---

• Music report reveals revenues are now higher than global box office receipts
• The value of music sales and streaming has nearly doubled in a decade
• Revenues are growing 11% year on year, but artists aren't profiting

---

Here's a pair of facts we never thought we'd see: music is now a bigger business than cinema and vinyl is about to overtake CDs. That's according to a new report by Spotify's former chief economist, who's been tracking the value of the music business for a decade.

Will Page has spent ten years calculating the value of music copyrights and performing rights, which are the rights that generate payments when music is pressed onto records, streamed over Spotify or played on the radio. And the value of those copyrights has increased from $25 billion in 2014 to $45.5 billion now.

The movie business, by comparison, is a $33.2 billion business. While music has soared movies have declined: box office revenues peaked globally in 2019 at $41.9 billion.

Music revenues aren't necessarily going to artists – most of the music money goes to multiple middlemen; not all musicians who play music wrote it, and writing music is where the most valuable copyrights are – but the report details some fascinating trends.

The vinyl revival

(Image credit: Shutterstock)

In the US alone, Page says, vinyl will bring in $1 billion for record labels in 2024. That means vinyl revenues are about to overtake CDs, not just in the US but globally.

There's been a shift in how music generates money too. In 2023, revenues from live music performances overtook those for public performance licensing, which is when commercial premises such as shops or hotels pay a license to play music to their patrons.

Digital streaming, unsurprisingly, is now exceeding radio and other broadcasting; the latter used to account for over 50% compared to streaming's 5%, but streaming is the bigger money maker now.

And interestingly, there's been a significant increase in "glocalization". That's where artists from around the world sing in their own languages but have big hits elsewhere. For example, Colombian artists make more money from US streaming than they do from the entire Colombian music industry.

It's fascinating stuff, and you can get your music geek on by reading the full report.

You might also like

• These are the best turntables to enjoy that billion-dollar business
• Or check out our guide to the world's best music streaming apps
• Spotify Wrapped is coming soon – here's what you need to do first

from TechRadar - All the latest technology news https://ift.tt/fCyRKDd

The Samsung Galaxy S25 series has been extensively leaked at this point, and along with information on the likely Samsung Galaxy S25 specs and Samsung Galaxy S25 price, we’ve also heard details of the possible colors.

Below, you’ll find every color that’s been leaked so far for the Galaxy S25, Galaxy S25 Plus, and Samsung Galaxy S25 Ultra, along with any accompanying imagery we've seen, and our analysis of how likely we might be to see it.

We’ll also be updating this article any time we hear additional Samsung Galaxy S25 colors news, so be sure to check back soon.

Samsung Galaxy S25 and Samsung Galaxy S25 Plus colors

Samsung typically sells standard and Plus Galaxy S models in the same colors, so we predict that any color the Samsung Galaxy S25 is available in, the Samsung Galaxy S25 Plus will be sold in too. Below, you’ll find the shades that have been leaked so far.

Note though that the Samsung Galaxy S24 is only available in seven shades, while eight colors have leaked below, so there’s a good chance at least one of these won’t be happening.

Moon Night Blue

A leaked image of a Galaxy S25 SIM card tray (Image credit: Roland Quandt)

Moon Night Blue is one shade we’ll apparently get the Samsung Galaxy S25 and Galaxy S25 Plus in, and this color was first leaked by Ross Young, who has a decent track record.

Since then though, we’ve also seen leaked images of SIM card trays supposedly for the Samsung Galaxy S25 series, courtesy of leaker Roland Quandt, one of which comes in a dark blue color, as you can see above.

Moon Night Blue certainly sounds dark, so these are probably one and the same, and with two reputable sources having leaked this shade we’d say it’s likely to feature. We hope it does too, because dark blue is an interesting color option.

Silver Shadow

Image 1 of 2

A Samsung Galaxy S24 in Marble Gray (Image credit: Samsung)

Image 2 of 2

A leaked image of a Galaxy S25 SIM card tray (Image credit: Roland Quandt)

Ross Young also mentioned a Silver Shadow shade for the Galaxy S25 and S25 Plus, and this could be the same color as the leaked SIM card tray, pictured above. It could also perhaps look similar to the Marble Gray Samsung Galaxy S24.

If so, this would be a fairly understated and plain shade, but with a smart appearance that could appeal to a lot of people.

Sparking Blue / Sparkling Blue

Image 1 of 3

A leaked image of a Samsung Galaxy S25 in blue (Image credit: Tarun Vats)

Image 2 of 3

A leaked image of a Galaxy S25 SIM card tray (Image credit: Roland Quandt)

Image 3 of 3

A Samsung Galaxy S24 in Sapphire Blue (Image credit: Samsung)

Ross Young also mentioned a Sparking Blue shade, and we’ve seen exactly how that might look in the leaked Galaxy S25 image above, shared by Tarun Vats, though they instead call it Sparkling Blue, so we’re not certain which name is right.

This shade can also be seen on a leaked SIM card tray, so between these three leaks it seems highly likely to feature. However, it might not be overly new, as it looks somewhat similar to the Samsung Galaxy S24 in Sapphire Blue.

Sparkling Green

Image 1 of 2

A leaked image of the Galaxy S25 in green (Image credit: Tarun Vats)

Image 2 of 2

A leaked image of a Galaxy S25 SIM card tray (Image credit: Roland Quandt)

Sparkling Green is another Samsung Galaxy S25 shade that has extensively leaked, with Ross Young mentioning it by that name, Tarun Vats sharing a picture of it, which you can see above, and Roland Quandt sharing a picture of a SIM card tray in a green shade, albeit a slightly different green.

So this again seems a very likely color for the Samsung Galaxy S25 and Galaxy S25 Plus.

Midnight Black

Image 1 of 2

A Samsung Galaxy S24 in black (Image credit: Samsung)

Image 2 of 2

A leaked image of a Galaxy S25 SIM card tray (Image credit: Roland Quandt)

One final shade that might be widely available is Midnight Black, which was also leaked by Ross Young, and included in the SIM card tray leak, as you can see above.

Black is an extremely common and popular smartphone color, so it’s no surprise we might be seeing this, and it could look something like the Onyx Black Samsung Galaxy S24, which you can also see above.

One thing to note though is that Young mentioned this color in relation to the Samsung Galaxy S25 Plus but not the base model. However, since Samsung usually offers both the standard and Plus models in the same shades, we doubt this would be an exception.

Pink Gold

A Samsung Galaxy S22 in Pink Gold (Image credit: Samsung)

Some or all of the Samsung Galaxy S25 colors above are likely to be widely sold, but based on past form we’d additionally expect a few shades that will be exclusively offered on Samsung’s online store, and Pink Gold is one of these.

This Galaxy S25 shade was also leaked by Ross Young but so far not by anyone else, so we’re less confident of this than the options above. Still, pink gold and variations on that are popular options, and indeed you can get the Samsung Galaxy S22 in a pink gold color, as pictured above, so there’s a good chance we will see this.

Blue/Gold

Another Samsung Galaxy S25 shade that’s likely to be a Samsung store exclusive according to Young is Blue/Gold, which sounds like an interesting and unusual choice, as well as likely being quite different to anything you can get the Samsung Galaxy S24 in.

However, not only has this only been leaked by one source, but there are two other blue shades above, so we’re not sure Samsung would really sell the Galaxy S25 in three versions of blue.

We’d take this with a pinch of salt then, and if it does exist it might lean more towards gold than blue.

Coral Red

A Samsung Galaxy S23 Ultra in Red (Image credit: Samsung)

The final leaked Samsung Galaxy S25 shade is Coral Red, and this once again comes just from Ross Young, and once again would probably be a Samsung store exclusive if it’s sold at all.

You can’t get any Samsung Galaxy S24 models in a red shade, but the Samsung Galaxy S23 Ultra is available in red, as you can see above, so this might be something like that. In any case, this sounds like it would be one of the brightest and most eye-catching Samsung Galaxy S25 colors if it’s offered.

Samsung Galaxy S25 Ultra colors

The Samsung Galaxy S25 Ultra will probably be sold in a completely different selection of shades to those above, and leaks have given us a good idea of what.

Titanium Black

Image 1 of 2

A leaked Samsung Galaxy S25 Ultra render (Image credit: Android Headlines / @OnLeaks)

Image 2 of 2

A Samsung Galaxy S24 Ultra in Titanium Black (Image credit: Samsung)

Ross Young also leaked some Samsung Galaxy S25 Ultra colors, including Titanium Black, and a black Galaxy S25 Ultra shade has additionally been mentioned by leaker @UniverseIce.

So since this has been mentioned by two reputable sources we’d think it’s likely to happen, and it might look something like the black in the leaked Samsung Galaxy S25 Ultra render above.

In fact though, you can already get the Samsung Galaxy S24 Ultra in Titanium Black, so it will probably look near identical to that.

Titanium Blue

A Samsung Galaxy S24 Ultra in Titanium Blue (Image credit: Samsung)

Ross Young has also mentioned a Titanium Blue Samsung Galaxy S25 Ultra shade, while @UniverseIce just calls it blue, but either way, some version of blue is looking likely.

We don’t have any imagery of this, but it will probably look like the Titanium Blue Samsung Galaxy S24 Ultra, pictured above.

Titanium Gray

A Samsung Galaxy S24 Ultra in Titanium Gray (Image credit: Samsung)

Titanium Gray has also been mentioned by Ross Young as a Galaxy S25 Ultra color, while @UniverseIce refers to one shade just as ‘Titanium,’ which we suspect might be the same thing.

As with Titanium Blue there are no leaked images of this yet, but this is once again a shade you can get the Galaxy S24 Ultra in, as pictured above.

Titanium Silver

A Samsung Galaxy S21 Ultra in Phantom Silver (Image credit: Samsung)

We’ve also heard of a Titanium Silver option for the Samsung Galaxy S25 Ultra from Ross Young, though this one hasn’t been mentioned by any other sources, so we’re less sure whether this color will actually be available or not. It could well be though, especially as silver is a popular, smart, and stylish shade.

It’s also a color that you can’t get the Samsung Galaxy S24 Ultra in, but it could look something like the Phantom Silver Samsung Galaxy S21 Ultra.

Titanium Blue/Black

In addition to the shades above (which might be widely available) the Samsung Galaxy S25 Ultra will probably also be available in a few additional colors that can only be purchased from Samsung’s online store, and Titanium Blue/Black is one of them according to Ross Young.

Since Titanium Blue and Titanium Black have both also been mentioned by this source, the Blue/Black option would presumably sit somewhere between them, and it’s not a shade that’s currently available, so it could be quite interesting.

That said, since it has only been mentioned by one source we wouldn’t yet count on seeing it.

Titanium Jade Green

Image 1 of 2

A Samsung Galaxy S24 in Jade Green (Image credit: Samsung)

Image 2 of 2

A Samsung Galaxy S24 Ultra in Titanium Green (Image credit: Samsung)

Titanium Jade Green is another possible Samsung store-exclusive mentioned by Ross Young, while @UniverseIce has similarly mentioned a green shade.

This color would probably look something like the Jade Green Samsung Galaxy S24 or the Titanium Green Samsung Galaxy S24 Ultra, both of which are pictured above.

Titanium Pink Gold

Finally, Ross Young has mentioned Titanium Pink Gold as a possible Samsung store-exclusive for the Samsung Galaxy S25 Ultra, and this might look something like the Pink Gold Samsung Galaxy S22 pictured further up.

Pink Gold and Rose Gold shades seem to be widespread in smartphones, so it wouldn’t be surprising to see it show up here.

You might also like

• Samsung Galaxy S25 specs: all the key rumored specs for every model
• Samsung Galaxy S25 price rumors: how much is the S25 line likely to cost?
• Samsung Galaxy S25 Ultra – 5 of the biggest expected upgrades

from TechRadar - All the latest technology news https://ift.tt/HXx63TS

In December, Prime Video has a variety of content dropping throughout the month – and we're not just talking about TV shows and some of the best Prime Video movies. From Christmas specials, to live events, to docuseries, as we settle down for some quiet festive nights in, we'd be surprised if you didn't find something on December's schedule to enjoy.

Out of all the best streaming services, Prime Video has become known for its bountiful offerings each month that standout from the rest of the streaming pack. This month is no different. On December 1 alone, over 100 movies land on Prime Video and there's some real cult classics in the mix from Fatal Attraction to Total Recall joining our watchlist.

It's not just movies that you should be noting down in Prime Video's latest drop, but Christmas special Jack in Time for Christmas bringing many comedy stars, and Mr. Christmas himself Michael Bublé on December 3. Here's everything new on Prime Video in December 2024.

Everything new on Prime Video in December 2024

Arriving on December 1

All The Queen’s Men seasons 1-3 (TV show)
Anthony Bourdain: No Reservations seasons 1-8 (TV show)
Babylon 5 seasons 1-5 (TV show)
Falcon Crest seasons 1-9 (TV show)
Hatfields & McCoys (TV show)
Knots Landing seasons 1-14 (TV show)
Nikita seasons 1-4 (TV show)
Nip/Tuck seasons 1-7 (TV show)
Sisters seasons 1-6 (TV show)
A Haunting in Venice (movie)
A Scanner Darkly (movie)
After Hours (movie)
Alexander the Great (movie)
All Dogs Go to Heaven 2 (movie)
Almost Famous (movie)
Amistad (movie)
An All Dogs Christmas Carol (movie)
An Inconvenient Truth (movie)
Anger Management (movie)
Back to School (movie)
Balls Out (movie)
Batman v Superman: Dawn Of Justice Ultimate Edition (movie)
Bio-Dome (movie)
Born to be Wild (movie)
Bulletproof Monk (movie)
Cadillac Man (movie)
Child’s Play (movie)
Chorus Line (movie)
Cop Land (movie)
Critters (movie)
Death on the Nile (movie)
Deep Cover (movie)
Dick (movie)
Duck You Sucker – A Fistful Of Dynamite (movie)
El Cantante (movie)
Fatal Attraction (movie)
Ghost Town (movie)
Green Room (movie)
Gunfight at the O.K. Corral (movie)
Hansel and Gretel (movie)
Havoc (movie)
Hellraiser III: Hell On Earth (movie)
Hellraiser IV: Bloodline (movie)
Hellraiser VII: Deader (movie)
Hellraiser: Hellseeker (movie)
Hellraiser: Hellworld (movie)
Hellraiser: Inferno (movie)
Hercules (movie)
Hostile Witness (movie)
Hot Under The Collar (movie)
If Looks Could Kill (movie)
Imagine That (movie)
Jackie Chan’s First Strike (movie)
Joker (movie)
Justice League (movie)
Lara Croft: Tomb Raider (movie)
Last Vegas (movie)
Lawman (movie)
Lions for Lambs (movie)
Lost & Found (movie)
Major League (movie)
Mata Hari (movie)
Men at Work (movie)
Miami Blues (movie)
Monster Trucks (movie)
Mr. Nanny (movie)
Murder on The Orient Express (movie)
Nutcracker: The Motion Picture (movie)
Once Upon A Time In The West (movie)
One Crazy Summer (movie)
Osmosis Jones (movie)
Out of Time (movie)
Overnight Delivery (movie)
Paycheck (movie)
Pet Sematary Two (movie)
Pocketful of Miracles (movie)
Rain Man (movie)
Red Dawn (movie)
Revolutionary Road (movie)
Road to Perdition (movie)
Sabrina (movie)
Shooter (movie)
Sicario (movie)
Sicario: Day of the Soldado (movie)
Soapdish (movie)
Stephen King’s Thinner (movie)
Stop-Loss (movie)
SubUrbia (movie)
Tank Girl (movie)
Teen Wolf (movie)
The 11th Hour (movie)
The Adventures of Pluto Nash (movie)
The Art of War (movie)
The Batman (movie)
The Battle of Britain (movie)
The Brady Bunch Movie (movie)
The Crocodile Hunter: Collision Course (movie)
The Golden Child (movie)
The Great Train Robbery (movie)
The Island of Dr. Moreau (movie)
The Land that Time Forgot (movie)
The Last Waltz (movie)
The Perfect Holiday (movie)
The Private Life of Sherlock Holmes (movie)
The Thomas Crown Affair (movie)
The Thomas Crown Affair (movie)
The Untouchables (movie)
The Warriors (movie)
The Witches (movie)
The Wood (movie)
Thelma & Louise (movie)
Total Recall (movie)
Twilight Zone: The Movie (movie)
Under Fire (movie)
Vision Quest (movie)
Walking Tall (movie)
With Honors (movie)
Witness (movie)

Arriving on December 2

Angry Birds Mystery Island Part 3 (TV show)
Jack in Time for Christmas (Christmas special)

Arriving on December 4

Pop Culture Jeopardy! (TV show)

Arriving on December 5

Glitter & Greed: The Lisa Frank Story (TV show)
The Red Virgin (movie)

Arriving on December 6

ONE Fight Night (live event)
The Sticky (movie)

Arriving on December 10

Secret Level (TV show)
The Bikeriders (movie)

Arriving on December 11

Knives Out (movie)

Arriving on December 13

Beau Is Afraid (movie)

Arriving on December 19

Beast Games (TV show)
The Creator (movie)

Arriving on December 23

ChiefsAholic: A Wolf in Chief’s Clothing (documentary)

Arriving on December 25

The Equalizer 2 (movie)

Arriving on December 27

Culpa Tuya (“Your Fault”) (movie)
When You Finish Saving the World (movie)

Arriving on December 31

A Quiet Place: Day One (movie)

You might also like

• 4 spy shows on Prime Video with over 80% on Rotten Tomatoes
• Prime Video is getting more free TV content following the upcoming closure of Amazon Freevee
• Prime Video's new crime comedy The Sticky looks like Breaking Bad with maple syrup instead of meth

from TechRadar - All the latest technology news https://ift.tt/Bow5Djq

As we reflect on the recent launch of the iPhone 16 Pro, there is no doubt that Apple has delivered yet another technically impressive device, packed with iterative improvements in hardware and software. But the conversation around this latest release extends far beyond improved battery life, camera enhancements, and design tweaks—it is also about the transformative power of AI and its potential to redefine how consumers interact with their mobile devices.

With its promise of Apple Intelligence, the latest generation of iPhones has set the stage for what could be a pivotal shift in mobile technology. While AI has long been used behind the scenes in smartphones, quietly optimizing processes such as battery life, predictive maintenance, and app performance, we are now standing at the threshold of a new era—one in which AI will move from the background to the forefront of the mobile device user experience.

AI’s role in mobile devices today: optimization without awareness

Until now, AI has played a vital but largely invisible role in enhancing smart device performance, with AI-driven algorithms helping to manage power consumption and ensuring that consumers’ devices can last longer between charges. Smartphone cameras have long been using AI to recognize scenes and adjust settings automatically, or facilitate predictive text, which helps users streamline typing, autocorrect errors and anticipate common combinations of words. These features have all resulted in a better user experience and enhanced the value of phones and tablets, but they have not fundamentally changed how users interact with their devices.

In fact, most consumers are unaware of the significant role AI already plays in these background tasks. A recent Pew Research Center survey found that about half of Americans are aware they are interacting with AI within their lives weekly, and only 27% understand that they are interacting with AI constantly or several times a day. That is precisely the challenge AI must overcome if it is to cross the transformative threshold. The true potential of AI lies not in passive optimizations, but in more active engagement with users, shaping the way they utilize their mobile devices in real time.

Imagine a mobile interface that intuitively understands your preferences, anticipates your needs, and adapts to your behavior in real time. This is the future we are moving toward—one where AI-driven interfaces offer a level of personalization and convenience that unlocks entirely new ways for us to communicate, create and experience.

Apple Intelligence, as integrated into the iPhone 16, promises to take this leap. While much of its functionality will roll out over the coming months, it is designed to enhance consumer experiences by predicting what users want to do next—whether it is suggesting apps based on recent activity or providing personalized content recommendations. Its potential is enormous, and though the iPhone 16 is grabbing a lot of recent headlines, exciting AI strides are being made across the industry.

Overcoming the barriers: technology, privacy, and trust

Of course, crossing this AI threshold does not come without challenges. To deliver transformative experiences, mobile devices must be equipped with powerful neural processing units (NPUs) and sophisticated software capable of supporting real-time AI interactions. And any disruptions in the global supply chain of the critical chipsets could have impede the progress of AI. The iPhone 16’s hardware, with its enhanced memory and upgraded processor, is laying the groundwork, but the real test will come when features like Apple Intelligence are fully operational.

Equally important is addressing the ethical and privacy concerns that come with AI-driven personalization. Consumers are increasingly wary of how their data is being used, and for AI to succeed, companies must prioritize transparency and security. Another study by Pew Research Center found that 71% of Americans are concerned about how companies use their data. Apple's commitment to on-device processing, where sensitive data stays on the device, is a step in the right direction.

In the long term, for AI to become a fundamental part of the mobile user experience, companies must build trust by demonstrating that it can enhance security, efficiency, and convenience without compromising user privacy.

The potential of AI-driven mobile experiences

The iPhone 16 and its AI capabilities are just the beginning. What will truly differentiate future smart devices is how well they integrate AI into the user's daily life.

We are already seeing glimpses of this future in features such as Google’s Circle-to-Search on Pixel devices and Samsung’s AI-powered photo editor tools, which allow users to remove unwanted objects from photos with ease. Tools that boost productivity, such as call transcripts and live translations, are invaluable for busy people and those working in a multi-lingual setting. AI can also offer breakthrough aids for individuals with disabilities. For instance, cameras can give visual prompts to help visually impaired people take photos effortlessly.

We have also seen speculation about whether AI features could trigger the next supercycle of handset upgrades. According to IDC, “the buzz created by Gen AI smartphones, (is) expected to grow faster than any mobile innovation we have seen to date and forecast to capture 19% of the market with 234 million shipments this year." Some analysts predict that the integration of Apple Intelligence will drive early adopters to upgrade en masse, while others argue that economic factors may temper consumer enthusiasm. According to a Canalys report, in 2024 16% of global smartphone shipments will be AI enabled, growing to 64% by 2028 resulting in a staggering 63% Compound Annual Growth Rate (CAGR).

It is important to note that while AI has the potential to transform mobile experiences, it may not be enough to convince the average consumer to spend $1,200 or more on a new device, especially if the benefits are not immediately tangible. The real question is whether AI can deliver enough value to justify the cost of upgrading, and that remains to be seen.

Conclusion: the future of AI in mobile devices

It will be up to consumers whether manufacturers are delivering on the promise of AI, but we are clearly on the cusp of something transformative. The challenge for smartphone makers is to deliver tangible, meaningful benefits to users while maintaining their trust and safeguarding their privacy. If they can deliver on these promises, the future of mobile technology looks brighter than ever.

We list the best AI tools.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

from TechRadar - All the latest technology news https://ift.tt/osSP8aL

Artificial intelligence has rapidly become a cornerstone of modern business, driving innovation and efficiency across industries. Yet, as companies increasingly rely on AI tools to handle sensitive tasks, they are also opening themselves up to new security vulnerabilities.

Businesses integrating AI into their operations means AI entities are becoming more autonomous and gaining access to more sensitive data and systems. As a result, CISOs are facing new cybersecurity challenges. Traditional security practices, designed for human users and conventional machines, fall short when applied to AI. So, it’s vital for companies to address emerging vulnerabilities if they are to prevent security issues from unchecked AI integration and secure their most valuable data assets.

AI: more than just machines

Every single type of identity has a different role and capability. Humans usually know how to best protect their passwords. For example, it seems quite obvious to every individual that they should avoid reusing the same password multiple times or choosing one that’s very easy to guess. Machines, including servers and computers, often hold or manage passwords, but they are vulnerable to breaches and don’t have the capability to prevent unauthorized access.

AI entities, including chatbots, are difficult to classify with regard to cybersecurity. These nonhuman identities manage critical enterprise passwords yet differ significantly from traditional machine identities like software, devices, virtual machines, APIs, and bots. So, AI is neither a human identity nor a machine identity; it sits in a unique position. It combines human-guided learning with machine autonomy and needs access to other systems to work. However, it lacks the judgment to set limits and prevent sharing confidential information.

Rising investments, lagging security

Businesses are investing heavily in AI, with 432,000 UK organizations – accounting for 16% – reporting they have embraced at least one AI technology. AI adoption is no longer a trend; it’s a necessity, so spending on emerging technologies is only expected to keep rising in the coming years. The UK AI market is currently worth over £16.8 billion, and is anticipated to grow to £801.6 billion by 2035.

However, the rapid investment in AI often outpaces identity management security measures. Companies don’t always understand the risks posed by AI. As such, following best practices for security or investing enough time in securing AI systems is not always top of the priority list, leaving these systems vulnerable to potential cyberattacks. What’s more, traditional security practices such as access controls and least privilege rules are not easily applicable to AI systems. Another issue is that, with everything they already have going on, security practitioners are struggling to find enough time to secure AI workloads.

CyberArk’s 2024 Identity Security Threat Landscape Report reveals that while 68% of UK organizations report that up to half of their machine identities access sensitive data, only 35% include these identities in their definition of privileged users and take the necessary identity security measures. This oversight is risky, as AI systems, loaded with up-to-date training data, become high-value targets for attackers. Compromises in AI could lead to the exposure of intellectual property, financial information, and other sensitive data.

The threat of cloud attacks on AI systems 

The security threats to AI systems aren’t unique, but their scope and scale could be. Constantly updated with new training data from within a company, LLMs quickly become prime targets for attackers once deployed. Since they must use real data and not test data for training, this up-to-date information can reveal valuable sensitive corporate secrets, financial data, and other confidential assets. AI systems inherently trust the data they receive, making them particularly susceptible to being deceived into divulging protected information.

In particular, cloud attacks on AI systems enable lateral movement and jailbreaking, allowing attackers to exploit a system’s vulnerabilities and trick it into disseminating misinformation to the public. Identity and account compromises in the cloud are common, with many high-profile breaches resulting from stolen credentials and causing significant damage to major brands across the tech, banking and consumer sectors.

AI can also be used to perform more complex cyberattacks. For example, it enables malicious actors to analyze every single permission that’s linked to a particular role within a company and assess whether they can use this permission to easily access and move through the organization.

So, what’s the sensible next step? Companies are still at the beginning of the integration of AI and LLMs, so establishing robust identity security practices will take time. However, CISOs can’t afford to sit back and wait; they must proactively develop strategies to protect AI identities before a cyberattack happens, or a new regulation comes into place and forces them to do so.

The key steps for strengthening AI security

While there is no silver bullet security solution for AI, businesses can put certain measures in place to mitigate the risks. More specifically, there are some key actions that CISOs can take to enhance their AI identity security posture as the industry continues to evolve.

Identifying overlaps: CISOs should make it a priority to identify areas where existing identity security measures can be applied to AI. For example, leveraging existing controls such as access management and least privilege principles where possible can help improve security.

Safeguarding the environment: It’s crucial that CISOs understand the environment where AI operates to protect it as efficiently as possible. While purchasing an AI security platform isn’t a necessity, securing the environment where the AI activity is happening is vital.

Building an AI security culture: It’s hard to encourage all employees to adopt best identity security practices without a strong AI security mindset. Involving security experts in AI projects means they can share their knowledge and expertise with all employees and ensure everyone is well aware of the risks of using AI. It’s also important to consider how data is processed and how the LLM is being trained to encourage employees to think of what using emerging technologies entails and be even more careful.

The use of AI in business presents both great opportunities and unprecedented security challenges. As we navigate this new landscape, it becomes clear that traditional security measures are insufficient for the unique risks posed by AI systems. The role of CISOs is no longer simply about managing conventional cybersecurity threats; it now involves recognising the distinct nature of AI identities and securing them accordingly. So, businesses must make sure they invest time and resources in finding the right balance between innovation and security to keep up with the latest trends while protecting their most valuable assets.

We've listed the best Objectives and Key Results (OKR) software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

from TechRadar - All the latest technology news https://ift.tt/IVksb6C

At a time when the risks of AI-powered and advanced email-borne cybersecurity threats dominate the news agenda, it might be easy to overlook the dangers of some of the age-old attack vectors that continue to be exploited by cybercriminals.

For industries that rely on removable media – such as USB drives – there is a continued need for vigilance as these devices have the potential to trigger damaging and highly costly cyberattacks.

The resurgence of USB-based attacks

USB devices are commonly used in a number of core Critical National Infrastructure (CNI) sectors such as manufacturing, utilities and healthcare. These sectors rely on USB drives to transfer data in environments with limited or no internet access, such as air-gapped systems that isolate critical assets and data from external networks for security purposes.

In operational technology (OT) environments USB drives are often the only practical way to transfer data between systems that are deliberately kept offline, making them a common tool for software updates or data migration.

This widespread use makes USB drives a prime target for cyberattacks. One prominent example is the Sogu malware, deployed by the hacker group UNC53, which used infected USB drives to infiltrate multiple organizations last year. This campaign targeted industries in countries like Egypt and Zimbabwe, where USB drives are integral in day-to-day business operations.

Recent USB-based attack techniques have grown in sophistication, often bypassing advanced security layers by exploiting the inherent trust between the USB device and the host.

Longstanding techniques like “Rubber Ducky” keystroke attacks, which silently copy user activity and send information back to the attacker’s host system, are being deployed in new ways. For example, some human interface devices (HIDs) like mice and keyboards can have their firmware modified to inject the keystrokes to install covert malware.

A favorite for penetration testers and social engineers alike looking to entice unwary employees or visiting partners to pick up and insert a compromised USB device.

Why securing removable media presents a unique challenge

Managing removable media presents several challenges, particularly in OT-heavy environments.

USB-based attacks bypass traditional network security, allowing attackers to exfiltrate sensitive data or gain long-term access to systems. These attacks are especially dangerous in isolated systems, where the lack of network connectivity can delay detection and prolong attackers' dwell time.

This makes them a perfect vector for malware infections, data breaches, and unauthorized access. Infected USB drives can easily introduce malicious software into systems that aren’t regularly monitored, leading to potential data loss or operational disruptions. Without strict device and data controls, USB drives can introduce malware or allow unauthorized access to sensitive systems.

One of the key challenges that organizations have in addressing these security risks is that they often lack visibility into what people and what devices they connect to their systems or how data is transferred, making policy enforcement more challenging.

It’s not only the security risks of malware that present a problem; the theft or loss of unencrypted data on removable media, poses a significant risk, particularly in highly secure environments.

How to keep malicious data from USB drives out of the system

Mitigating these risks requires a multi-layered approach to security that combines both technical and policy-based solutions. Real-time monitoring of devices is essential; any USB connected to a system should be scanned for malware and suspicious activity, enabling threats to be detected before they compromise the network.

Data sanitization plays a key role in this process. By cleaning files transferred via USB, organizations can remove any hidden malware or malicious content, ensuring that only safe data enters their network.

For organizations in the CNI sector, a more robust solution might include air-gapped systems combined with a cybersecurity kiosk that scans and sanitizes all incoming and outgoing media. Cleaning all files of malicious content using Content Disarm and Reconstruction (CDR) techniques and placed in secure isolated data vaults. Only sanitized and validated data from these vaults being allowed access into the operational technology networks. These systems ensure that any device entering a secure environment is first cleared of potential threats, adding an extra layer of protection.

Controller access and policies are key

In addition to these technical controls, policy measures governing the use of removable media are a vital component of a strong defense.

Organisations should implement strict controls over which USB devices can access critical systems and regulate the types of files that can be transferred onto any removable media. By limiting access to authorised personnel and approved data, companies can minimise the risk of devices compromising their network. Policies and procedures should mandate that any USB drive should be scanned and its contents sanitised before its data is allowed into the organisations. This can be achieved at scale using a dedicated scanning kiosk application.

Employee and supply chain partner education is also crucial. The root cause of USB-based attacks can often be traced back to human error - such as using unsecured or unauthorized devices - and comprehensive training can help mitigate these risks. Users should be taught about encryption, the dangers of using unknown USB devices, and best practices for safely ejecting devices to prevent data corruption or malware. In high-risk sectors, regular audits of how USB drives are being used and how security protocols are being followed can further strengthen an organization's defenses.

Keeping USB drives on the cybersecurity agenda

USB devices remain a significant security threat, especially in sectors where they are essential for data transfer. Even organizations that don’t routinely use removable media in their workflows should be aware of the threat they pose.

A comprehensive approach that combines real-time monitoring, device control, and data sanitization, along with strict access policies and user education, will cover all the bases and minimize the chances of falling victim to USB-borne threats.

We've rated the best identity management software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

from TechRadar - All the latest technology news https://ift.tt/oF6l2YW

Update: On November 27, 2024, we made some edits to reflect some corrections made to the Top10VPN report about alleged issues with SNI (Server Name Indication) encryption that mistakenly indicated that Private Internet Access (PIA) and some other services were occurring when the VPN was on.

Not all premium VPN services protect your privacy equally, with over half of the most popular services suffering some form of data leak. At least three apps also shared your personal information "in a way that put user privacy at risk."

These are the main findings from new research conducted by Top10VPN based on the 30 most popular premium providers for Android devices. These include some of the best VPN apps on the market, such as NordVPN, ExpressVPN, Proton VPN, and Surfshark.

"I don’t want to exaggerate the level of risk. For most users, it is fairly low, but it does depend on your threat model," Simon Migliano, Head of Research at Top10VPN, told TechRadar, noting Avira Phantom VPN and FastestVPN as the paid Android VPNs to "absolutely" avoid.

Paid Android VPN apps' privacy fails

As mentioned, Migliano conducted testing on the 30 most popular paid Android VPNs to identify potential safety issues within the apps – you can find the full list of services analyzed here.

These tests focused on different areas, namely DNS and other data leaks, VPN encryption, VPN tunnel stability, risky app permissions, risky use of device hardware features, and data collection and sharing.

The most surprising result for Migliano was that half of the top paid VPNs tested (15) failed to ensure SNI (Server Name Indication) was encrypted for all server connections the apps make. SNI is an extension to the TLS protocol that a client needs to indicate the hostname of the server it’s trying to connect to during the handshake process.

It's worth stressing that SNI visibility occurred only on server requests made before the VPN tunnel was established. Migliano didn't find any suggestions that any VPN with this issue had a leaky tunnel once the connection was established. 

While this leak may be relatively minor for most people, "It’s an oversight that could land someone in trouble with their school or workplace if VPNs aren’t allowed on the network, or even in legal trouble somewhere like Turkey or China, where VPNs are heavily regulated," Migliano added.

Did you know?

(Image credit: Shutterstock)

A virtual private network (VPN) is security software that encrypts your internet connection to prevent third parties from accessing your data in transit and snooping on your online activities. At the same time, it also spoofs your real IP address location for maximum anonymity, granting you access to otherwise geo-restricted content.

At least seven Android VPNs also leaked DNS requests – meaning the device's request to a Domain Name System server to provide an IP address for a given hostname.

Again, these data leaks aren't critical and happen only under very specific circumstances, so it won't be a big issue for most users. That said, Migliano believes that "a properly configured VPN should terminate all existing network connections to prevent this from happening."

This is why, if private browsing is crucial for you, he suggests avoiding the VPNs impacted by this issue, namely HMA!, Private VPN, Mozilla VPN, Privado, VyprVPN, X-VPN, and Avira Phantom.

FastestVPN was another big no for Migliano on this front. He said: "I could never recommend FastestVPN after it exposed my email address in clear text in the headers of a server request to a geolocation API, which is unforgivable."

While way better than free VPN apps, data collection and sharing may also be an issue for some providers. Migliano found seven apps out of 30 analyzed to pose a potential privacy risk due to embedded tracking code from advertisers and data brokers. Yet, only two VPNs (VPN Unlimited and Hotspot Shield) were found guilty of actually sharing data in practice, while X-VPN employed poor data-sharing practices.

VPN encryption for paid services was good overall. Yet, while seven apps failed to use the latest version of TLS to establish the VPN tunnel (AES-256), Avira Phantom made use of the deprecated SSLv2 protocol which, Migliano noted, has long been considered insecure.

from TechRadar - All the latest technology news https://ift.tt/Wbn2SUM

The finance sector, widely regarded as a trend-setter for new and emerging technologies, is once again leading from the front. Since the rollout of the “open banking” initiative, which allows financial data to be shared between banks and third-party service providers, the pace of innovation in the sector has skyrocketed.

Credit scoring has become streamlined, anti-money laundering (AML) techniques have become more advanced, real-time trading is the new standard, and financial services companies like banks are competing to provide the best customer experience.

It's not just consumers that stand to benefit either. In the UK, where the concept of open banking experienced its first real breakthrough, the NatWest Group reports that 66% of businesses save roughly 150 hours every year on operational tasks thanks to open banking initiatives.

All of this is made possible through the use of Application Programming Interfaces, or APIs. APIs are software-based intermediaries that allow different applications to communicate and share data securely and efficiently. Not only does this create a more “joined up” financial ecosystem for business and customers, it paves the way for innovative new services, solutions and business cases.

Financial institutions like Standard Chartered have even established API marketplaces to streamline the integration of third-party services, promoting a more competitive and customer-centric financial ecosystem. This interconnectedness ultimately leads to improved user experiences and operational efficiencies, as well as a competitive edge for those finance companies with the ambition and resources to take advantage.

Payments and transactions

APIs have already revolutionized the way payments and transactions are handled in the financial sector, enabling smoother, faster, and more secure processes. For instance, companies like PayPal now release APIs to allow developers to integrate payment gateway services seamlessly into various platforms, allowing users to initiate transactions directly from apps or websites without being redirected.

This not only enhances user convenience but also boosts transaction speed and security. Real-time credit card processing, instant fraud detection, and integration with multiple payment gateways also significantly improves the overall transaction experience for both businesses and consumers. This is a perfect example of the flexibility and scalability that APIs can facilitate to allow businesses to change to meet market demands and customer expectations.

Trading and investments

Significant advancements in the trading and investment sector are also being driven by APIs, making services more accessible and efficient. Robinhood's launch of a crypto trading API is a prime example, offering users the ability to trade cryptocurrencies seamlessly through third-party platforms.

This innovation democratizes access to trading apps, allowing for real-time data exchange, automated trading strategies, and integration with financial advisory services. APIs enable traders to connect with multiple markets and data sources, ensuring they have the most accurate and up-to-date information to make informed investment decisions.

Anti-Money Laundering (AML)

APIs are quickly becoming essential tools in the fight against money laundering, offering real-time capabilities to detect and prevent fraudulent activities. By integrating APIs into their systems, financial institutions can quickly analyze large volumes of transaction data, identify suspicious patterns, and comply with regulatory requirements.

These APIs facilitate the seamless exchange of information between different platforms and databases, ensuring that potential money laundering activities are flagged and investigated promptly. Advanced machine learning algorithms can also be integrated via APIs to enhance the accuracy and efficiency of anti-money laundering efforts, safeguarding the financial ecosystem against illicit activities.

Credit scoring and the customer experience

Thanks to APIs, traditional credit scores, which often rely on limited financial data, are now being supplemented with alternative data from utilities, rent payments, and even social media activity. This creates a more holistic view of a customer's creditworthiness for lenders and reduces the time it takes to get approved.

APIs are also enhancing the customer experience by enabling personalized financial services, integrating customer data across various touchpoints and providing tailored advice and products that meet individual needs. The way is also being paved for the development of intuitive mobile apps and online platforms that allow customers to access and manage all their finances in one place, giving people greater control and flexibility over how they manage their money.

APIs are not just driving innovation in the financial sector; they are setting new standards for efficiency, security, and customer satisfaction. As long as financial institutions continue to leverage the power of APIs, opportunities for growth and transformation will follow.

We list the best personal finance software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

from TechRadar - All the latest technology news https://ift.tt/oI0jfvi

---

• A leaked video seemingly shows the Samsung Galaxy S25 Ultra
• You can see rounded corners and changes to the camera block
• Another leaker claims the video is genuine

---

The Samsung Galaxy S25 Ultra could be launching in just under two months' time, so it’s no surprise that leaks are starting to show the phone in all its glory. Indeed, we've now seen what appears to be a hands-on video of the device.

The clip – which was originally posted to Reddit by u/ChemicalAir2655, and spotted by X user @DalgleishGX (via NotebookCheck) – is brief, at just ten seconds long, but it appears to show the top half of a phone that looks a lot like the Samsung Galaxy S24 Ultra, except with noticeably more rounded corners; a change that has previously been rumored for the S25 Ultra.

It also looks like the camera lenses might have slightly larger rings around them, but beyond that, this device looks very similar to the Galaxy S24 Ultra, complete with four cameras on the back, in the same arrangement.

The Samsung Galaxy S25 Ultra is absolutely stunning.Credit to Reddit user u/ChemicalAir2655 for the Video. pic.twitter.com/kxGuRMtJ61November 25, 2024

A glimpse of gray

The video appears to show the phone in a gray shade, which a previous leak suggests will be called Titanium Gray. This color will supposedly be joined by Titanium Black, Titanium Blue, and Titanium Silver options.

And while we’d always take 'leaked' videos such as this one with a pinch of salt, @UniverseIce (a leaker with a great track record) has since posted claiming that this is “obviously the S25 Ultra”, so there’s a good chance it's the real deal.

That said, even if the video is real, it’s likely showing off a non-final version of the handset, so there may be some changes to the Galaxy S25 Ultra before launch. In any case, if the Samsung Galaxy S25 Ultra is landing on January 22 as has been rumored, then Samsung doesn’t have much time to make any adjustments.

You might also like

• Samsung Galaxy S25 Ultra – 5 of the biggest expected upgrades
• Samsung Galaxy S25: latest news, rumors and everything we want to see
• Best Samsung phones: top Galaxy handsets ranked

from TechRadar - All the latest technology news https://ift.tt/UF5PZ4g

Almost any business will tell you, with very good reason, that its most important asset is its people. A services provider without people is just an empty office, a manufacturer just idle heavy machinery, and a health system just a collection of empty beds.

This truth is not going to change, but in recent years the picture of an organization's value beyond its people has been fundamentally transforming. Where different sectors might once have given very different accounts of where their value lies, today the second greatest asset is becoming, in the majority of areas, data.

More digitalized tools, infrastructure, and processes which are more highly connected have delivered an explosion of data which offers deeper insights into customers, more efficient operations, higher quality innovation, faster decision-making, and more besides. Data, in short, is promised to enable all the agility and responsiveness that businesses need to drive growth.

The promise of artificial intelligence

Of course, as any CTO or CIO tasked with leveraging data into a competitive advantage knows, raw data itself is only a promised, hypothetical benefit. The exponential growth in data does not arrive in an easily-usable form, precisely because it is coming from everywhere. Sources like connected devices and physical sensors, financial transactions and website user journeys, social media chatter and market trends all collectively emit a vast, chaotic stream of information for businesses to manage.

That chaos leaves technology leaders juggling two significant pressures. First is the spiraling cost of storage. Knowing that value may be embedded in all of this data incentivizes keeping as much of it as possible around, which – especially with heavier formats like video and audio – can lead to storage bills running into the millions per year.

The growing weight of IT costs itself exacerbates the second major pressure: rising expectations around finding value in the noise of business data. In particular, businesses are increasingly seeking to respond to the overwhelming nature of modern business data by deploying AI, aiming to find workflows with it that can (unlike human-driven processes) scale seamlessly with data volume by adding additional computational resources.

However, this leads to something of a paradox: while emerging AI tools certainly have the ability to deal with data at scale and make it valuable, those tools are as a rule only as good as the data they are given. Bad, irrelevant, or incorrect data, stored in unhelpful or contradictory formats or locations, will not deliver the AI-driven value that businesses expect. The AI answer to business data challenges relies on first solving some of the challenges that businesses experience around organising and managing their data in the first place.

Understanding what matters

The idea that the quality of an AI solution’s output is limited by the quality of the data you feed it has been a common statement since the latest boom in AI technology kicked off a few years ago. ‘Garbage in, garbage out’ has been a saying in the IT industry for an extremely long time, and it remains true today.

However, that leaves an open question about what ‘good’ data actually looks like for businesses seeking to use AI to find those growth-enabling advantages that it promises. One way to look at this is to go back to that fundamental fact that the most valuable thing a business has is its people, and so the data has to work for the people who need it.

We know from experience of working with large organizations to transform their data strategies that, typically, half of all data on record is noise. That might be duplicated information, outdated information, or information that never needed to be stored in the first place. Around another quarter of an organization's information will be necessary for paper trails rather than actual application uses: knowing the journey that a piece of information has been on is important for an audit, but not for the end user.

And then, not all of the remaining data which is relevant and necessary is of equal status. Details of a customer’s unfulfilled order need to be instantly available, for instance, but invoices from a decade ago can probably be placed in slower-to-access cold storage in order to save on expense and energy.

We’ve likely all been in situations where getting the information we need at work means combing through layers of unhelpful or unnecessary files and records. If a business wants to deploy an AI solution like a chatbot to empower employees or customers to access that data more effectively, that underlying challenge doesn’t go away: whether it is operating on a traditional database or a lake of unstructured media data, the AI solution needs access only to what actually matters.

Step one, therefore, is making sure that the data is relevant and well-managed from a human perspective.

The useful data a business generates might be in the minority, but it is by no means small – and it will continue to grow at pace. Scalable AI solutions will be vital for getting value out of that data, but the process starts with a transformational approach to the organization's data strategy that puts the foundations for success in place.

We list the best employee management software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

from TechRadar - All the latest technology news https://ift.tt/4jiqsgm

---

• Companies are keen to do more with AI, but are lacking capabilities, report finds
• Cisco AI Readiness Index shows barely any firms feel ready to get the maximum from AI
• Lack of skills and proper infrastructure also remain a challenge for many

---

Many companies are desperate to use AI in their workplace, but simply don't have the skills or talent required to do so effectively, new research has claimed.

Covering nearly eight thousand companies, the latest AI Readiness Index from Cisco has found only 13% of companies feel they are fully ready to capture the potential of AI tools.

This is even a fall from the previous year, but comes alongside a growing urgency from bosses to ensure they don't fall behind when it comes to the advantages AI technology can bring.

AI struggles

The study found nearly all companies (98%) said there was an increased urgency to deploy AI over the past 12 months, despite readiness for the technology declining.

This readiness was not helped by the apparent shortfall in back-end technology, with networks in particular not equipped to meet the strain of AI workloads, as the study found only 21% of companies believed they had the necessary GPUs to meet current and future AI demands.

Security was also a concern, as less than a third (30%) of firms said they had the capabilities to protect data in AI models with end–to–end encryption, security audits, continuous monitoring and instant threat response.

However this is not to say that the outlook is necessarily bleak for firms looking to use AI, as budgets are set to evolve as the technology landscape changes.

The study found roughly 30% of IT budgets will be dedicated to AI, nearly double the current fuigure, and nearly half of companies say although AI implementations across top priorities have fallen short of expectations so far, nearly two-thirds (59%) believe the impact from AI investments will surpass expectations after five years.

Nearly two-thirds (66%) of boards are also reportedly highly or moderately receptive of focusing more on AI in the future, potentially signalling further support - although the study did note this was down from 82% last year.

“Eventually there will be only two kinds of companies: those that are AI companies, and those that are irrelevant. AI is making us rethink power requirements, compute needs, high-performance connectivity inside and between data centers, data requirements, security and more,” said Jeetu Patel, Chief Product Officer at Cisco.

“Regardless of where they are on their AI journey, organizations need to be preparing existing data centers and cloud strategies for changing requirements, and have a plan for how to adopt AI, with agility and resilience, as strategies evolve.”

You may also like

• UK consumers set to rely on "buy now pay later" and AI for the best savings this shopping season
• These are the best productivity tools around right now
• And we've also wrapped up the best online collaboration tools on offer

from TechRadar - All the latest technology news https://ift.tt/yLAdsw2

IT downtime costs businesses over £300 billion annually. 2024 alone has proven that organizations are deeply vulnerable to IT outages, which resulted in widespread disruptions in sectors including healthcare, aviation and banking. However, these critical services cannot afford a single minute of downtime as this significantly impacts emergency services and the business’s bottom line.

These disruptions have exposed the risk of complex digital environments and the vulnerabilities existing within many companies’ IT infrastructure. As such, organizations should explore prevention strategies and impact mitigation to safeguard their business. By addressing cybersecurity breaches within hybrid cloud environments and implementing contingency measures, CIOs can strengthen resilience against potential IT outages. Here are four strategies that CIOs should consider.

Evaluate existing infrastructure

To effectively prepare against future service outages, CIOs must first look within - to gain a better understanding of their weaknesses and bottlenecks. This assessment of their existing infrastructure should include an extensive audit of all legacy systems, interdependencies and business continuity planning.

Once they have a holistic view of their existing infrastructure, CIOs can make the necessary changes to their mission-critical systems. Attention should be given to those areas most vulnerable to potential outages or those that would cause the most damage to data security and operations should they be offline.

A key part of this evaluation process should be testing backup systems and failover mechanisms crucial for business continuity when IT disruptions occur. Reducing downtime and keeping services online will be a priority for any CIO amidst unexpected outages.

Adopt bespoke cloud solutions

Cloud-based solutions improve resilience against outages, vital for organizations handling sensitive data. CIOs should seek to unlock the potential of hybrid cloud and combine the scalability and cost-efficiency of public clouds with the enhanced security and risk mitigation capabilities of private infrastructure.

The global hybrid cloud market size was valued at $73.5 billion in 2023 – and is projected to reach $210.4 billion by 2032 so it’s unsurprising that organizations are adopting a hybrid cloud approach to further enhance resilience. A hybrid cloud approach provides a robust and flexible IT environment which backs up legacy systems and spreads workloads between several cloud providers to limit their reliance on a single point of failure. However, when moving to the public cloud, CIOs must consider data sovereignty to comply with local regulations, for example, selecting a provider that complies with GDPR in the UK or the CPPA in the US.

For this to be successful, employees need the necessary training to work across multiple cloud computing providers so critical operations can continue uninterrupted through other cloud platforms.

Reduce security vulnerabilities

Alongside adopting cloud solutions that enhance resilience against outages, CIOs should frequently update systems to protect themselves against service disruptions. Recent outages have demonstrated that not all businesses are testing and implementing these patches as carefully as they should, so it’s crucial to ensure being top of patch management to mitigate the threat of cyber vulnerabilities.

To increase their threat detection, CIOs need to strengthen their cyber intelligence, security analytics, alerts and response services. A key stage in this process is monitoring and analyzing vast quantities of traffic and events in real time.

CIOs should also have an incident response plan to combat multi-cloud vulnerabilities. With the appropriate planning, procedures, controls and cloud-specific response policies, they can limit the potential issues caused by security breaches and ensure a quick recovery after incidents occur.

Build a skilled IT workforce

Communication gaps between IT security teams and senior corporate leaders can create significant gaps in application and broader service security. This is proof that CIOs can’t prepare their organizations for IT outages alone. Successful outage prevention and recovery relies on a workforce that is technologically competent and has the skills needed to work together towards resilience strategies.

To achieve this, CIOs must take responsibility for building a skilled workforce that can help to manage complex, multi-cloud environments. Building this team of experts requires a detailed training program covering crucial areas like cloud management, cyber and resilience planning combined with disaster recovery.

CIOs also need to ensure departments within their organization are collaborating to improve each other’s understanding of their unique operational needs. CIOs should be running simulations and test scenarios which consider the wider context such as the consequences of outages on each team’s functional capacity. And they should be communicating with all stakeholders so that everyone – internally or externally – is aware of what’s happening within the business.

Leading the way in network outage prevention

At a time when organizations are regularly experiencing IT outages, it’s more essential than ever for CIOs to evaluate their organization's IT infrastructure and cyber vulnerabilities both for the ‘as-is’ landscape but also any software and infrastructure change program impacts. Once they have a holistic view of the gaps that need to be filled, they can unlock the benefits of cloud-based solutions and coordinate their team to mitigate the threat of disruption. If they don’t follow these steps, they could be opening the door to future significant business impact.

We've listed the best data recovery service.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

from TechRadar - All the latest technology news https://ift.tt/0kZcNdX