According to new research released Tuesday, many employees and managers in the United States and United Kingdom value trust in the workplace more than financial compensation.

A survey of 500 workers and managers in the US and UK by Osterman Research for cybersecurity firm Cerbi found that nearly half of participants (47%) said they would take a 20% pay cut in exchange for higher trust by their employer.

Other characteristics the researchers found highly prized by employees included flexibility (48%), autonomy (42%), and being able to choose the applications needed to work effectively (39%).

The State of Employee Trust Report by Osterman and Cerby examines the impact of zero-trust principles that many companies are increasingly adopting as a solution to their cyber security needs as a result of the use of “unmanageable applications” by workers and managers.

“Apps are closely linked to the level of employee engagement and empowerment. If employers try to block apps, which they often do, it negatively affects trust,” in San Francisco said Matt Chiodi, chief trust officer at Cerbi, a zero-trust architecture provider for unmanaged applications located at .

“Sixty percent of employees said that if an application they want is blocked, it negatively affects how they feel about the company,” Chiodi told TechNewsWorld.

“The answer is not for employers to block these apps, but to find solutions that allow these unmanageable apps to be managed,” he said.

fret over control

Security teams resent the use of unmanaged applications, also known as shadow IT, for a number of reasons. “Employees come and go. An organization can end up with thousands of unused credentials accessing its resources,” explained Szilwezter Szebeny, CISO and co-founder of Tresorit, an email encryption-based security solutions company in Zurich.

“With a mountain of passive access, hackers are bound to find something that will go unnoticed and pave the way for them to infiltrate the organization through lateral movement,” Szebeny told TechNewsWorld.

Unsupportable applications can put an organization at risk because it has no control over the security practices imposed on the programs’ development and management, said John Yoon, vice president of product strategy at ColorTokens, an autonomous zero-trust cybersecurity solutions provider in San Jose. Caliph.

“In addition, the organization has no oversight of the applications’ security update requirements,” Yoon told TechNewsWorld.

Without any control over the application, organizations can’t trust it with access to their environments, said Mike Parkin, a senior technical engineer at Vulkan Cyber, a provider of SaaS for enterprise cyber risk prevention in Tel Aviv, Israel.

“Letting employees choose the best tool for the job, especially when it’s running on their own device, is welcome,” Parkin told TechNewsWorld.

However, he stressed, “this requires some compromise with the organization choosing the application and the employees willing to give up if their preferred app is not on the approved list.”

Clearwater, Fla. Roger Grimes, data-driven defense evangelist at KnowBe4, a security awareness training provider in the U.S., took a hard look at the issue.

“It’s up to an organization’s cybersecurity risk managers to determine whether the risks incurred are worth the benefits,” Grimes told TechNewsWorld. “You don’t want the average end user to decide what is or isn’t risky for the organization any more than you want the average passenger flying an airplane.”

worth the risk?

The applications are considered unmanageable because they often don’t support common security measures, such as single sign-on and automatically adding or removing users, Chiody explained.

“It presents a risk to a business, but business users still need those applications,” he said. “Businesses need to find ways to get those applications to the point where they can be managed, so that those risks are reduced.”

Labeling applications unmanageable is misleading, says Marcus Smiley, CEO of Epoch Concepts, an IT solutions provider in Littleton, Colo.

“They’re built without support for modern, industry security standards, which makes them harder to monitor and secure,” Smiley told TechNewsWorld, “but means they can’t be managed like other applications.” , they can be managed in different ways. ,

“When unmanageable applications are being used, there is always some reason,” he said. “Many organizations need better communication between IT and employees to clarify company policies and the reasons behind them.”

“IT should also provide channels for requesting applications and be proactive in providing more secure options for problematic ones,” he added.

Smiley said that in some situations, allowing unmanaged applications with oversight is appropriate to ensure that best-identity-management practices and more secure configurations are implemented instead of less secure ones.

“Ultimately, there is no such thing as a risk-free cyber security strategy,” he added. “Every security program – even those that fall under zero trust – involves trade-offs between mission-critical business functionality, productivity and risk.”

balancing act needed

The safest approach is to have any application reviewed prior to adoption by an individual or team with cyber security expertise to identify any issues that may arise from the use of the software or service, ensure that Assuming the legal terms are acceptable, as well as a plan for ongoing maintenance, recommended Chris Clements, vice president of solutions architecture at Cerberus Sentinel, a cybersecurity consulting and penetration testing company in Scottsdale, Ariz.

“Unfortunately, many organizations do not have the expertise or resources to properly assess these risks, resulting in the process not happening at all, or as bad, taking weeks or months,” Clements told TechNewsWorld. which hurts employee morale and productivity.” ,

“Balancing cyber security risk with employee needs is a practice that organizations need to take more seriously,” he said. “Allowing a Wild West approach will inevitably introduce cyber security risks. But on the other hand, being overly rigid can lead to choosing product or service solutions that heavily compromise usability and user convenience or completely Deny approval from.

“These can create frustration and lead personnel to leave the organization or actively subvert security controls,” he continued.

Misusing zero-trust principles can also add to that frustration. “Zero trust is for data, access, applications and services,” Chiodi argued. “But when it comes to building trust on the human side, companies should aim for higher trust. The two are not mutually exclusive. It’s possible, but there’s going to be a shift in how employers use security controls.”

“By giving employees technology choices, companies can show that they trust their employees to make technology decisions that help them do their jobs better,” says Allegro Solutions, a cybersecurity consulting company in West Hartford, Conn. Principal Karen Walsh said.

“By reinforcing it with education around the mindset of compromising,” they build a stronger relationship with the members of their workforce, Walsh told TechNewsWorld.

More online fraud, recession-resistant budgets and continued talent shortages can be expected in 2023, according to cybersecurity professionals who spoke with TechNewsWorld.

Online fraud, driven by persistent supply chain constraints and bot proliferation, will continue to rise in the coming year, predicted Benjamin Fabre, co-founder and CEO of Datadome, a bot and online fraud protection solution maker in New York City.

“If you look at the volume of threats, they’re going through the roof, and it’s not going to slow down,” he told TechNewsWorld.

Scarcity caused by supply chain constraints has driven up the prices of many commodities creating an attractive environment for fraudsters. “We are seeing limited stocks of products creating a bubble around their prices, driving more bots and online fraudulent activity, which I expect to continue in full force into 2023,” Fabre said.

The use of bots is gaining momentum in the new year. “We’ve only recently started to see this shift,” said Fabre’s colleague, Datadome’s head of research Antoine Vastel, where a lot of individuals have started using the app to monitor changes in housing prices, monitor the availability of gaming consoles, and more. Created their own bots to scour the markets with browser extensions.”

“We don’t think it’s going to stop, because it’s getting easier and easier to build advanced bots,” he told TechNewsWorld.

spend optimism

Wastel also forecasts the expansion of scaling activities and the use of scraper bots in 2023.

“While influence scaling is mostly used to affect concert tickets, it has spread to more and more products – sneakers, gaming consoles, GPUs, luxury items,” he explained. “I anticipate that with current product shortages and supply chain challenges, scaling will accelerate as the ability for resellers to raise money expands to new items and products across industries.”

He also said that more and more tools are appearing to make it easier to build advanced bots. “Whether it’s open-source libraries that enable attackers to mine their fingerprints or bots as a service that make building advanced bots as easy as making an API request, we think it’s time for scraper bots to take off.” will support construction,” he said.

Despite warnings of a recession by Cassandra, there remains optimism in the cyber security community about spending in 2023. Alberto Yepez, co-founder and managing director of Forgepoint Capital, a venture capital firm in San Mateo, California, pointed out that in 2021, cyber security spending is expected to increase by 12% from the previous year to about US$150 billion, and by 2022 spending is expected to cross $156 billion.

“This trend will continue into 2023 as the threat landscape becomes increasingly more dynamic and complex,” he told TechNewsWorld.

“With ransomware skyrocketing, organizations will look for support in modernizing their defenses and reengineering threat detection and response capabilities realizing that attacks are now inevitable,” he explained.

Yépez continued, regulatory compliance standards, cloud migration, and global digital transformation in business and government will further drive the market, especially as the hybrid workforce model evolves from a pandemic response to a regular way of doing business.

“All of these components help organizations meet business needs, but at the same time complicate their cyber security posture and create the need for a design-to-scale approach,” he said. “As a result, cyber security will continue to solidify itself as a key enabler in business operations, and organizations will prioritize proactive investment in 2023.”

Dangerous Cost Reduction

JD Hanson, CIO and CISO of Code42, a national endpoint security and data protection company, admits that some organizations will want to cut corners by cutting cybersecurity budgets, but stresses that they do so at their own risk.

He told TechNewsWorld, “Once the rumble of economic uncertainty starts rolling in, wary CFOs will start looking for areas of unnecessary spending to keep their company ahead of the game.”

“To the uninformed C-suite, cyber security spending is sometimes seen as an added expense rather than an essential business function that helps protect a company’s reputation and bottom line,” she continued. “These organizations may seek to cut costs by reducing their investment in cyber security equipment or talent, effectively reducing their company’s ability to properly detect or prevent data breaches and making them potentially catastrophic.” Can open up to the results.”

“This should be of particular concern amid continued ransomware attacks, and 2023 is expected to be another challenging year,” she said. “Companies that retain efficient cyber security resources will do better in the long run than companies that make sweeping cuts.”

Fabre said he does not see a negative impact on cyber security to the economy in 2023 because the cost of not investing in cyber security is too high. “Companies have a lot to lose – financially, reputationally, competitively – if their or their customers’ data is breached.”

“When you consider the rapidly changing legal and regulatory environment companies are now operating in,” he continued, “the risk of not being able to conform or secure privacy outweighs the short-term benefits of reducing cyber security budgets.”

The talent gap will continue

As in the previous years, in 2023 also the workforce problem in the cyber security industry will continue. generations to enter the field,” said Carolyn Vignolet, senior vice president of research and development at OneSpan, an identity security company in Chicago.

“Cyber ​​security education is important, and while we see more universities developing cyber courses, they are still very small compared to the significant challenges organizations face,” he told TechNewsWorld.

“For this new generation to be successful,” she continued, “universities must expand cyber education and provide real practical cyber training, not just theoretical training.”

He said that companies and employees also need to play their part. “Every person in an organization plays a role – even if it’s just raising awareness of phishing emails and avoiding unsecured links,” she said.

Vignolet urged organizations to better support their cyber teams. “As cyber leaders, we have a responsibility to create a safe environment and to make this known to anyone who is interested in this area,” he said.

“In fact, one of the most important key performance indicators to look for within employee engagement surveys is whether employees feel comfortable talking to leadership,” she said. “This is the strongest way to avoid burnout as this growing talent gap continues through 2023.”

In five years, 40% of large organizations worldwide will use a combination of Web3, AR Cloud and Digital Twins in Metaverse projects aimed at revenue, research and advisory firm Gartner predicted Monday at its IT Symposium in Orlando, Fla. Was.

Gartner’s Metaverse prediction was part of a top 10 list of strategic technology trends released at the event.

The firm envisions a metaverse as a “collective virtual 3D shared space created virtually by the convergence of augmented physical and digital reality.” It is consistent and provides better immersive experiences, it added.

A full metaverse would be device independent and not owned by a single vendor, Gartner continued, and would be a virtual economy enabled by digital currencies and non-fungible tokens (NFTs).

Gartner’s prediction raised the eyebrows of some analysts. “It’s a little aggressive,” said Mark N. Venna, president and principal analyst at SmartTech Research in San Jose, Calif.

“The primary headwind for Metaverse in business is the arrival of the actual Metaverse app, which will have wider appeal with enterprise accounts,” he told TechNewsWorld.

“Some of this exists – and will continue to surface – in operational areas like inventory management, logistics and other verticals, but unless there is a Metaverse app, or app, that increases productivity, I think 40% is a stretch. ,” added Vena.

Metaverse or Metaverse?

Ross Rubin, principal analyst at Reticle Research, a consumer technology advisory firm in New York City, also sees some of the challenges that could hinder the spread of the metaverse in the enterprise.

“At a core level, we need improvements in device size and power efficiency and broader applications beyond the manufacturing, engineering and other industrial applications we see today,” he told TechNewsWorld.

“Beyond these AR-related improvements, however, there are open questions as to whether the Metaverse will evolve as a single, widely accessible platform like the Web, or whether companies will largely build their own applications as they go. Let’s do it with cloud technology. Today,” he continued.

“However,” Rubin said, “we’re starting to see some encouraging standard-setting here, like the Metaverse Standards Forum.”

Facebook’s owner Meta may also be contributing to the Metaverse traction problems, maintained Rob Enderle, president and principal analyst of Enderle Group, an advisory services firm in Bend, Ore.

“Facebook’s efforts are so bad that they are casting a cloud over the entire segment and, ironically, they are the biggest investors in it,” he told TechNewsWorld.

“Facebook is effectively giving a big indication on this segment that it’s fake,” he said, “even though Nvidia’s efforts seem to be working far better and are being implemented well by firms like BMW. This demonstrates the potential that Facebook is destroying right now.”

need patience

Impatience may also play a role in the company’s Metaverse persistence, noted Quinn Mai, CEO of Coulter, a digital marketing agency in New York City.

“As brands enter the metaverse, they are often disappointed upon arrival, not realizing that this is still a nascent but evolving platform,” she told TechNewsWorld. “They don’t see a large number of users in the metaverse like Decentraland or The Sandbox, and then back off.”

“Persistence is important because the technology that drives Web3 is evolving rapidly and developer activity is growing rapidly, so it is important for brands to experiment now so that they can scale their Web3 projects as they grow. “

“With the recession in the US and the economic warnings from the IMF, many brands are withdrawing from Web3 and focusing on short-term issues,” she continued. “However, like Web 1.0 and Web 2.0, brands that do not innovate will be left behind.”

“Web3 adoption will be driven by Gen Z, which is 25% of the world’s population, so brands that don’t stay the course won’t prosper or join the group in 2027,” Mai said.


Gartner also predicted that by 2027, 50% of the world’s population would be daily active users of multiple “superapps”.

SuperApps combine the features of an app, platform and ecosystem into a single program. Apart from its own set of functionalities, it provides a platform for add-ons by third parties.

“While most examples of SuperApps are mobile apps, the concept can also be applied to desktop client applications, such as Microsoft Teams and Slack, the key being that a SuperApp can consolidate and replace multiple apps for customer or employee use. Gartner Vice President and analyst Frances Karamouzis said in a statement.

Microsoft Teams Virtual Meeting Space

Team Virtual Meeting Space (Image Credit: Microsoft)

Enderle said multi-function apps have always attracted users.

“A single app that does a lot of things has always been attractive over multiple single-centric apps because people don’t want the complexity and learning curve associated with multiple apps,” he said. “So the relative simplicity, perceived cost, and usefulness of SuperApps make them attractive.”

SuperApps have been in the news lately because Elon Musk said he wants to buy Twitter as an accelerator to build one, Rubin explained.

“The model for this is WeChat in China, which is used for tasks as diverse as reading news, making payments and praising cars,” he said. “WeChat was able to develop its functionality partly because there were no major OS vendors and little competition from outside China.”

“There are high odds of it repeating its success outside of China,” he continued. Yet, for example, Apple already supports playing games and sending money through its Messages app, and Telegram supports add-on bot applications that can provide a lot of functionality beyond messaging. “

sustainable technology

One strategic trend that surpasses all others is sustainability, Gartner said. It cited one of its recent surveys where CEOs pointed out that environmental and social change are now the top three priorities for investors, followed by profit and revenue.

This means, it continued, that executives should invest more in innovative solutions designed to address [environmental, social, and governance] Seeking to meet sustainability goals.

,[I]n 2023, providing technology will not be enough,” said David Groombridge, Gartner’s vice president and analyst, in a statement.

“These themes are influenced by environmental, social and governance expectations and regulations, which translate into a shared responsibility to implement sustainable technologies,” he said in a statement.

“With future generations in mind, every technology investment will need to be set against its impact on the environment,” he said. “Sustainable by default as an objective requires sustainable technology.”