinese, to well-known cybersecurity breaches like Equifax, Target, Capital One, JP Morgan Chase, Marriott, what we're seeing in the industry is a massive difference in risk between organizations that take effective cybersecurity precautions versus organizations that don't. With the financial impact of a data breach in 2020 averaging about $3.86 million, not taking into consideration what is often millions of dollars in fines, cybersecurity and the inevitability of a hack is something that needs to be addressed at the highest levels in the organization. Cybersecurity must be a board-level concern and resonate on down through every level of the organization, from the CEO and CIO/CISO and beyond. Cybersecurity must be a foundational part of business strategy and more training and more processes isn't always the answer — technology will likely play a big role here as well in the months and years ahead. In our conversation we touched on what we do with data and the problems with the status quo. Think about it for a moment. When it comes to data, we: Decrypt it to use it What happens when the administrators or our data repositories leave? When the data relies on the public cloud, how do we ensure the container or the virtual machine operators are operating in a trusted way? Are process and certification and compliance standards enough? We don't think so. Yet, anyway. This is the first of several conversations we'll have on this topic as we are also working on a research brief on the topic of Confidential Computing, which is all about how to manage and more accurately and safely secure data that is in use, and protecting data in use by performing computation in a hard-ware based Trusted Execution Environment. Confidential Computing is in the nascent stages, but we're certain we'll all be talking much more about this in the months to come.

In this episode of the Futurum Tech Webcast, host Shelly Kramer joined by fellow analyst Fred McClimans for a conversation about some cybersecurity news you may have missed during the week when unexpected weather across the south, horrifying power grid problems and beyond have captured the attention of the nation. The conversation started with a quick overview of Clubhouse, the current darling of social apps. In a nutshell, Clubhouse, an invitation only social audio app, is powered by Agora, a Chinese-based software company. Other companies using Agora's software include Bilibi, a $53Bn Chinese video-sharing app with 170M plus users and considered the nearest thing China has to YouTube, New Oriental Education, a $33B Chinese ed tech firm and Yalla, a $5.6 billion Chinese-owned app called the Clubhouse of the Middle East. Note the theme: Chinese connections to Agora. So, Agora. And Chinese connections, and cybersecurity — that's what the conversation comes back to including the following: Agora's reported SDK vulnerability that could have allowed an attacker to spy on private video and audio calls. The flaw in Agora's SDK that is used by dating apps like eHarmony, Plenty of Fish, MeetMe, and Skout. It was also found in healthcare apps like Talkspace, Practo, and Dr. First's Backline. McAfee disclosed the flaw in April of 202 and it took Agora seven months to release a new SDK to remediate the threat. The cybersecurity conversation then shifted to the SolarWinds hack and the update figures released by the White House. As of today, it believes (so far), that 9 federal agencies and 100 private sector companies have been impacted. The conversation also explore the news that although the hack remains considered of Russian origin, it's likely that the hackers launched their attack from inside the US. The cybersecurity conversation wrapped with some good news post SolarWinds hack from Microsoft. On Thursday, Microsoft announced in a blog post on its Security Response Center published that its internal investigation has concluded into the activity of the threat actor and that there was no evidence of access to production services or customer data. The investigation also found there were no indications that their systems at Microsoft were used to attack others.

In this episode of the Futurum Tech Webcast – Interview Series, I'm joined by Tim Yates, the CEO of DataXstream for a conversation around how wholesalers are benefitting from DataXstream's OMS+. We've been talking a lot about supply chain here at Futurum, and with good reason. A global pandemic has shown us in no uncertain terms how important supply chain is and, in some instances, how precarious ours is. That's especially true as it relates to some 415,000 wholesale distributors out there, with a combined annual sales of some $7.8 trillion. We kicked off the show with Tim sharing some background on how a career start as a mechanical engineer morphed into technology and ultimately founding and leading DataXstream. Before diving into technology solutions, we discussed some common challenges wholesale distributors face, including: The wholesale distribution ordering process, which can be a nightmare. Think multiple supply chain locations, different prices for different customers, based on agreements that vary across the board, large orders that often span over a hundred lines — complex is an understatement when it comes to describing that challenge. Inventory management difficulties. The (sometimes massive) learning curve related to ERP solutions within the organization, and the fact that front line and field salespeople often have to spend a lot of time trying to learn the nuances of those platforms. We explored how we're seeing customers impacted by COVID-19 and how things like inventory visibility have played a role in the transformational shift that many wholesale distributors are undergoing. We talked about the importance of rapid digital transformation, in the wholesale distributor industry and beyond, some of the roadblocks customers face, and what we see ahead. We then shifted to discuss DataXstream's OMS+, which is an order management solution that helps wholesale distributors offer customers fast, reliable service, and Tim shared some key benefits of OMS+, along with some customer/industry use case examples. We closed the conversation with a preview of some new features coming to OMS+ that Tim is especially excited about, especially those related to the integration of artificial intelligence (AI) and machine learning (ML) into the platform and the exciting benefits that will afford users. For SAP wholesale distributor customers, using DataXstream is truly a game-changer. You can find DataXstream on the SAP Store, along with an Infosheet that our team produced, How Wholesalers are Benefitting from DataXstream OMS+

Microsoft announced the launch of Microsoft Viva, an employee experience platform designed to help people connect, focus, learn, and thrive at work. In this episode of the Futurum Tech Webcast, I was joined by my partner and fellow analyst Daniel Newman to talk all things Microsoft Viva. For starters, a solution like Microsoft Viva is important on a number of fronts — we've collectively adapted to hybrid work, business leaders are cognizant of and trying to avoid burnout, and are focused on helping people feel more connected and supported by the organization, and they are also recognizing the importance of learning management and creating a culture of continuous learning within organizations (and making learning easy). The Microsoft Viva Experience platform is comprised of a number of components that are conveniently centered around connection, insights, learning, and topics. Our conversation included a brief snapshot of each, including: Viva Connections The Viva Connections part of the Microsoft Viva Employee Experience Platform is the "gateway to modern employee experience" that is personalized and appears in the apps and devices employees use every day (like Teams). Viva Connections gives people a curated, company-branded experience that pulls together news, conversations, and other resources. It designed to be quick and easy to use, and users can publish content from SharePoint, Yammer, or Microsoft steam, to a single feed and post the external news and content organizations want employees to see (and use). Of special interest to me, was the ability to use the Viva Connections platform to reach specific departments, regions, or roles within the company, by audience targeting or bring attention to important items in the feed by way of "boosting" so that items appear on top of the news feed until read or they have accomplished a certain number of impressions. Microsoft Viva Topics Microsoft Viva Topics uses AI to help empower people within the organization with knowledge and expertise in various apps to connect, manage, protect, and share that knowledge across systems and teams. Note that Viva Topics is available today for Microsoft commercial customers. Viva Topics is intended to help manage the sea of information that employees encounter and must deal with on a daily basis. Microsoft data indicates that employees on average spend more than an hour a day looking for or recreating info that already exists within the organization, more than triple what they spent five years ago. To be fair, there's more information now, but still, that's a lot of wasted time and incredibly frustrating. Onboarding, skill development, and knowledge drain are key issues business leaders face and Viva Topics is intended to address that. It appears as though this has grown out of the Project Cortex Preview program, launched about two years ago, a program in which Microsoft customers participated to help shape the product. Companies like Arla Foods, Unilever, Siemens Healthcare, and Mott MacDonald have been using Viva Topics in their organizations and have participated along the way in fine-tuning this product. Microsoft Viva Learning Microsoft Viva Learning is yet another component of Microsoft Viva platform, and is an app for Microsoft Teams that is in private preview at this time. In June of 2020, Microsoft announced a goal of helping 25 million people around the world gain the digital skills they need to be successful. Now the goal is to extend beyond supporting jobseekers to helping support people's success once they are hired. Daniel and I know from firsthand experience as well as our own research that successful digital transformation journeys (and successful organizations) rely on an organizations' commitment to create a culture of continuous learning. That's exactly what Microsoft Viva Learning is designed to do. Viva Learning features a central hub where people can discover, share, assign, and learn from best-in-class content libraries, including LinkedIn Learning, Microsoft Learn, third party content providers, and an organization's own custom content, all geared to make learning on a daily basis a standard thing. Teams and groups can set up their own learning tabs, and learning is not only personalized, but learning content is also centralized and easily accessed. In developing Viva Learning, Microsoft, partnered with Skillsoft, Coursera, Pluralsight, and edX to integrate world-class content into Viva Learning. It's also exciting to see that some of the biggest learning management system providers SAP SuccessFactors, Cornerstone, OnDemand, Saba have announced their intent to integrate with Viva Learning. Microsoft Viva Insights Last but never least, we touched on Microsoft Viva Insights, the final part of Microsoft's Viva employee experience platform. This offering is focused on employee wellbeing, which enables productivity, innovation, and engagement at work. Why is this relevant? Burnout and stress are increasingl

In this episode of Futurum Tech Webcast, Interview Series, I was thrilled to host Josh Teitelman, VP of Customer Experience at Allstacks and John Steinmetz, CTO of Convo Communications for a conversation about building a high performing engineering team, and what the secret sauce is that makes that goal a reality. First a little bit about Convo Communications. Convo, is a deaf-owned company that is all about connecting humans. And it's safe to say that their understanding of human connection is quite a bit different than the norm. At Convo, they know that in a rapidly-advancing tech world, technology is often developed on the basis of spoken language. Convo offers a different perspective — and works with clients to ensure that universal communications that just feel right is the end deliverable. Allstacks is a leading predictive forecasting and risk management solution for software development. By leveraging AI and machine learning to integrate data across Product, PMO, Development, and QA teams, Allstacks can provide a comprehensive view of software initiatives throughout any organization. Aligning teams on outcomes that matter is what they're most passionate about. Our conversation today revolved around: John spoke about leading an engineering team in a pandemic, both from a personal standpoint as it relates to Convo, as well as the impact on their customers; Some of the biggest challenges that organizations faced as they pivoted to WFH initiatives in order to keep employees safe; Josh talked a little about how Allstacks' users responded to the pandemic and the challenges their team saw related to WFH initiatives; We discussed the importance of maintaining priority alignment and setting expectations within an engineering team, how difficult that can be, and some thoughts from the trenches on how to do that successfully; Tying engineering goals to overall business goals — and how to do that; As a final part of the conversation, both John and Josh shared some interesting customer use cases that really brought home for us the value of building high performing engineering teams, how to think about making that a reality within your organization, and how to think about the technology best suited to help you achieve those goals. In this conversation, it's clear that Allstacks has played a significant role in helping Convo Communications reach their goals — and if building a high performing engineering team is on your radar screen, I can promise that it's definitely a conversation worth checking out.

In this episode of the Futurum Tech Webcast, I was joined by my colleague here at Futurum, Olivier Blanchard, for a conversation about chips. We started with a conversation about chips that power mobile devices and took a dive into Olivier's research on why Honor and Qualcomm's complete mobile solution makes perfect sense. We discussed: Honor's move from Huawei; Honor's partnerships with key chipmakers including AMD, Intel, NVIDIA, Microsoft, Samsung, SK Hynix, Sony, and Qualcomm, and what that likely means; The role we expect Qualcomm will play moving forward in both the budget and mid-market tiers of mobile devices; With chips on our mind, we then segued over to a discussion of news out of Qualcomm's two-day Automotive Redefined: Technology Showcase 2021 and what we see happening with regard to Qualcomm's Automotive sector strategy. Olivier walked us through the highlights of Qualcomm's Automotive Redefined: Technology Showcase 2021 event and the many advancements we're seeing and will be seeing out of Qualcomm with regard to 4G LTE and 5G building global momentum for connected cars. That was but one tidbit, and this was a comprehensive conversation about the Automotive sector and the exciting things we're seeing across the board in this industry. If you're a car person, or if you're a technology person interested in the Automotive, this is one part of the conversation you won't want to miss. Lastly, we tackled the reality of a global chip shortage, what's causing that, and the impact that shortage is having on the automotive industry. In short, a global pandemic resulted in a surge of consumer desire for smartphones, gaming devices, TVs, and computers, causing chips to largely be gobbled up to serve the consumer sector. The automotive industry was pinched, and their supply chain issues as it related to chip production has become a very big problem. During the course of the last six to 9 months, the semiconductor industry has not been able to scale up as quickly as needed to meet the demand in the automotive sector. This is a nice end to an interesting conversation about the semiconductor industry and how chips play an outsized role, in everything from mobile devices to the Automotive industry — and a global chip shortage is a very big deal — especially for the automotive supply chain. For a nice read on that, by the way, check out this article from Financial Times: Global Chip Shortage Pus Car Supply Chain Under the Microscope.

Leading tech analysts from Futurum Research offer weekly deep dives on the latest in tech news, new products and services, mergers, earnings, regulations, and more, from startups to industry leaders, emerging tech and what's ahead for industries across the globe, along with interviews with tech industry leaders and experts. Disclaimer: This show is for information and entertainment purposes only. While we will discuss publicly traded companies on this show, the contents of this show should not be taken as investment advice.