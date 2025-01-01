Types of strategic workforce planning tools

Adam Holtby | Principal Analyst,The world of work has experienced many social and economic disruptions over the past few years. These disruptions have been further compounded by numerous business technology changes including the rise of artificial intelligence (AI), the transition to digital-first communication and collaboration, and the enabling of hybrid working at great speed and scale. Mobile is at the core of these changes, and the need to enable more mobile-centric work has become an important mandate for businesses across all industries. Embracing a mobile-centric approach to work requires businesses to address not just technological aspects and practices that guide how work gets done. Business leaders must remember that it is not just the locations people work from that have changed; the fundamental nature of work has also been subject to disruption. As more employees engage in work away from the traditional office, businesses must establish a technology and support infrastructure that enables, secures, and empowers every worker, regardless of their location. With the growing importance of digital and mobile-first channels for collaboration and engagement, businesses must swiftly adapt to meet evolving employee expectations. Failure to do so can result in tangible operational, regulatory, and financial ramifications. This mobile transformation journey is not one that businesses should walk alone. Recruiting the support of experienced digital partners will be instrumental to success. These partners must deliver the technical capabilities and expertise that businesses need to be successful. Solutions spanning mobile connectivity, mobility management, security, productivity, and collaboration will all be important instruments of success. Given the complexity of business mobile-centric initiatives, organizations should also look for partners that can help them navigate the tactical challenges they may face. Technical support programs, consistent engagement, and professional services will be pivotal elements of these partnerships. The data and insights discussed in this report are derived from the 2023 Business Mobile Collaboration survey, a collaborative study between Omdia and Verizon. In addition to being a fundamental element of modern work, mobility has evolved to become a vital enabler of business communication and collaboration. With its growing significance in modern business and digital experiences, there is a heightened demand to empower and enable a more mobile workforce. The 2023 Business Mobile Collaboration survey explored the role of mobility in modern organizations. The survey was structured to unearth the important communication, collaboration, and productivity trends driving business mobile initiatives in organizations of various sizes and across numerous industries. Digital capabilities are becoming increasingly important in empowering employees across the entire business, from back-office knowledge workers through frontline workers who are often closest to those consuming the products or services delivered by the business. Though information workers are often those most strongly associated with conversations around digital transformation, the reality is that true success comes from enabling as many workers as possible with transformative digital technologies, including mobile capabilities. Mobile devices and apps have the potential to transform work for every employee, so a focus on the entire workforce is vital when a business embarks on a mobile initiative. This is especially important when we consider the significant number of employees that occupy frontline worker roles. As Figure 1 shows, more than half the population of the total workforce are frontline workers. The proportion of frontline workers relative to information workers is even more pronounced in industries such as healthcare (63%), manufacturing (60%), and retail (63%). Because frontline workers make up such a large segment of the overall workforce, businesses have an opportunity to enhance operational efficiencies and transform frontline work by providing these workers with new digital capabilities. Mobile devices and apps are of particular importance to frontline workers because many of these employees operate away from a traditional desk and perform their duties across diverse locations. Ensuring that frontline workers have access to mobile capabilities that foster collaboration and enhance productivity becomes paramount. Mobile should not be a digital business capability limited to a select few or corporate VIPs; rather it should be democratized and made accessible to all employees, enabling widespread benefits across the organization. Source: 2023 Business Mobile Collaboration survey,Employees who are often the closest link between a business and those consuming its products and services. Includes retail, construction, healthcare sales representatives, manufacturing operators, etc. Employees who often work in centralized back-office roles and do not have direct engagement with customers or those consuming services the business produces (IT, marketing, HR, finance/accounting, etc)Source: 2023 Business Mobile Collaboration surveyAccording to the survey, 60% of the workforce currently use a mobile device for work purposes. This number is consistent across businesses in different industries and of all sizes. With such a substantial number of employees reliant on mobile devices, it is imperative for businesses to ensure that connectivity is seamless and that collaboration and productivity across these devices is optimal. A critical factor in achieving this goal is ensuring mobility is not an afterthought when it comes to businesses' application and workflow design. Mobile use cases must be at the core of the collaboration and productivity experiences that businesses are delivering to employees. Improving system access and usability across mobile is a crucial step in providing the best possible employee experiences. Our research also shows that employees across frontline and back-office operations are reliant on a diverse set of mobile devices and capabilities to get work done. This data shows that frontline and information workers have different preferences relating to the primary devices they would like to use for work purposes. 60% of the workforce currently use a mobile device for work purposes,The change in work styles and locations embraced by many employees over recent years has also brought about a more mobile and digital-first nature to the way people communicate and collaborate at work. As the data in Figure 3 shows, business leaders feel that making collaboration more seamless and compatible with hybrid work styles will deliver important benefits. It is evident that business and IT leaders see frontline and information workers benefiting differently from mobile collaboration capabilities. For frontline workers, improving task efficiency—which drives increased productivity—and customer service are the most important benefits identified. These benefits are aligned closely to the profile of frontline workers, specifically how these employees often work closely with customers in roles that often have clearly defined and often repeatable tasks. For information workers, the mobile collaboration benefits that leaders are looking to realize include improving access to business information and resources and advancing communication between internal employees. Again, these aspirations are closely aligned to the characteristics of information workers, who rely heavily on business information and resources and often work in centralized and sometimes siloed business functionssuch as IT, HR, finance, and marketing. It is important that businesses acknowledge there is no dominant universal benefit of improving collaboration; different employees will benefit in different ways. Communicating, and improving business understanding of, the diverse set of benefits associated with a mobile collaboration initiative is important to gain corporate buy-in and support but also to enhance adoption and utilization of the technologies that will ultimately support any initiative. What do you feel will be the most important benefit of improving mobile collaboration within your organization?,Note: n=300,Strategically, business leaders are looking for investment in collaboration tools to help improve operational efficiencies and employee productivity and to strengthen the relationships they have with customers (See Figure 4). Reducing costs was another important identified priority. Businesses often have investments in a diverse estate of different communication and collaboration capabilities that extend across fixed, mobile, and digital apps. Consolidation and rationalization here can help organizations reduce costs associated with communication and collaboration capabilities. What are the top strategic outcomes your organization is trying to accomplish through its communication and collaboration tools and services?,Improve operational efficiency,Improve customer interactions and relationships,Improve employee productivity,Omdia advises businesses to place mobile at the core of a communication and collaboration strategy going forward. Business use of mobile devices and collaboration capabilities via these devices is more secure than ever, and these technologies are also more readily accessible to different types of workers. This sentiment is shared by businesses, with the majority identifying that improving access to digital collaboration capabilities via mobile devices will be a priority over the next 18 months. In addition to improving collaboration, businesses are also prioritizing improvement of employee productivity across mobile. This underscores businesses' belief in the way mobile devices and apps are becoming key enablers of positive digital experiences. Generative AI is also poised to play an important role in this context, specifically in the way the technology will help improve how employees interact with productivity applications, including word processors and spreadsheet tools, many of which were not natively designed with mobile in mind (See Figure 5). Note: n=300,Advancing workplace mobility delivers productivity and employee experience benefits, but it also presents businesses with new challenges, notably around security. Our survey shows that, in addition to BYOD security, businesses also see connectivity as a significant challenge that will be important to overcome over the next 18 months.Improving understanding of employee productivity and ensuring effective communications across mobile are other notable challenges (See Figure 6). The focus on securing BYOD activity highlights the importance of businesses having a bimodal approach where both corporate and personally owned mobile devices can be effectively managed and secured. There is certainly a resurgence happening around BYOD. According to business leaders, BYOD is now the most popular provisioning and management model for smartphones, with just under half of organizations (44%) saying it will be the preferred approach going forward. This surpasses the 32% of businesses that would prefer a corporate-liable approach to smartphone provisioning and security. Despite the resurgence of BYOD activity, it is evident that organizations still have concerns over how to secure it. Help here, in the form of both new technologies and security expertise, will be important. What will be the most challenging aspect of mobile working for your organization over the next 18 months? (top four responses only),Securing an employee BYOD program,Ensuring employees have the mobile connectivity they need to work effectively,Ensuring employees can effectively communicate and collaborate across mobile,Understanding how productive employees are,Workstyle adaptations and a change in employee preferences to work in a more mobile fashion are also set to increase demand for mobile collaboration services. Just under half (43%) of business and IT leaders said they expect demand to increase over the next 18 months, and just 7% believe demand will decrease (See Figure 7). The increased investment many businesses have planned is indicative of the importance leaders are attaching to mobile capabilities and services in enhancing overall employee collaboration. Optimizing experiences across mobile has become of paramount concern for organizations. In addition to making collaboration more seamless and intuitive across mobile, businesses must also focus on optimizing processes and applications to align with mobile use cases. This is especially important for employee support processes, because being able to access and engage with technical and other support workflows is crucial. Additionally, and as more work takes place across mobile, it is important that mobility management and security tools become an important part of the new digital infrastructure being created by businesses. Having a unified way to manage and secure mobile devices and apps alongside a more traditional PC estate is one way in which infrastructures are evolving to become more mobile centric. Ensuring employees have seamless connectivity across different locations and devices is another important consideration. Businesses are recognizing the significance of establishing a cohesive mobile strategy that not only enhances collaboration but also optimizes processes, fosters security, and promotes seamless connectivity across the entire organization. How do you feel demand for mobile collaboration services will change in your business over the next 18 months?,Note: n=300,We also asked business and IT leaders what they felt the two top areas of impact would be should their organization decide not to invest in mobile collaboration capabilities. Respondents said that business operations and employee collaboration would suffer the most negative consequences. Just over half (51%) of respondents felt that business processes and working practices would be damaged, with 45% of respondents highlighting employee collaboration as an area of potential concern. The implications of overlooking and failing to act on the mobile collaboration opportunity extend beyond just strategic considerations; there are also financial and regulatory repercussions should businesses get things wrong. Almost two-thirds (63%) of respondents cautioned that their business would face financial or regulatory penalties if sensitive business information and communications were unsecured, via personal messaging applications, for example. In an era when employees can communicate via a diverse range of devices and apps, it is important thatbusinesses cater to employee collaboration preferences. Striking a balance between having robust security measures and delivering great employee experiences can be challenging, but it is crucial. If employees feel the collaboration experience delivered by their employer is suboptimal, they may resort to personal options that lack appropriate business governance and security. This poses a considerable challenge for organizations that need stringent oversight and governance controls over business communications for auditing purposes. This issue is particularly critical for businesses in heavily regulated industries, where failure to adequately govern employee communications has resulted in significant financial penalties being imposed. Which of the following would be most affected if your organization chose not to invest in mobile collaboration capabilities?,Note: n=300,Business processes & working practices,Employee collaboration,Customer interactions,Would your company face financial and/or regulatory penalties if sensitive business information and communications were shared on a mobile device in an unsecured way?,Note: n=300,The increased demand expected by businesses for mobile collaboration services over the next 18 months is also affecting strategic mobility investment plans. Our research shows that just 9% of businesses will look to decrease overall investment in workplace mobility, and 50% are looking to invest in new mobile collaboration capabilities. This is an encouraging finding, especially given the challenging global economic climate. Business mobile ecosystems comprise myriad technologies that collectively empower organizations to effectively manage, secure, and facilitate mobile work. As a more mobilecentric approach to work becomes more prevalent, businesses are focusing on investing in mobile capabilities that strengthen the overall digital infrastructure. Our research indicates that businesses are planning to invest in a combination of different mobile collaboration capabilities over the next two years. Capabilities including AI-based support agents on mobile, native mobile dialer and collaboration app integration, rich text communication services, and secure communications on BYOD are all investment priorities for businesses. Will external economic factors and/or internal financial factors influence your investments in workplace mobility?,Note: n=300,Plan new investment,Investment will stay the same,Decrease,The growing business interest in enhancing how mobile calling and messaging are more richly converged into collaboration apps is representative of a broader trend that is gathering momentum. Use of collaboration apps across PCs has accelerated at great speed and scale over recent years. Platforms such as Microsoft Teams, RingCentral, Zoom, and Webex have become important tools for employees that not only help them communicate better but also enhance how they interact with important work resources. However, integration between these in-app collaboration capabilities and native mobile features could be improved, specifically around calling and messaging. A lack of convergence here can damage employee experiences and expose businesses to security risks. Improving integration between these over the-top collaboration apps and native mobile calling and messaging capabilities will help make communication more seamless and accessible. Key benefits of this more converged communication and collaboration approach include:,Enable mobile AI-based customer/employee support agents,Seamless call transfer between native mobile dialer and collaboration apps,Rich text communication services (RCS, iMessage),Enable corporate communications on personal employee devices (BYOD),What is the primary metric/indicator you will use to track how mobile is affecting overall business collaboration? Showing top four of eight total response options,Note: n=300,Though it is crucial to have strategic aspirations and the necessary technology in place, it is equally important for businesses to establish appropriate measures of success to assess the effectiveness of their mobile collaboration initiatives. Surprisingly, 17% of businesses are not currently tracking the impact of mobile on overall business collaboration. Across the manufacturing and retail industries, the proportion failing to track progress is even greater: around a quarter of businesses currently have no measures in place. Among those organizations that do have some form of measure or indicator in place, employee productivity improvements and better communication between employees, customers, and partners are the most common indicators relied on. In order to comprehensively assess the progress of any mobile collaboration initiative, businesses will need to rely on a combination of quantitative and sentimentbased indicators. Employee experience and satisfaction, collaboration solution adoption and utilization, and collaboration across mobile are examples of indicators businesses are using to gauge success and potential improvement opportunities. Which type of partner/supplier do you feel is best suited to support your workplace mobility goals?,Note: n=300,(e.g. AT&T, T-Mobile, Verizon),(e.g. Microsoft, Google, VMware),(e.g. Presidio, Avanade),(e.g. CDW, TD Synnex, etc.),In addition to the opportunities, business mobile initiatives also present many new challenges. Adopting the support and expertise of experienced digital partners will be important to success. It is mobile operators that most businesses feel are best suited to supporting their workplace mobility goals. Mobile operators occupy a unique position in delivering the diverse range of mobile capabilities businesses need to become truly mobile centric. These capabilities span cellular connectivity options, mobility management, and security solutions; mobile productivity; and collaboration. The strong pull businesses have to mobile operators is also largely in part attributable to the priority attached to mobile network coverage. This is evidenced when we analyze the capabilities and criteria organizations prioritize when selecting a business mobility partner. Here, it is pricing, network coverage and quality that businesses view as the most important mobile partner capabilities. A partner's security and privacy competencies and capabilities, in addition to the strength of features and functionality of any solution, are other important criteria. It will be important for mobile operators to further strengthen business awareness around the mobile capabilities they deliver beyond just connectivity. In addition to mobile and security solutions, supporting businesses in converging collaboration capabilities around mobile will be important for mobile operators. What are your top two criteria for selecting a business mobility partner/provider?,Note: n=300,Work-style evolutions and changing employee demands have put mobile at the top of the digital agenda. Many employees now rely on mobile technologies, but business workflows and processes must evolve around mobile use cases. Businesses must become more mobile centric in delivering better employee experiences and improving operations. A cohesive strategy and putting mobile at the core of the new digital-first infrastructures businesses are building are vital. If the mobile solutions and programs offered by a business are suboptimal, employees will gravitate to personal and less secure options. The implications for organizations can be costly, especially when sensitive business communications are shared via unsanctioned communication channels. Businesses need to work with the appropriate solutions and leverage the expertise of partners that can help them navigate these risks. Employees are increasingly collaborating across a range of different communication options, including mobile devices, collaboration apps, and tethered phones. 2021 DBIR Appendices

Knowing our readership cares about such things and consumes this information with a keen eye helps keep us honest. Detailing our methods is an important part of that honesty. First, we make mistakes. A column transposed here; a number not updated there. We're likely to discover a few things to fix. When we do, we'll list them on our corrections page: . Second, we check our work. The same way the data behind the DBIR figures can be found in our GitHub repository, as with last year, we're also publishing our fact check report there as well. It's highly technical, but for those interested, we've attempted to test every fact in the report. Third, François Jacob described day science and night science. Day science is hypothesis driven while night science is creative exploration. The DBIR is squarely night science. As Yanai et al demonstrate, focusing too much on day science can cause you to miss the gorilla in the data. While we may not be perfect, we believe we provide the best obtainable version of the truth (to a given level of confidence and under the influence of biases acknowledged below). However, proving causality is best left to the controlled experiments of day science. The best we can do is correlation. And while correlation is not causation, they are often related to some extent, and often useful. We would like to reiterate that we make no claim that the findings of this report are representative of all data breaches in all organizations at all times. Even though the combined records from all our contributors more closely reflect reality than any of them in isolation, it is still a sample. And although we believe many of the findings presented in this report to be appropriate for generalization (and our confidence in this grows as we gather more data and compare it to that of others), bias undoubtedly exists. Our overall process remains intact and largely unchanged from previous years. All incidents included in this report were reviewed and converted (if necessary) into the VERIS framework to create a common, anonymous aggregate data set. If you are unfamiliar with the VERIS framework, it is short for Vocabulary for Event Recording and Incident Sharing, it is free to use, and links to VERIS resources are at the beginning of this report. The collection method and conversion techniques differed between contributors. In general, three basic methods (expounded below) were used to accomplish this:,All contributors received instruction to omit any information that might identify organizations or individuals involved. Some source spreadsheets are converted to our standard spreadsheet formatted through automated mapping to ensure consistent conversion. Reviewed spreadsheets and VERIS Webapp JavaScript Object Notation (JSON) are ingested by an automated workflow that converts the incidents and breaches within into the VERIS JSON format as necessary, adds missing enumerations, and then validates the record against business logic and the VERIS schema. The automated workflow subsets the data and analyzes the results. Based on the results of this exploratory analysis, the validation logs from the workflow, and discussions with the partners providing the data, the data is cleaned and re-analyzed. This process runs nightly for roughly two months as data is collected and analyzed. Our data is non-exclusively multinomial, meaning a single feature, such as "Action", can have multiple values (i.e. "Social", "Malware", and "Hacking"). This means that percentages do not necessarily add up to 100%. For example, if there are 5 botnet breaches, the sample size is 5. However, since each botnet used phishing, installed keyloggers, and used stolen credentials, there would be 5 Social actions, 5 Hacking actions, and 5 Malware actions, adding up to 300%. This is normal, expected and handled correctly in our analysis and tooling. Another important point is that when looking at the findings, "Unknown" is equivalent to "Unmeasured." Which is to say that if a record (or collection of records) contains elements that have been marked as "Unknown" (whether it is something as basic as the number of records involved in the incident, or as complex as what specific capabilities a piece of malware contained), it means that we cannot make statements about that particular element as it stands in the record—we cannot measure where we have too little information. Because they are unmeasured, they are not counted in sample sizes. The enumeration "Other" is, however, counted as it means the value was known but not part of VERIS. Finally, "Not Applicable" (normally "NA") may be counted or not counted depending on the claim being analyzed. This year we again made use of confidence intervals to allow us to analyze smaller sample sizes. We adopted a few rules to help minimize bias in reading such data. Here we define 'small sample' as less than 30 samples. For a potential entry to be eligible for the incident/breach corpus, a couple of requirements must be met. The entry must be a confirmed security incident defined as a loss of confidentiality, integrity, or availability. In addition to meeting the baseline definition of security incident the entry is assessed for quality. We create a subset of incidents (more on subsets later) that pass our quality filter. The details of what is a quality incident are:,In addition to having the level of details necessary to pass the quality filter, the incident must be within the timeframe of analysis, (November 1, 2019, to October 31, 2020, for this report). The 2020 caseload is the primary analytical focus of the report, but the entire range of data is referenced throughout, notably in trending graphs. We also exclude incidents and breaches affecting individuals that cannot be tied to an organizational attribute loss. If your friend's laptop was hit with Trickbot it would not be included in this report. Lastly, for something to be eligible for inclusion in the DBIR, we have to know about it, which brings us to several potential biases we will discuss on the next page. Many breaches go unreported (though our sample does contain many of those). Many more are as yet unknown by the victim (and thereby unknown to us). Therefore, until we (or someone) can conduct an exhaustive census of every breach that happens in the entire world each year (our study population), we must use sampling. Unfortunately, this process introduces bias. The first type of bias is random bias introduced by sampling. This year, our maximum confidence is +/- 0.6% for incidents and +/- 1.5% for breaches, which is related to our sample size. Any subset with a smaller sample size is going to have a wider confidence margin. We've expressed this confidence in the conditional probability bar charts (the "slanted bar charts) we have been using since the 2019 report. The second source of bias is sampling bias. Still, it is clear that we conduct biased sampling. For instance, some breaches, such as those publicly disclosed, are more likely to enter our corpus, while others, such as classified breaches, are less likely. Figures 136, 137, 138 and 139 are an attempt to visualize potential sampling bias. Each radial axis is a VERIS enumeration, and we have ribbon charts representing our data contributors. Ideally, we want the distribution of sources to be roughly equal on the stacked bar charts along all axes. Axes only represented by a single source are more likely to be biased. However, contributions are inherently thick tailed, with a few contributors providing a lot,You'll notice rather large contributions on many of the axes. While we'd generally be concerned about this, they represent contributions aggregating several other sources, so not actual single contributions. It also occurs along most axes, limiting the bias introduced by that grouping of indirect contributors. The third source of bias is confirmation bias. Because we use our entire dataset for exploratory analysis (night science), we do not test specific hypotheses (day science). Until we develop a good collection method for data breaches or incidents from Earth-616 or any of the other Earths in the multiverse, this is probably the best that can be done. As stated, we attempt to mitigate these biases by collecting data from diverse contributors. We follow a consistent multiple-review process and when we hear hooves, we think horse, not zebra. We already mentioned the subset of incidents that passed our quality requirements, but as part of our analysis there are other instances where we define subsets of data. These subsets consist of legitimate incidents that would eclipse smaller trends if left in. These are removed and analyzed separately (as called out in the relevant sections). This year we have two subsets of legitimate incidents that are not analyzed as part of the overall corpus:,Finally, we create some subsets to help further our analysis. In particular, a single subset is used for all analysis within the DBIR unless otherwise stated. It includes only quality incidents as described above and excludes the aforementioned two subsets. Since the 2015 issue, the DBIR includes data that requires the analysis that did not fit into our usual categories of "incident" or "breach." Examples of non-incident data include malware, patching, phishing, DDoS, and other types of data. The sample sizes for non-incident data tend to be much larger than the incident data, but from fewer sources. We make every effort to normalize the data (for example weighting records by the number contributed from the organization so all organizations are represented equally). We also attempt to combine multiple contributors with similar data to conduct the analysis wherever possible. Once analysis is complete, we try to discuss our findings with the relevant contributor or contributors so as to validate it against their knowledge of the data. Never fear, back by popular demand from auditors, CISOs and control freaks in general, we're updating our mapping with the community-built CIS Controls. If you haven't heard, they have gone through a major update for their eighth iteration, much like our patterns have this year, and have been creatively named CIS Controls. Fortunately, there's no "should've had a V8" of the Controls mapping to VERIS, because we've got you covered. The CIS Controls are a community-built, maintained and supported series of best practices targeted at helping organizations prioritize their defenses based on what attackers are doing, the so-called "Offense informs Defense" approach to best practices. The DBIR is but one resource of attacker knowledge at the macro level. Nevertheless, we were fortunate enough to be in a position to provide feedback and suggest input into their community process. Whether you are presenting your NIST Cybersecurity Framework (CSF) strategic roadmap at the Board level or defending an individual funding request for a new security program initiative, our goal is to allow you to easily tie our findings and data to your organization's efforts. We are thrilled to witness the evolution of the best practices due to the hard work of the individuals that donated their valuable time to help. Here is an overview of what has changed:,One of the more helpful components that the CIS community has decided to continue from v7 are the Implementation Groups (IG), which help organizations further prioritize their implementation of Controls based on their resources, risk and other factors. The notion being that while every organization needs security, the giant, international, leader on ethical pharmaceutical practices Umbrella Corp probably needs a larger and different set to protect its research facilities in Raccoon City than does the local pet hotel. The IGs build on each other, with Implementation Group 1 being the starting point where a smaller subset of the Controls are implemented, (approximately 36%) ,and then building all the way up to Implementation Group 3, where all 153 safeguards are implemented. Figure 137 breaks out the mapping into more granular detail and shows the relationships between the patterns and the overlap with the CIS Control for each Implementation Group. In the report, you have hopefully noticed the addition of the Top Protective Implementation Group 1 Controls listed for each industry. By using the combination of the mappings to patterns, implementation groups, and security functions of the Controls, we identified the core set of Controls that every organization should consider implementing regardless of size and budget:This control is not only a mouthful, but it also contains safeguards focused on engineering solutions that are secure from the outset, rather than tacking them on later. In this Control you will see substantial benefit toward reducing Error-based breaches like Misconfiguration and Loss of assets through enforcing remote wipe abilities on portable devices. While this is technically a new Control in version 8, it should be extremely familiar as the safeguards are really just a centralization of the previous account management practices that were found in a few previous Controls, like Boundary Protect and Account Monitoring and Control. This control is very much targeted toward helping organizations manage the access to accounts and is useful against brute forcing and credential stuffing attacks. This is Control 5's little cousin in which instead of simply looking at the user accounts and managing access to those, you're managing the rights and privileges and lastly enforcing multifactor authentication on key components of the environment, a useful tactic against Use of stolen credentials. This control is a classic and hopefully doesn't need a whole lot of explanation. Considering the high prevalence of Errors and Social Engineering, it is obvious that awareness and technical training are probably a smart place to put some dollars to help support your team against a world full of cognitive hazards. The year 2020 will be remembered as the year of the COVID-19 global pandemic, with its short and long-term impacts. The pandemic began with lockdowns and a rapid transition to remote work, and continued with economic slowdowns and associated relief efforts. The pandemic affected all aspects of life and was particularly conducive to cybercrime. In a matter of weeks, organizations had to transition to remote work, where possible. The reliance of a vastly expanded remote workforce resulted in a surge in the number and severity of attacks related to the weaknesses in underlying Internet and information technology infrastructure. This led to an increase in the number of incidents associated with the telework portion of the Business Continuity Plan (BCP) for many organizations. BCPs generally contain provisions for remote access to services available on an organization's network, a proliferation in email traffic for internal communications, and an increased reliance on enterprise video and audio communications. With this shift came an increase in malware and social engineering attacks, consistent with the exploitation of general communications. Organizations that neglected to implement multi-factor authentication, along with virtual private networks (VPN), represented a significant percentage of victims targeted during the pandemic. The zero-trust model for access quickly became a fundamental security requirement rather than a future ideal. Nonrepudiation via Personal Identity Verification (PIV), Fast Identity Online (FIDO), or similar solutions became essential in zero-trust architectures. Security postures and principles, such as proper network segmentation, the prevention of lateral movement, least privilege, and "never trust, always verify" have proven to be strong indicators of an organization's ability to prevent or recover from unauthorized presence in its network environment. In 2020, in the midst of the pandemic, cyber actors increased malware attacks against U.S. victims, including the healthcare and public health sector. The U.S. Secret Service noted a marked uptick in the number of ransomware attacks, ranging from small dollar to multi-million dollar ransom demands. While most organizations had adequate data backup solutions to mitigate these attacks, cyber actors shifted their focus to the exfiltration of sensitive data. These cyber actors, often organized criminal groups, proceeded to monetize the theft by threatening to publicize the data unless additional ransom was paid. The monetization of proceeds was typically enabled by cryptocurrency, in an attempt to obfuscate the destination of proceeds and hamper the ability of law enforcement to locate and apprehend those responsible for the crime. One of the primary responsibilities of the Secret Service is to protect the financial infrastructure of the United States. The pandemic required an unprecedented response from the Federal government. Legislators approved the release of $2.6 trillion of taxpayer funds to address the economic effects of the pandemic on the nation. The release of federal funding attracted the attention of organized criminal groups and individuals attempting to exploit pandemic relief programs. As a result, preventing and deterring pandemic relief fraud became the focus of the Secret Service and other law enforcement agencies, particularly focused on Federal funding allocated to states for unemployment benefit programs. The Secret Service worked with law enforcement partners at the U.S. Department of Labor to prevent criminal activity and arrest those responsible for exploiting the programs. This effort prevented more than $1.5 billion from reaching criminals and ensured that hundreds of millions of dollars intended to provide support to affected communities was returned to the states and the intended recipients. Yet in spite of these efforts, criminals continued attempting to divert pandemic relief funds from different programs, to include $697.3 billion in loans intended to support businesses. The Secret Service and partner law enforcement agencies have expanded our efforts to prevent and mitigate these crimes, and ultimately locate and arrest those responsible. The year 2020 demonstrated, once again, the enduring threat posed by organized cyber-criminal groups. Whether the crime involves a hospital ransomware attack, the sale of exfiltrated customer data, ATM cash-out attacks, or the theft of pande2ic relief funds, the common indicator is the prevalence of organized crime. Criminals can be either formally or informally organized, at times in partnership with nation-state malicious actors, based on a common interest in illicit profit. Cyber actors quickly shift their activity based on emerging opportunities to steal and launder funds using any tactics, techniques, and procedures available to them. Collaboration between domestic and foreign law enforcement partners to combat cybercriminal groups and their schemes is key to dismantling organized crime and apprehending cyber actors. To address this continued shift of criminality, the Secret Service operates a network of Cyber Fraud Task Forces (CFTF), a partnership of federal, state, local, and foreign law enforcement agencies, prosecutors, the private sector, and academia. Outreach is at the core of the Secret Service CFTFs, as it fosters trusted relationships and information sharing, which are important tools in mitigating cybercrimes. While apprehending criminals is, and will continue to be, the ultimate goal of the Secret Service, prevention and mitigation are equally critical in the protection of the U.S. financial infrastructure. Akamai Technologies Ankura Apura Cybersecurity Intelligence Arics Cooper Atos (Paladion) AttackIQ,Bad Packets BeyondTrust Bit Discovery Bit-x-bit BitSight BlackBerry Cylance,Center for Internet Security CERT European Union CERT National Insider Threat Center CERT Polska Checkpoint Software Technologies Ltd. Chubb Cisco Talos Incident Response Coalition Computer Incident Response Center Luxembourg (CIRCL) CrowdStrike Cybersecurity and Infrastructure Security Agency (CISA) CyberSecurity Malaysia, an agency under the Ministry of Communications and Multimedia (KKMM) Cybir (formerly DFDR Forensics),Dell Digital Shadows Dragos, Inc,Edgescan Elevate Security Emergence Insurance EUROCONTROL,Farsight Security Federal Bureau of Investigation - Internet Crime Complaint Center (FBI IC3) F-Secure,Global Resilience Federation Government of Telangana, ITE&C Dept. Secretariat Government of Victoria, Australia - Department of Premier and Cabinet (VIC) Grey Noise,Hasso-Plattner Institut Homeland Security Solutions B. V (HLSS,ICSA Labs Irish Reporting and Information Security Service (IRISS-CERT),JPCERT/CC,Kaspersky KnowBe4,Lares Consulting Legal Services - ISAO LMG Security,Malicious Streams Maritime Transportation System ISAC (MTS-ISAC) Micro Focus Mishcon de Reya mnemonic,National Cybersecurity & Communications Integration Center (NCCIC) NetDiligence® NETSCOUT,ParaFlare Pty Ltd Proofpoint PSafe,Qualys,Rapid7 Recorded Future,S21sec SecurityTrails Shadowserver Foundation Shodan SISAP - Sistemas Aplicativos Swisscom,Tetra Defense,United States Computer Emergency Readiness Team (US-CERT) U.S. Secret Service,VERIS Community Database Verizon Cyber Risk Programs Verizon DDoS Shield Verizon Digital Media Services Verizon Managed Security Services - Analytics (MSS-A) Verizon Network Operations and Engineering Verizon Professional Services Vestige Digital Investigations VMRay Verizon Threat Research Advisory Center (VTRAC),WatchGuard Technologies,ZscalerInterested in how we test them? Check out Chapter 9, Hypothesis Testing, of ModernDive:,Jacob F. The Statue Within: An Autobiography. CSHL Press; 1995. By way of Selective attention in hypothesis-driven data analysis, Itai Yanai, Martin Lercher, bioRxiv 2020.07.30.228916;,Really. They made printing the data print a gorilla and people trying to test hypotheses completely missed it,Eric Black, "Carl Bernstein Makes the Case for 'the Best Obtainable Version of the Truth,'" by way of Alberto Cairo, "How Charts Lie" (a good book you should probably read regardless). Interested in sampling? Check out Chapter 7, Sampling, of ModernDive:,Interested in sampling? Check out Chapter 7, Sampling, of ModernDive: https://moderndive.com/7-sampling.html,This and all confidence intervals are 95% confidence intervals determined through bootstrap simulation or Markov Chain Monte Carlo. Mobile Workforce Management Solutions

Energize the mobile workforce with Teams,Author: Zeus Kerravala, Founder and Principal Analyst, ZK Research,For years, mobile employees have constituted a significant portion of the workforce. Since the start of the pandemic in 2020, the move to hybrid (or flexible) work has increased the number of mobile workers significantly. Despite some grumblings to the contrary (and many supporters of the return-to-office movement grabbing the spotlight), hybrid work is here to stay. In fact, the ZK Research 2023 Hybrid Work Study showed that 75% of employees will work remotely at least one day a week for the foreseeable future (Exhibit 1). Ten percent of workers will be remote one day a week, 41% will be remote two to four days a week, and 24% will be remote all the time. Only 25% of workers will be in the office permanently. Employees work at various locations scattered around the globe, and they all rely on a disparate set of tools to keep in touch throughout the day. Consequently, the unified communications (UC) vendor community has responded with unprecedented development. Innovation has been happening at breakneck speed, all with the goal of making hybrid work more effective. Source: ZK Research, 2023,The rise of Zoom during the pandemic (and the endless press coverage that it generated for the company) obscures the work that other providers have done alongside that upstart. Buried in the news clippings of the past few years is a startling fact: Microsoft Teams is now the leading UC platform, with more than 320 million active daily users—a massive expansion from just 8 million five years ago (Exhibit 2). That probably has something to do with Microsoft's broad reach into most enterprise IT departments in the largest companies in the world. In fact, quite a few have standardized on Teams and don't sanction the use of other platforms. Despite Teams' high adoption rate as a collaboration tool, it has not reached the same level of acceptance as a phone system. Even though it's such a broadly accepted tool, Teams has a number of limitations that hinder its usability, especially for remote and mobile workers. Teams can be great for workers who are tied to a desk, but it doesn't deliver such a great experience for mobile workers who are on the go constantly. For example, to use Teams, mobile workers typically need to have the app open on their phone or they miss calls. They also need to manage multiple phone numbers or even multiple devices, which can be a burden if they're on the go. Perhaps the most significant issue is that just making a simple call from Teams on a mobile phone can be a challenge. Out of the box, Teams users can't make external calls. Although Teams is the leading UC solution globally, and it can be the right option for many companies and users, it needs additional functionality to become the complete UC package that many companies are seeking. Most approaches to address these limitations have been Band- Aids that still require multiple apps and really only add another layer of unnecessary complex- ity. ZK Research has talked to enterprises that have been crying for a truly unified solution that simplifies the user experience and blends the native calling abilities of every phone with Teams' calling functionality. Verizon partnered with Microsoft to look at the issues, listened to customers, and engineered a way to improve and simplify the Teams experience. Verizon is the first operator in the United States that offers Teams Phone Mobile—delivered as Verizon Mobile for Microsoft Teams (VMMT)— which facilitates the user experience and brings native mobile calling to Teams. In this report, we'll look at VMMT and how it can benefit enterprises. Plus, we'll share some case studies that show how VMMT is helping companies with very mobile workforces. Finally, we'll make some recommendations for enterprises that are looking for a solution to help improve the overall experience for Teams mobile users. DemandSage and ZK Research, 2023,Verizon is uniquely positioned to mobilize Teams. As of November 2023, the company is currently the only U.S. mobile operator offering a mobile calling solution for Teams and the only provider offering a complete Teams calling suite. With that connection in place, Verizon was able to engineer VMMT, which provides Microsoft Teams calling directly from the Verizon network. As a result, a user's mobile phone can work as a Teams endpoint—in other words, the experience is seamless. With VMMT, a mobile device can use a phone's native dialer to place and receive Teams calls even when the Teams app is not running. Workers just use the familiar native dialer to make and receive calls. The cellular network treats Teams calls as voice calls. As a result, the network prioritizes them over calls that run on data channels, which ensures the highest possible call quality. Because the network sees them as voice calls, even when data coverage is limited, users can make Teams calls. The licensing can be more straightforward, too. VMMT works with all Microsoft 365 and Teams Phone Standard licenses, including E5, E3, F1, and F3. As a result, there's no additional cost from Microsoft to the organization. VMMT is not a walled garden; it works well with other Verizon services that operate with Teams, including Verizon VoIP for Operator Connect and Verizon Calling with Microsoft Teams:,combines the Microsoft Teams Phone System with Verizon's IP trunking solution, known as Verizon VoIP, which makes placing Teams voice calls (both to and from numbers outside of a company network) quicker and easier. expands unified communication capabilities beyond the enterprise network—all on a single platform. Enterprises using Microsoft Teams for collaboration can more simply add enterprise-class calling. VMMT is well suited for companies with front-line workers who are always on the go but require a single company phone number. In addition, companies in industries with strict compliance mandates, such as financial services and healthcare, will also benefit. A global manufacturer headquartered in Europe—with factories in Asia, a call center in India, mobile/field workers in the United States, and a newly acquired subsidiary in Latin America—was looking to connect its global locations and enable external calling around the world using one UC platform. The company also wanted to interconnect factory and call center workers. The results:,A beverage distributor turned to VMMT to improve productivity by extending Teams to its drivers and sales reps. The results:,VMMT offers several benefits that enterprises should consider. First, VMMT takes the term "unified communications" literally. It's a centralized platform that enables all users—including remote and mobile workers, those on the front line, and people in the office—to access Teams. With the integration of Verizon calling within Teams, VMMT provides a unified business communications experience that is significantly simpler for the worker. VMMT also includes several other features, including the following:,The transition between a simple voice call and Teams is impossible with some systems. VMMT makes it easy to switch between a mobile voice call and a Teams meeting. How often are you in transit for the start of a Teams call and then in the office for the end? This seamless transition eases the disruption. VMMT also simplifies the process of moving from a voice call to a Teams video call. Managing multiple phone numbers can be a challenge. And keeping track of the device where a specific call or voicemail came in can be confusing. Having a single number, unified call history, and voicemail simplifies that. Workers can make and receive calls from the smartphone's native dialer or Teams endpoints using one business-owned mobile number while enjoying the simplicity of a single number across devices. The plethora of devices needed to support all the communication tools mobile workers use can be a liability for companies. VMMT can integrate with a company's compliance recording solution for mobile calls without requiring the purchase of additional apps. VMMT can be managed with corporate mobile device management (MDM) solutions such as Microsoft Intune, which enables SecOps teams to apply security policies directly to the device. Consequently, organizations can extend enterprise-grade business policies across mobile devices. Enterprises can configure devices to make calls appear to come from the organization rather than a user's mobile phone so that their direct numbers are not exposed externally. VMMT can lower costs and eliminate redundancies by consolidating mobile, hybrid, and front-line workers onto one mobile number. This removes redundancies and reduces the costs associated with multiple phone numbers and devices as well as duplicate systems. The ZK Research 2023 Hybrid Work Study shows that workers spend up to 40% of their time simply managing their work. Having one phone number for both mobile and Teams can eliminate a chunk of that inefficiency. With VMMT, when a call comes in on Teams, it rings on the smartphone's native dialer—as well as across laptops, tablets, and desk phones. This enables employees to answer and make Teams calls on the device of their choice and to move a call to another device with no delay. With VMMT, there's no need to have the Teams app open. As a result, workers will miss fewer calls and be more productive. Understanding the availability and location of individual employees is a great advantage when planning meetings or trying to get in touch with perennially mobile workers. VMMT turns a mobile phone into a Teams endpoint, so Teams can update presence based on mobile device status. The pandemic underscored the need for UC solutions, but it also revealed their shortcomings. Even as one of the most successful solutions, Teams has opportunities for improvement. Seamlessly blend- ing the mobile, office, and remote experience has proven challenging. That's where Verizon Mobile for Microsoft Teams comes in as a solution that eliminates some of the most troublesome limitations. There are other solutions that enterprises might consider. So, as a guide, ZK Research has several recommendations on what to look for:,Ensure the solution switches between a mobile voice call and a Teams meeting without skipping a beat. In addition, see if the solution can facilitate moving from a voice call to a video call without interruption. Does the solution offer a single number, unified call history, and voice- mail—all from the smartphone's native dialer? This is critical to reduce complexity and expenses. Does the solution utilize popular MDM solutions that help SecOps teams apply security policies directly to the device? This approach enables both the application of enterprise-grade business policies across mobile devices and compliance recording for mobile calls without additional apps. Make sure the solution you choose has this capability. The business world is hybrid and is never going back to the way it was pre-pandemic. Remote and mobile workers will continue to grow in numbers, so building solutions that can make the life of a road warrior as seamless as possible will be critical. ZK Research has evaluated the VMMT solution and thinks it ticks the right boxes. A wealth management firm chose VMMT to provide a single phone number, shared across all their devices, that employees can use to connect with customers wherever they are. The results:,Zeus Kerravala is the founder and principal analyst with ZK Research. Kerravala provides tactical advice and strategic guidance to help his clients in both the current business climate and the long term. 