Home Blog Page 189

Need of the hour is to embrace real-time security posture analysis

Contributor
-
0
Need of the hour is to embrace real-time security posture analysis
  • Real-time security analysis empowers organisations to navigate the dynamic technology and threat landscapes with the same agility and confidence before they can escalate.
  • As we navigate an increasingly interconnected and dynamic digital world, the limitations of these static evaluations become glaringly apparent.

In the realm of cybersecurity, the landscape is in a constant state of flux, with threats evolving and multiplying at a pace that keeps security professionals perpetually on their toes.

Traditionally, penetration tests have served as a valuable tool for assessing an enterprise’s security posture. However, these tests provide only a snapshot of the security environment at a specific point in time.

As we navigate an increasingly interconnected and dynamic digital world, the limitations of these static evaluations become glaringly apparent.

This article delves into the critical need to transition from conventional penetration testing to real-time dynamic security posture analysis.

Shortcomings of snapshot mentality

The traditional approach to penetration testing involves conducting periodic assessments of an organisation’s cybersecurity defences. While this approach has historical merit, it is not without its drawbacks.

Rik-Ferguson-VP-of-Security-Intelligence-Forescout

Just as a photograph captures a singular moment, penetration tests offer a fixed snapshot of an organisation’s security landscape. They may uncover vulnerabilities that exist at the time of the assessment but fail to address the rapidly changing threat landscape that continues to evolve after the test is completed.

Cybercriminals are not bound by the same schedule, and new vulnerabilities can emerge at any time.

Very similar issues arise from the reliance on an annual vehicle safety check to ensure the roadworthiness of your commercial vehicles is readily apparent.

According to a 2022 study by the Driver and Vehicle Standards Agency (DVSA), vehicles are issued 10 times more prohibitions three months after their annual test, a 25 percentage point increase compared to the first month after the test.

Alarmingly more than 60 per cent of heavy goods vehicle (HGV) prohibition defects found at the roadside three months after the MoT could have been reported and fixed before beginning a journey or noticed when driving the vehicle.

While the check may reveal issues at that moment, it does not account for wear and tear, unforeseen road hazards, or the mechanical changes that can occur between inspections. Similarly, traditional penetration tests can miss vulnerabilities that surface post-assessment or fail to account for the complex interplay of new threats and technologies.

If it’s not secure now, it’s not secure

To stay ahead in the race for cybersecurity, organisations must adopt a real-time dynamic security posture analysis approach. This shift acknowledges that security is not a static state, but an ongoing process requiring constant vigilance.

Just as modern vehicles are equipped with sensors that monitor performance and safety in real-time, organisations need continuous monitoring and analysis to maintain a robust security posture.

In modern vehicle technology: sensors continuously monitor tyre pressure, engine performance, and various safety systems, sending real-time data to the driver. This data empowers the driver to take immediate action in response to changing conditions, enhancing safety on the road.

Similarly, real-time security posture analysis provides organisations with the tools to detect and address vulnerabilities as they arise, stopping threats before they can escalate. And despite what the hype machine may try to have you believe, this all still requires a human at the wheel.

Adapting to ever-changing landscape

Much as a car’s safety features must adjust to changing driving circumstances, an organisation’s cybersecurity protections must evolve to counter new threats.

Leveraging automation and machine learning, real-time dynamic security posture analysis can spot patterns and anomalies in network traffic, user behaviour, and system performance or configuration.

This data is weighted and assessed by the importance of specific assets and the consequences for the business, should they be hacked or rendered unavailable. 

The continuous analysis makes it possible to quickly identify any unexpected activity that can point to a persistent breach or an approaching attack.

Think of the adaptive cruise control system in a modern vehicle. This technology allows for a safe and reliable driving experience by adjusting the speed of the car in reaction to the traffic in the area.

In the same way, real-time dynamic security posture analysis modifies a company’s security protocols in response to shifting threat environments, ensuring that vulnerabilities are promptly fixed and new attack vectors are mitigated.

The benefits of timely response

One of the key advantages of real-time dynamic security posture analysis, with a human in the loop, lies in their ability to make a timely response.

Just as a driver’s quick reaction can prevent an accident, rapid identification of threats and vulnerabilities can mitigate potential breaches. By eliminating the lag between assessment and action, organisations can drastically reduce the window of opportunity for attackers.

Imagine the potential repercussions if a driver or a vehicle’s safety systems took minutes or even hours to react to shifting road conditions. Similarly, a security posture that only relies on routine evaluations exposes organisations to danger during the intervals between assessments.

The traditional static approach to security assessment falls short in a world where cyber threats evolve in real-time. Just as an annual vehicle safety check doesn’t guarantee a car’s roadworthiness throughout the year, conventional penetration tests provide only a transient insight into an organisation’s security posture.

Organisations have to move beyond a snapshot mentality to proactively address misconfigurations, vulnerabilities and threats as they emerge.

A vigilant driver responds intuitively to changing conditions and traffic patterns. Real-time security analysis empowers organisations to navigate the dynamic technology and threat landscapes with the same agility and confidence.

In a world where the next cyber threat could emerge at any moment, it’s time to leave the snapshot mentality behind and embrace the power of real-time security analysis.

  • Rik Ferguson is the Vice President of Security Intelligence at Forescout.

India plans to give more teeth to personal data protection law

Mohammed Fahad
-
0
India plans to give more teeth to personal data protection law
  • The bill is a crucial step towards achieving the vision of global standard cyber laws for India’s $1 trillion digital economy, IT Minister says.
  • Non-adherence of obligations listed in the bill may attract sanctions and commercial penalty as high as Rs250 crore, Deloitte India says.
  • Although the consultation process took a long time, the Government does not seem to have considered the inputs received from stakeholders and recommendations from the JPC, SFLC says.

India is planning to deploy Digital Personal Data Protection Bill 2023 (DPDP) which regulates the processing of digital personal data while ensuring individuals’ right to protect their data and the need to process it for lawful purposes.

The bill was tabled in the Lok Sabha by Union Communications, Electronics, and Information Technology Minister Ashwini Vaishnaw, amid strong opposition from Opposition leaders who claimed it violates the fundamental right to privacy.

The opposition demanded that the bill be sent to the standing committee for thorough scrutiny, citing the withdrawal of a similar bill on data protection by the government last year.

In response, Vaishnaw clarified that the bill is not a money bill and assured the opposition that all issues raised will be addressed during the debate on the bill.

Fostering an innovative economy

Rajeev Chandrasekhar, Minister of State for Information Technology, shed light on the significance of Digital Personal Data Protection through his official X account.

He claims that the bill is a crucial step towards achieving the vision of global standard cyber laws for India’s $1 trillion digital economy.

According to Chandrasekhar, the bill was formulated after extensive consultations led by the Ministry of Electronics and Information Technology with all stakeholders.

Chandrasekhar explained that once passed by Parliament, the bill will protect the rights of all citizens, foster an innovative economy, and grant lawful and legitimate access to the government in matters of national security and emergencies, such as pandemics and earthquakes.

He described the Digital Personal Data Protection Bill 2023 as a global standard, contemporary, future-ready, yet simple and easy to understand, ensuring India’s position at the forefront of the digital world.

 “With the advent of Artificial Intelligence and the need for safeguarding privacy, India’s Digital Personal Data Protection bill aspires to set and evolve the framework for businesses to adopt best practices, strengthen data governance and drive responsible data handling,”  Ivana Bartoletti, Global Chief Privacy Officer at Wipro Limited, said.

Embracing a ‘Privacy by Design’ approach, she said integrates privacy measures from the inception of the technology or system development, rather than treating it as an afterthought.

“It fosters a sense of trust amongst stakeholders and can even accelerate growth opportunities.”

Presently, India does not have separate data protection legislation. 

The Supreme Court of India, in 2017 had recognised privacy as a fundamental right in 2017 and highlighted the need to protect online personal data from prying eyes. 

In the absence of a distinct data protection legislation, the Information Technology Act, 2000 (IT Act) along with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules) have been the cornerstone for data protection in India.  

The Indian Government recently unveiled a comprehensive draft of the Digital Personal Data Protection (DPDP) Bill on November 18, 2022.

A problematic provision

In India, relevant government departments oversee the enforcement of data protection instead of a separate Authority.  However, the draft DPDP Bill envisages setting up of a Data Protection Board of India (DPBI) to regulate the entire regime of digital personal data protection in the country.

Manish Sehgal, Partner, Deloitte India, said it was the moment the nation had been waiting for the past few years.

“Once enacted, the bill enables individuals (referred to as Data Principals) to govern their own personal (digital) data and will drive enterprises (referred to as Data Fiduciary) to process the personal data of individuals lawfully.

 “In view of the bill’s extraterritorial coverage, enterprises based outside India serving individuals in India will also be expected to adhere to the provisions of this Bill, once enacted. Enterprises will have to review the current ways of working, especially for the personal data of individuals such as their employees, customers, merchants, vendors, etc. to be able to honour the rights that individuals may exercise, such as the right to access, update, erase their personal data etc. Non-adherence of obligations listed in the bill may attract sanctions and commercial penalty as high as Rs250 crore,” he said.

SFLC.in, a Delhi-based legal not-for-profit organisation, said that the Digital Data Protection Bill, 2023 has been introduced as a financial bill and the government has been given a lot of powers under the bill and there is no sufficient legislative guidance provided regarding these.

“Section 43 A of the IT Act which provided a remedy to aggrieved persons to get compensation has been deleted.  However, the bill does not provide for compensation to be granted for data principals whose privacy has been violated and has suffered a loss.

“Deemed consent that had raised red flags earlier has been reworded but principally remains the same. Data Principals have been saddled with duties and penalties prescribed for acting in violation of these. Cross border data flow has been changed from whitelisting to blacklisting regime which is a welcome change.”

However, SFLC said that such data transfer restrictions are permitted in the case of specific laws in existence. A problematic provision is a clause added in the bill for blocking a computer resource which could be used for blocking websites and applications. Although the consultation process took a long time, the Government does not seem to have considered the inputs received from stakeholders and recommendations from the JPC.

Etisalat by e& is faster than du when it comes to 5G performance

Naushad K. Cherrayil
-
1
Etisalat by e& is faster than du when it comes to 5G performance
  • UAE leads on 5G performances globally with a median download speed of 557.63 Mbps, with South Korea placing second at 501.56 Mbps and Qatar with 465.62 Mbps.
  • e&’s Wi-Fi recordes the lowest latency across all access types while du’s Wi-Fi latency lagged behind its mobile network latency performance.

Etisalat by e& was the fastest 5G operator within the UAE and globally on 5G, with a median download speed of 680.73 Mbps during the second quarter of this year, ahead of du’s 453.93 Mbps.

According to, 5G performance between the two mobile operators remained similar throughout 2022, peaking in time to support Dubai Expo 2020.

Etisalat by e& currently operating in 16 countries across Asia, the Middle East and Africa and is the 18th largest mobile network operator in the world by number of subscribers while du operates only in the UAE.

 “Both operators increased speeds through the fourth quarter of last year and in the first quarter of this year, helping drive overall 5G performance in the UAE to reach 557.63 Mbps, but du’s performance declined in the second quarter of this year, with etisalat by e& extending its 5G performance lead to 226.80 Mbps,” Mark Giles, Lead Industry Analyst at Ookla, said.

Moreover,  users accessing both etisalat by e&’s and du’s 5G networks experienced median gaming latency of 43 milliseconds and 57 milliseconds respectively, lower than those recorded across 4G LTE. 5G users also experienced improved video start times and experienced less buffering when streaming video compared to those on either 4G LTE or Wi-Fi.

Increased competition

Speedtest Intelligence data showed that etisalat by e& led on median 5G upload speed in Abu Dhabi, Dubai and Sharjah. However there was no statistically significant difference between it and du in Al Ain and Ajman.

Giles said that 5G users in the market are more likely to recommend the nation’s networks when compared to 4G, with etisalat by e& leading the market with a score of 64.7 in the second quarter, and du following with 46.7.

Both the telecom operators launched commercially available 5G services across the Emirate in the second quarter of 2019, following the allocation of spectrum for 5G use by UAE regulator, the TDRA (Telecommunications and Digital Government Regulatory Authority).

However, 2022 saw growth return to the market with etisalat by e&’s UAE mobile revenues increasing by six per cent to reach Dh11.41 million, while du’s mobile revenues grew by 8.4 per cent to reach Dh5.75 billion.

“For the nation’s mobile network operators, this return to growth is driving increased competition as both operators seek to demonstrate network leadership, convert prepaid users to postpaid, while also focusing on driving enhanced customer experiences and offering new digital services,” Giles said.

Both mobile network operators are prioritising the growth of their postpaid customer bases. For example, subscribers of either operator can choose plans that allow them to pick and choose additional services with a strong focus on entertainment options, such as video streaming services, live sports, and mobile gaming, among others.

Drilling down into the city-level data, and looking at performance for the lowest 10 per cent of samples, reveals some potential improvement points for both operators, Giles said.

Enterprise verticals

For the city of Ajman, etisalat by e& has recorded a significant improvement in the lower 10th percentile of 5G samples, increasing from 9.76 Mbps in January to 93.67 Mbps in June.

However despite the increase, its performance in Ajman remains below that recorded in other UAE cities.

Du on the other hand has returned more stable 5G performance among the lower 10 per cent of samples in the city over the past six months, but is seeing performance decline, from 138.33 Mbps in January to 50.85 Mbps in June.

Accordsing to datya.ai’s State of Mena 2022 report, consumers in the UAE spent on average 4.7 hours per day playing mobile games during 2021, the most of all MENA markets.

“Usage continues to grow, fueled by a young and tech-savvy population with high disposable income. 5G offers the potential for lower latency than previous generations of mobile technology, which alongside higher throughput, enables improved experiences for both consumer and enterprise use cases that rely on a high level of network responsiveness,” Giles said.

Moreover, he said that Wi-Fi performance differed between the operators, with etisalat by e&’s Wi-Fi recording the lowest latency across all access types, while du’s Wi-Fi latency lagged behind its mobile network latency performance.

Giles said that both operators in the UAE are in prime position to capitalise on their 5G network investment to date, which is already helping drive improved consumer experiences on their networks.

“They are also poised to take advantage of the deployment of 5G standalone networks in the market, offering further performance gains, but also opening up opportunities to target services for key enterprise verticals that among other things often demand highly reliability, as well as low latency communications.”

Related posts:

Is it good to block or grant access to ChatGPT as users are inputting sensitive data?

Naushad K. Cherrayil
-
0
Is it good to block or grant access to ChatGPT as users are inputting sensitive data?
  • ChatGPT is the most popular AI app in the enterprise and Google Bard is the fastest-growing AI app in the enterprise, both by a large margin.
  • Source code is posted to ChatGPT more than any other type of sensitive data, at a rate of 158 incidents per 10,000 enterprise users per month.
  • DLP and user coaching are the most popular types of controls enterprises use to enable AI app use while preventing sensitive data exposure.

With all the hype surrounding ChatGPT and AI apps in general, it is unsurprising that scammers, cybercriminals, and other attackers attempt to exploit the hype for illicit gains.

The hype and popularity of ChatGPT draw the attention of attackers and scammers because of the large target pool and potential for profit, combined with the varied proficiency of users on the platform.

ChatGPT and other AI apps are on their way to becoming mainstays in the enterprise sector.

Over the past two months, according to Netskope Threat Labs, the percentage of enterprise users accessing at least one AI app each day has increased by 2.4 per cent weekly, for a total increase of 22.5 per cent over that period. 

The most popular enterprise AI app by a large margin is ChatGPT, with more than eight times as many daily active users as any other AI app. The next most popular app is Grammarly, which focuses exclusively on writing assistance.

Bard, Google’s chatbot, comes in just below Grammarly. All other AI apps combined (of which we are tracking more than 60, including Jasper, Chatbase, and Copy.ai) are less popular than Google Bard.

At the current growth rate, the number of users accessing AI apps will double within the next seven months. 

Over the same time, the number of AI apps in use in the enterprise held steady, with organisations with more than 1,000 users averaging 3 different AI apps per day, and organisations with more than 10,000 users averaging five AI apps per day. 

At the end of June, 1 out of 100 enterprise users interacted with an AI app each day.

For every 10,000 users, an organisation can expect around 660 daily prompts to ChatGPT. But the real question lies in the content of these prompts: Are they harmless queries, or do they inadvertently reveal sensitive data?

A Netskope study revealed that source code was the most frequently exposed type of sensitive data, with 22 out of 10,000 enterprise users posting source code to ChatGPT per month. In total, those 22 users are responsible for an average of 158 posts containing source code per month.

For every 10,000 enterprise users, an enterprise organisation is experiencing approximately 183 incidents of sensitive data being posted to the app per month. Source code accounts for the largest share of sensitive data being exposed. 

Immediate concern

Despite the potential opportunities and threats, AI brings to humanity, organisations worldwide and their leaders are dealing with a more immediate concern: How can they use AI apps safely and securely?

An outright block on AI applications could solve this problem but would do so at the expense of the potential benefits AI apps offer.

For organisations to enable the safe adoption of AI apps, Ray Canzanese, Threat Research Director at Netskope Threat Labs, said that they (organisations) must centre their approach on identifying permissible apps and implementing controls that empower users to use them to their fullest potential, while safeguarding the organisation from risks. 

“It is inevitable that some users will upload proprietary source code or text containing sensitive data to AI tools that promise to help with programming or writing. Therefore, organisations must place controls around AI to prevent sensitive data leaks. Controls that empower users to reap the benefits of AI, streamlining operations and improving efficiency, while mitigating the risks are the ultimate goal.”

Multifaceted challenge

Such an approach should include data loss prevention (DLP), domain filtering, URL filtering, and content inspection to protect against attacks and interactive user coaching.

Blocking access to AI-related content and AI applications is a short-term solution to mitigate risk, but comes at the expense of the potential benefits AI apps offer to supplement corporate innovation and employee productivity. 

 “As security leaders, we cannot simply decide to ban applications without impacting on user experience and productivity,” James Robinson, Deputy Chief Information Security Officer at Netskope, said. 

“Organisations should focus on evolving their workforce awareness and data policies to meet the needs of employees using AI products productively. There is a good path to safe enablement of generative AI with the right tools and the right mindset.”

Safely enabling the adoption of AI apps in the enterprise is a multifaceted challenge as it involves identifying permissible apps and implementing controls that empower users to use them to their fullest potential while safeguarding the organization from risks. 

Ultimately, more organizations are likely to adopt DLP controls and real-time user coaching over time to enable the use of AI apps like ChatGPT while safeguarding against unwanted data exposure.

Steps to securely use AI tools:

  • Regularly review AI app activity, trends, behaviours, and data sensitivity, to identify risks to the organisation.
  • Block access to apps that do not serve any legitimate business purpose or that pose a disproportionate risk. A good starting point is a policy to allow reputable apps currently in use while blocking all others.
  • Use DLP policies to detect posts containing potentially sensitive information, including source code, regulated data, passwords and keys, and intellectual property.
  • Employ real-time user coaching (combined with DLP) to remind users of company policy surrounding the use of AI apps at the time of interaction.
  • Block opportunistic attackers attempting to take advantage of the growing popularity of AI apps by blocking known malicious domains and URLs, and inspecting all HTTP and HTTPS content.
  • Use Remote Browser Isolation technology to provide additional protection when there is a need to visit websites in categories that can present a higher risk, like newly observed and newly registered domains.
  • Ensure that all security defences share intelligence and work together to streamline security operations. Netskope customers can use Cloud Exchange to share IOCs, import threat intel, export event logs, automate workflows, and exchange risk scores.

Related posts:

Deep learning ushers companies into new era of possibilities

Mohammed Fahad
-
0
Deep learning ushers companies into new era of possibilities
  • Companies are increasingly discussing about the deep learning technology to enhance user experiences, optimise operations and drive innovation.

Deep learning, a method which utilises neural networks to identify patterns in vast data sets, has become a transformative force, ushering companies into new era of possibilities and the future holds immense promise for this technology, an industry expert said.

Companies are increasingly discussing about the deep learning technology to enhance user experiences, optimise operations and drive innovation.

Microsoft, Canon, Biodesix, and AbSci are among the firms leveraging deep learning to drive innovation.

From image analysis to natural language processing and diagnostic tests, its applications are widespread.

Driving innovation

Misa Singh, Business Fundamentals Analyst at GlobalData, said that areas such as image analysis, natural language processing, and diagnostic tests are gaining significant traction.

For example, deep learning platforms are being used to sort useful inside waste management facilities and this will contribute towards reduced power consumption and operating costs, she said.

Microsoft acquired Maluuba, an AI firm focused on deep learning, with natural language processing capabilities to further democratise AI for everyone.

Canon is developing GM-1 crop growth monitoring system using its imaging technology experience. GM-1 is based on image analysis technology combined with AI diagnostic technology based on deep learning.

“The system is predicted to find applications in fields such as agriculture for adaptation to climate change, ideal cultivation management, and creation of novel crops through data accumulation and comparison,” Singh said.

Biodesix Inc believes that Diagnostic Cortex, a deeply tested deep learning platform optimized for the discovery of diagnostic tests, will solve the common machine learning problems encountered in life sciences research while AbSci Corp acquired a group of computational biologists and AI specialists and a unique deep-learning platform designed for protein engineering and discovery.

HMM Co Ltd has created a deep learning-based system called Vessel Insight that gathers and unpacks enormous volumes of data for the shipping industry. This system helps to find the optimal trim and route, for optimal decisions and operating costs.

Global Digital Creations Holdings Ltd is combining deep learning with virtual characters, exploiting technological boom from chatbots and metaverse.

Industrial metaverse makes the “invisible visible” to drive sustainable growth

Naushad K. Cherrayil
-
0
Industrial metaverse makes the “invisible visible” to drive sustainable growth
  • Industrial metaverse is expected to reach $400 billion by 2030, with the potential to exceed $1 trillion, accelerating growth.
  • Connected digital twins of industrial systems can facilitate rapid “what-if” simulations, improving the supply chain, utilisation, and operational costs.
  • Industrial metaverse is less dependent on immersivity and interoperability compared to Consumer Metaverse.

Businesses need to make sure they don’t miss out on the additional potential that the industrial metaverse offers and it will not be possible to “leapfrog” to industrial metaverse implementation unless digitalisation is already fairly mature, industry experts said.

“Many businesses in GCC are already some way along the digitalisation journey – leveraging the power of digital twins, artificial intelligence, connectivity, and collaboration technologies. Businesses need to make sure they don’t miss out on the additional potential that the industrial metaverse offers for better-informed strategic decision-making for growth, profitability, and especially ensuring safety and sustainability,” Thomas Kuruvilla, Managing Partner of Arthur D. Little (ADL) Middle East, said.

What is an industrial metaverse?

The industrial metaverse provides an extensive overview of current and future applications and use cases and their benefits, from operational optimisation and training to technical tools and strategic management solutions. It also provides clear guidance on how companies can overcome the challenges towards full implementation.

Key steps include reviewing their digitalisation strategy, identifying value-adding opportunities, implementing pilots, and building a partner ecosystem for success.

ADL said that the industrial metaverse could lead to double-digit percentage improvements in areas such as supply chain, utilisation, and operational costs as well as driving growth and managing sustainability impacts, industry experts said and forecasts an acceleration of the industrial metaverse market, with an estimated size of $100-150 billion this year and expected to rise to $400 billion by 2030, although the upside could be more than $1 trillion, with an annual growth rate of between 20 per cent and 30 per cent.

Despite the current setbacks, Kuruvilla said the industrial metaverse has the potential to transform the way executives leverage digital technologies, elevating them from the operating level to the strategic level.

Connected digital twins

Despite the current sense of disillusionment with the Metaverse, new research by ADL reveals that businesses would be wrong to write it off. The continuing convergence of developing technologies, including Artificial Intelligence, complex systems simulation, data visualisation, and connectivity (IoT), has the potential to enable executives to extend the use of digital twins beyond the factory level towards strategy simulation for an entire global enterprise.

“Strategic decision-making is increasingly difficult due to increasing complexity, uncertainty, and the challenges of managing sustainability across global supply chains. Through creating connected digital twins of whole industrial systems and supply chains, businesses can rapidly conduct “what-if” simulations for strategic decision-making,” Kuruvilla said.

However, unlike the consumer metaverse, he said that progress on the industrial metaverse is much less dependent on full immersivity and interoperability, two of the biggest current barriers towards metaverse adoption.

Industry 4.0 technologies have proven to bring significant benefits to companies that have successfully implemented them.

Digitalisation challenges

What makes the industrial metaverse distinct from Industry 4.0 is the ongoing development and convergence of many of these technologies. Digital twins, with some form of real data exchange with their physical counterparts and the application of AI to assist interpretation and analysis, already exist today. 

According to data from Arthur D. Little’s Operational Excellence Database, these benefits are substantial, including reductions in operational capital deployed and supply chain costs ranging from 15 per cent to 30 per cent. 

Additionally, companies have seen a 30 per cent increase in production capacity utilisation and maintenance cost reductions of 10 per cent to 40 per cent.

Nevertheless, there are some common challenges towards digitalisation, including high upfront investment, difficulties in coordinating the required cross-functional transformation, challenges in data security and management, lack of available skills, and limitations imposed by legacy IT systems.

Albert Meige, Director of Blue Shift at Arthur D. Little, said that conventional strategic decision-making is no longer sufficient and companies must harness the potential of the industrial metaverse to drive performance improvements, optimise operations, and achieve net-zero growth.

“Unlike the consumer metaverse, the industrial metaverse does not depend on full immersivity and interoperability, so these barriers are less significant going forward.”

Related posts:

1...188189190...271Page 189 of 271