Category: risk management

Posted on

AI and Cybersecurity: Don’t Trust, Always Verify

Faster, cheaper and more scalable

The advancements in artificial intelligence are reshaping the landscape of cybersecurity, with AI now the single biggest force in the network. AI can discover vulnerabilities faster, it can execute highly scalable automated attacks, and it can help malware adapt and change to avoid detection or gain new capability. In cybersecurity defense, AI is used for real-time threat detection, and it facilitates automated response and triage capabilities, too. But part of the trouble comes from within, where companies are increasingly deploying AI tools without properly securing them, creating entirely new risks for businesses to consider.

The internet is run by machines

Human users versus hackers is no longer a model that applies when it comes to internet security. AI and bot traffic is growing far faster than human user traffic, and automation has given way to AI-driven fraud, account takeovers, credential stuffing and scraping and more. Large-scale attacks are far easier and cheaper to deploy, allowing a literal explosion of bots and automated traffic – machines running machines – across the internet.

You are the product

Free games aren’t really free. Even what seems to be a harmless activity can become a conduit of valuable data, conducting surveillance and recording information. Individual bits of data may not have great meaning, but in aggregate it might. The telemetry gained from devices and applications provides location information, networking and proximity data and more. The exchange of convenience or enjoyment for security and privacy is a well-known tradeoff that bad actors exploit continuously.

Identity is the new attack surface

It used to be that cybersecurity focused on the devices – the endpoints which represented the way into the network. Endpoint security is essential, yet it is the user identity which is the vulnerable element. It has been said that bad actors aren’t hacking systems any longer, they’re just logging in. This means that stolen credentials drive the majority of system breaches. Breaking into and highjacking active sessions, bypassing MFA challenges, and performing other identity-based attacks is now forcing a shift toward continuous authentication and a completely Zero Trust (never trust, always verify) security model.

Cybersecurity has never been easy, but it is harder than ever now that AI is involved. There’s a market out there for enabling the bad guys, like cybercrime as a business model. It’s organized and scalable and terrifying. More than ever before, cyber risk is tied directly to business risk, making security something far more than just IT.

Make Sense?

bunny feetJ

Posted on

AI FOMO and Your Business

“AI FOMO” (Fear of Missing Out) has become a major force behind business adoption of artificial intelligence.

Rather than pursuing AI with a clear strategy, too many organizations are investing because of competitive pressure, media buzz, and fear of falling behind. This reactive approach often leads to rushed, expensive, and poorly executed initiatives that fail to create real value—and can even spark internal friction.

Surveys show that a large share of IT leaders and executives—sometimes more than 60%—acknowledge that FOMO significantly influences their AI adoption decisions. This fear is fueled by rapid technological change, assumptions that competitors are gaining an advantage, and limited understanding of what AI can and cannot actually do.

Implementing AI without thoughtful planning or alignment to business needs often results in wasted investments in tools that don’t address real problems. Projects may stall in the early stages or fail to produce any measurable benefit or return on the investment.

Among the biggest challenges with AI centers on data and trust.

When a business puts speed of development above quality and security, it can lead to data errors, AI “hallucinations” and just plain wrong answers that diminish trust in AI systems. Workers may already feel threatened or undervalued, which creates anxiety and slows tech adoption, so care must be taken to not prematurely introduce AI that may further erode trust in the technology.

I’ve always understood that technology isn’t just a tool, it can be a strategic advantage helping businesses gain in ways not previously available. The key is to move away from fear-based adoption and toward a deliberate, value-driven approach.

Start with identifying the real business problem. With AI, figure out what problems you need the technology to solve for you rather than asking what AI can do. Just because AI can do something doesn’t mean you want it to do it for you, or that it will deliver any real value to your process or operation.

Change for the sake of change makes no sense, so it is essential to understand if there is actually a problem that AI may be able to solve and that the benefits of the solution outweigh the cost to develop and the risk potentially introduced. Start small and have pilot projects in low-risk but high-impact areas of the business where the organization can learn and refine before scaling.

Among the most important aspects of AI in business is the data the AI works with. This is where many businesses fail in their initial attempts with AI development, due largely to the fact that data is siloed or segregated and completely unclassified or categorized.

For AI development to deliver effective business benefit, high-quality, organized data and solid data infrastructure are essential.

AI systems learn directly from the data they are given. If the data is incomplete, inaccurate, inconsistent, or poorly managed, the AI’s performance will reflect those flaws. AI models are only as good as their data because AI systems—especially machine learning and generative AI—identify patterns and make predictions based on training data.

Poor-quality data results in biased, unreliable, or incorrect outputs. High-quality data supports accurate, trustworthy, and consistent results. If an AI is trained on inaccurate or inconsistent information, it will learn (and repeat) those errors.

Shift from a fear of missing out to a fear of missing the advantages of AI.

The focus should be on maximizing AI’s potential to create a competitive advantage, taking strategic risks that are aligned with the business goals. Replace fear-driven decision-making with thoughtful, goal-oriented planning and turn AI into a meaningful source of long-term value and differentiation rather than an anxiety-inducing trend to chase.

Noobeh cloud services works on the Microsoft Azure platform, creating data platforms and delivering services that fuel and support AI development. Let us create the dynamic data infrastructure your business needs to develop the intelligence to propel you forward.

jm bunny feetMake Sense?

J

Posted on

Mo Bigger Data

Losing valuable business data is a terrible thing. It is worse when it’s done on purpose. Every business faces changes in accounting or operational systems over the lifetime of the company and these changes more frequently than not include losing data of some type. And that means losing business intelligence.

The frustrations of changing business systems are compounded the further into the business life cycle the change comes. Much of the historic intelligence of the business is derived from the earlier days of operation. This is data which reflects the stages and activities of the business over time. When a business reaches a point where data volume or list sizes force a systems change, much of that early historic data is ultimately abandoned. There is so much data to load into a new system that the task often proves too daunting for the company, so valuable historic detail information is lost and summary information is loaded into the new system.

As a business matures, and for the business to mature in a healthy manner, specific and detailed information must be captured and analyzed. Software addressing a broad view of the business, offering only generalized functionality and basic process support, will not provide a growing business with the operational support and resultant business intelligence needed at this level.

For example, a manufacturing business needs to fully understand and manage the manufacturing processes and materials supply chain to ensure profitability and consistent product quality. A retailer needs to know which products sell in which markets to ensure product stock and availability to key customers. And all this information is time-critical if the business is to make necessary adjustments in time to benefit from them.

In the end, it is the demonstration of well-defined processes, deep insight into the business operational metrics and financial performance, and the ability to effectively and accurately report on this information that creates a basis for provable business value.

Mendelson Consulting understands how important it is to not just collect the right data to support various processes, but to use that data to better understand operational and financial performance. As operations grow, so does the need to collect data from a variety of possible sources, from phone systems to time clocks and more. Even getting data out of the accounting system can be a challenge, but there is tremendous value in having transparency of business data.

From data warehouses to data lakes, Power BI and data visualization, we help businesses access their information and develop reporting that not only informs but helps deliver greater insight which leads to improvements in performance and profitability.

When information is power, we help owners and stakeholders gain mo power by being mo better informed.

jm bunny feetMake sense?

J

Posted on

Preparing Your Business for Technology Outages

There is a lot of discussion today about how our children are growing up in a world where high technology is simply part of life and lifestyle.  I even read an article about how people are evolving because of the availability of information; evolving to the point where we no longer store and retrieve information, but store information on how to get information.  The article cited an example of someone who couldn’t recall the name of an actress in a movie they had seen, so the immediate response was to search for the answer on Google.  In the past, people relied upon memory and found various ways to mentally associate and store information so it was able to be recalled.  Now, there’s an app for that.

Are we losing our ability to effectively store and recall information?  Are we forgetting how to do things before we had technology to help us?  It might even make one wonder about how technology-dependent society has become. Consider the ruins of past civilizations where seemingly impossible structures are found. These structures cause questions about the technology available at the time as we wonder how they came to be.  The knowledge was there at some point but is now lost to time.

Is your business at risk from a similar fate?  Loss of business institutional knowledge and operational intelligence is often a problem, especially as a business grows. Too many companies fail to consider critical issues such as knowledge management and sustainability.  Finding ways to capture business knowledge and protect it is essential in every organization, whether small business or large enterprise.

Small businesses are often centered on an owner who started the operation, and who just knows how things are done.  The primary goal in this situation is to capture that knowledge and turn it into process.   Only through this approach may a business begin to reduce its reliance upon a single individual, a critical step in creating both sustainability and continuity in the business. In larger enterprises, process and structure are essential to keep the various parts and participants moving in the same general direction and toward the common goal.

Once those processes are established, generally using technology to support or facilitate them, is that the end of the task? 

Many businesses believe that establishing software-supported workflows and standard processes is sufficient to keep the company operating. If a major system or technology failure occurs, workers are left standing around unable to get their jobs done.  In the worst cases, there isn’t anyone in the business who really understands how to pull things back together or there is no longer access to electronically stored information necessary to continue operations. 

How would you handle things if your systems – your computers and software and systems – were no longer available to you?

While GPS and autopilot systems can bring tremendous efficiencies to the process of flying, they also can give a false sense of security that encourages complacency. If something goes wrong, the autopilot will adjust and the computer will tell you where to go, won’t it?

Here is where technology has the ability to distract pilots–and entrepreneurs–from asking themselves if they’re both focused on and capable of solving the right problems. inc.com

Every business must consider how they would address a severe information technology outage and should take steps to protect and preserve business knowledge so that there is some hope of recovery from such an event. 

Mendelson Consulting and the Noobeh cloud services teams help businesses implement efficient workflows, consistent and effective processes, and technology to secure, support and maintain operational readiness. No matter how redundant the tech is or how thorough the planning is, there is always a possibility of an outage. Owners and managers should understand how to continue operations and handle business in the event the technology fails unexpectedly.

jm bunny feetMake Sense?

J

Posted on

PowerBI, Data Warehouses and Combining QuickBooks Enterprise Data with Other Data

Businesses of all types are looking for ways to discover more useful information hidden in their systems. With a desire to implement business intelligence tools such as Microsoft PowerBI, companies need the ability to combine and analyze data coming from a variety of sources. The data can help businesses inform their conclusions rather than leaving it up to “gut”, supporting decision making in all areas of the company.

The tools for exposing and combining data are many. Enterprise ETL (Extract/Transform/Load) products have been available for many years. When it comes to SMBs and the applications they utilize, the options aren’t quite as prevalent nor as powerful. In most cases, businesses are left to working with data exports and a bunch of linked Excel worksheets.

Noobeh understands that businesses need their data available for integration, analysis and reporting. Noobeh are experts in deploying SMB applications such as QuickBooks Enterprise desktop, Acctivate Inventory, Sage ERP, MISys Manufacturing and more, all on the Microsoft Azure platform, positioning the applications and their data perfectly for use in business analytics and data warehouses.

Data warehouses and data lakes are growing in popularity because there is simply too much disparate data present in any growing business to effectively analyze it one data silo at a time. The number and variety of data sources in a single small business can be far larger than the company realizes until it attempts to capture and report on that data.

Any approach to data warehousing should consider the potential number and variety of data sources involved. This is among the reasons for Noobeh electing to work with Microsoft Azure and PowerBI. The Azure platform provides the infrastructure services and platform tools to enable data connections needed, powering the data warehouse and exposing the data to PowerBI and other reporting and analysis tools.

Even QuickBooks Enterprise desktop data can be extracted into its own standalone data warehouse, connected to a broader data warehouse and then combined with other business data. When businesses can combine data from their various solutions, even those which may still be desktop-bound, the power of the information and intelligence contained in it can be revealed.

Whether the purpose is process improvement, performance monitoring, management reporting or combined operational intelligence, collecting and storing the data is the first step. Noobeh is there to help make it happen.

jm bunny feetMake sense?

J

Posted on

A Hurricane and the Port Workers Strike Force Conversation About Business Resilience and Continuity

Hurricane Helene is one of the biggest storms to have hit the Gulf Coast in years. An analysis done by a scientist at Colorado State University, Helene was larger than almost every storm that has hit the gulf since 1988. Only Opal and Irma were bigger than Helene. The toll in life and property is not small, nor is the disruption of services. There are troubles enough getting help and supplies to impacted areas, so the focus on doing everyday business just isn’t a thing.

To make matters worse, there is a strike going on right now. A big strike that is already impacting supply chains nationwide, and things will only get more strained the longer it lasts.

“The 2024 United States port strike is a labor strike involving over 45,000 port workers who are part of the International Longshoremen’s Association (ILA), impacting 36 ports across the United States primarily along the East Coast and the Gulf Coast.” (Wikipedia)

While there are many people currently facing larger life issues, the entire nation is forced to consider what happens now, and if they weren’t directly impacted by these events, what would they do if they were? It is a bit of a wake-up call for many business owners, because business interruptions can come from all angles, and it is always best to have made at least some attempt at a set of plans for when things happen.

One critical type of plan is about making the business more resilient and better able to recover or adapt. It’s a broad strategic plan that focuses on overcoming unexpected disruptions and adapting to changing conditions or circumstances. This includes addressing business continuity, which is about how operations may be maintained during a crisis. Business continuity planning is part of what makes a business resilient.

The Importance of Business Resiliency

Business resiliency has become a critical factor for success. In today’s rapidly changing world, the ability to stand up to or quickly recover from disruptions is no longer a luxury but an imperative. Resilience means being able to adapt to changes and challenges swiftly, maintaining continuity and minimizing losses. Customers want reliability, so a business that can continue to deliver products and services despite disruptions will build trust and loyalty, leading to long-term relationships and a strong reputation.

A resilient business will have contingency plans for finances, creating buffers to mitigate the impacts of short-term shocks so investments in long-term growth continue. Also, where competitors may struggle to cope, resilient companies may not simply continue to operate but even capitalize on new opportunities that arise from the changing landscape. When a business is prepared for disruptions, it can focus on growth and innovation rather than mere survival.

Technology plays a big role in developing resilience. Cloud solutions can ensure data is backed up and accessible from anywhere, cybersecurity solutions help protect businesses from cyber threats, and automation technologies streamline operations while reducing dependency on manual processes.

Prioritizing resiliency is crucial for small businesses to navigate uncertainties and thrive.

Mendelson Consulting and Noobeh cloud services help businesses of all sizes improve their agility, streamline operations and implement the technologies and services necessary to shore up business and operational continuity and improve overall resilience.

jm bunny feetMake Sense?

J