The Evolving Role Of Cybersecurity Operations In A Rapidly Changing World

As the today’s digital landscape continue to evolve, so do cyber threats and the ongoing challenges organizations must face. Emil Sayegh, CEO of Ntirety and cybersecurity expert, shares an article on Forbes about the evolving role of cybersecurity in an ever-changing world. From sophisticated cyberattacks to internal vulnerabilities, Sayegh notes that threat complexity is escalating and creating pervasive and multifaceted risks. This in turn requires innovative solutions, prompting a shift in traditional security paradigms towards a more integrated, data-driven approach.

Security Silos No More. – “The days of siloed security operations are behind us. Cybersecurity is now a critical conversation occurring at the highest levels of business and being intricately woven into every facet of operations.”

Navigating Internal and External Threats with Agility – “Organizations must contend with external hackers and internal employees who misuse resources (consciously or unconsciously) or engage in nefarious activities. The adoption of zero-trust models and emphasis on identity threat management in the face of these risks exemplifies a shift towards more sophisticated, data-driven security practices. These approaches not only defend against known threats, but also anticipate and mitigate potential vulnerabilities from within.”

Beyond Traditional Defenses: Embracing Comprehensive Security – “Modern security has evolved from a peripheral concern to a central element of strategic business planning. The harsh reality is that companies can now face closure due to a security breach, as demonstrated by numerous unfortunate instances. This shift signifies a transition from conventional security protocols to a comprehensive security model that integrates every facet of organizational operations. Through such integration, organizations enhance their ability to effectively anticipate, respond to, and recover from cyber threats.”

The Elusive Cybersecurity Nirvana – “Technological advancements, such as artificial intelligence (AI) and machine learning (ML), have revolutionized security monitoring. These technologies enable organizations to detect and respond to threats more efficiently by analyzing vast amounts of data to identify patterns and predict potential security incidents. Comprehensive security encompasses a multifaceted approach that extends beyond these technological defenses to include policy, governance, and human factors. It blends business acumen with security expertise, integrating solutions into an interconnected system that supports business continuity and creates value.”

Building a Resilient Future – “As organizations navigate the intricacies of the threat landscape, cybersecurity success will be defined by an emphasis on risk and resilience, alongside a proactive, data-driven approach. This integration of security monitoring services within a comprehensive security framework represents a pivotal shift in how organizations approach cyber defense. By seamlessly combining advanced monitoring capabilities, strategic planning, and a profound understanding of business operations, organizations can establish a resilient security posture.”

 

For Full Article, Click Here

Suppressing Receiving Delivery and Putaway Delivery Tickets

, ,

To suppress Receiving Delivery and Putaway (PO134) delivery tickets when MSCM Delivery Documents are all that is needed is to disable the Back-Office PO Receiving (PO30) Receiving Delivery and Putaway (PO134) delivery ticket by removing the printer from PO Receiving (PO30) or create a dummy printer to stop the back-office delivery ticket from printing.

Removing the printer from PO Receiving (PO30) only works if the user does not have a default printer assigned to them. After being removed, the default printer will simply populate back in the field upon clicking change.

Additionally, an enhancement to PO Company Setup (PO01) was added which provides a flag called “Delivery and Putaway Ticket Print” which allows disabling the delivery ticket printing at the company level.

How Businesses Should (And Should Not) Use AI: A Strategic Blueprint

While artificial intelligence (AI) is a hot topic and an almost necessary feature to add to your business systems, professionals often find themselves unable to truly leverage it. Sometimes they don’t fully understand AI’s capabilities, and other times they don’t fully utilize all the tools AI has to offer. Bernard Marr, strategic business & technology advisor, shares an article on Forbes mapping a strategic blueprint on how businesses should and should not use AI effectively.

Start With Strategy, Not Technology – “Before diving in, companies need to identify clear use cases where AI can have a meaningful impact that is aligned with business objectives. Whether it’s improving supply chain efficiencies, personalizing marketing efforts, or enhancing customer service, the key is to ensure that AI solutions address specific pain points and add tangible value.”

Ethical Considerations And Bias Mitigation – “As businesses explore AI, it’s crucial to address the ethical implications and work actively to mitigate biases in AI models. By maintaining transparency in data and algorithmic processes, companies can prevent the detrimental effects of biased AI, thereby upholding both ethical standards and customer trust.”

Regulatory Compliance And Legal Issues – “Regulatory compliance, including adherence to data protection laws like GDPR in Europe and CCPA in California, must be a priority. A case in point is the healthcare sector, where companies have leveraged AI while rigorously adhering to HIPAA regulations, showcasing how compliance can be seamlessly integrated into innovative AI solutions.”

Technology Infrastructure Requirements – “Modern cloud AI solutions provide an illustrative example of integrating AI into existing IT ecosystems, offering advanced data storage and computing capabilities tailored to support intensive AI operations. Businesses must consider these infrastructure needs early in the planning process to ensure seamless AI integration and scalability.”

The Pilot Paradox – “A common pitfall for many companies is the enthusiasm to create AI pilots without a roadmap for scaling them. These pilots often generate buzz but fizzle out without leaving a substantial impact on the business. Scaling AI requires not just technological readiness but also alignment with business operations and strategic vision. A successful transition from pilot to scale involves meticulous planning, cross-functional collaboration, and, sometimes, a dose of courage to push through organizational inertia.”

Cultivating The Right Culture – “Technology may be at the heart of AI, but people are the soul. For AI to thrive, creating the right organizational culture is paramount. This means cultivating an environment where innovation is encouraged and failures are seen as stepping stones to success.”

Taking People On The AI Journey – “Businesses need to ensure that they take their people along on the AI journey. This involves engaging with employees across all levels—talking, listening, and most importantly, addressing their concerns and aspirations regarding AI.”

Learning And Sharing Best Practices – “Sharing best practices and learnings not only within the organization but also with peers and industry cohorts can provide fresh insights and prevent common pitfalls. This collaborative approach can lead to a more robust AI strategy that benefits from collective experiences and innovations.”

 

For Full Article, Click Here

How to resolve Lawson error – Cannot run AP520, entire Company run is in progress

, ,

In Lawson you may run into the following error when a user is trying to change or run a job:

“Cannot run AP520, entire Company run is in progress”

The error can be found at the bottom of your screen (see below screenshot in red box)

 

To resolve this, open and then log in to Lawson Interface Desktop (LID):

Type the following: lapm <enter_your_productline> qmon and press enter

 

Next. find the AP record and delete it. The error should be fixed and disappear. See if the user can now change/run the job. Refer to the screenshots below for a visual guide.

 

Evolving Security Operations With AI

The ever-growing presence of cyber attacks and ransomware threats calls for an increased need in cybersecurity efforts for your business. One way to evolve your security operations is with artificial intelligence (AI). With cybersecurity threats evolving rapidly, the combination of AI in your security operations is almost essential. Tony Bradley, cybersecurity expert and Editor-in-Chief of TechSpective, shares an article on Forbes on how to evolve your security operations with AI by finding ways to leverage its strengths to improve security while accounting for its weaknesses and avoiding unnecessary pitfalls. “Automation through AI allows for quicker responses and more effective threat management,” Bradley states, “while AI-driven analytics provide deeper insights into security data, enhancing visibility across diverse and complex environments.”  Matt McKeever, CTO of Cloud Engineering at LexisNexis, adds, “AI can take over the grunt work of filtering through logs and writing detection rules, effectively promoting entry-level analysts to more advanced roles where they can focus on critical decision-making.” Automation with AI has been a game-changer in many aspects of your business systems, and cybersecurity is no different. Bradley notes that AI-driven automation not only speeds up these processes but also introduces accuracy and consistency, allowing humans to focus on more strategic security decisions. Moreover, he stresses that AI is going to continue to play a crucial role in evolving security operations. “By enhancing visibility, automating processes, and leveraging collaborative innovation, AI is setting new standards in the cybersecurity field, promising a more secure and efficient approach to tackling digital threats.”

 

For Full Article, Click Here

How do I request a new Lawson software license key?

, ,

Have you ever wondered how to request a new Lawson software license key?

You will need to request a new software license key from your Infor Representative. Here are the steps to do so:

  1. Log into Infor Concierge
  2. In the Application Switcher select the Infor Support Portal application.
  3. At the top click on the Resources menu
  4. Select Request a Software Key > Key Request
  5. Click the Browse button to search for and locate your company name
  6. Fill/Select required fields
  7. Select Next button
  8. Select the product you need a license key for. If what you need is not on the list, then note it in the ‘Notes’ section at the bottom of the page.
  9. Click the Submit button.

 

That’s all you need to do!

The Critical Role Of AI And Automation In Endpoint Management

Business big and small are not immune to cyberattacks, especially in today’s vast digital landscape. Cybercriminals are becoming more clever and sophisticated by exploiting vulnerabilities faster than we can patch them up. Tony Bradley, cybersecurity expert and Editor-in-Chief of TechSpective, shares an article on Forbes with a key weapon to combat these cybersecurity threats in endpoint management: the artificial intelligence (AI) and automation. “These two tools offer a robust solution to augment human resources and bolster security postures,” says Bradley. He also cites Verizon’s 2024 Data Breach Investigations Report where it says that it takes organizations about 55 days to patch 50% of critical vulnerabilities once they appear in the CISA Known Exploited Vulnerabilities catalog. Meanwhile, the median time for a vulnerability in the CISA KEV catalog to be scanned by threat actors is just 5 days. “This disparity leaves a significant window of opportunity for cyberattacks,” he notes. “Additionally, a majority of breaches involve vulnerabilities that are over six months old, highlighting the persistent problem of delayed patching and vulnerability management.”  Bradley shares two effective roles you can include AI and Automation in your organization’s cybersecurity business model: Leveraging AI for enhanced security and automating compliance and risk management.

Leveraging AI for Enhanced Security. “The use of AI in cybersecurity offers significant advantages, particularly in prioritizing vulnerabilities and detecting threats in real-time. By using a combination of AI services for prompt writing, result generation, and result analysis, organizations can improve the overall performance of their AI-driven security measures​​.”

Automating Compliance and Risk Management. “Automation also plays a pivotal role in maintaining compliance with various security standards such as HIPAA and PCI. Organizations need to employ solutions with built-in capabilities to automatically monitor and enforce compliance, snapping endpoints back to the required standards whenever deviations are detected​​. This not only helps in passing compliance audits but also ensures that security best practices are consistently followed across the organization.”

 

For Full Article, Click Here

Top 10 governance, risk, and compliance certifications

Government, risk, and compliance (GRC) skills are highly sought these days due to the increased regulations, cybersecurity events, and geopolitical issues on the rise. Sarah White, senior IT writer for CIO.com, shares an article sharing the top GRC certifications you should consider for your organization that would be worth your time, money, and effort.

For starters, White defines GRC certifications are what validate the skills, knowledge, and abilities that IT professionals have to manage governance, risk, and compliance (GRC) in your enterprise. “With companies increasingly operating on a global scale, it can require entire teams to stay on top of all the regulations and compliance standards arising today,” she says. “It’s crucial to ensure your organization is operating lawfully in every country it operates, that your business is protected from cybersecurity threats, and that your company both manages risk and establishes processes to govern those tasks.” The main goal of GRC essentially is to reduce risk and manage business processes more efficiently. Below are White’s top 10 GRC Certifications that businesses should highly consider and prioritize

Top 10 GRC certifications

  • Certified Compliance & Ethics Professional (CCEP)
  • Certified Governance Risk and Compliance (CGRC)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certification in Risk Management Assurance (CRMA)
  • Certified in the Governance of Enterprise IT (CGEIT)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • ITIL Expert
  • GRC Professional (GRCP)
  • Project Management Institute — Risk Management Professional (PMI-RMP)

 

For Full Article, Click Here

How to clear up Lawson Interface Desktop (LID) processes and free up licenses error

, ,

Follow this simple guide below to learn how to free up Lawson Interface Desktop (LID) error about max license usage.

When too many users are using LID (or don’t exit out properly), you can max out license usage.

To resolve this error, on the LSF App server (or server users are connecting to via LID), open task manager and end any LAPM.exe tasks as shown below (the users login name should show below so if this request is for a specific user, you can surgically end these lapm.exe processes):

Once those lapm.exe processes are killed, tell the user to try and login again and it should allow them to do so.

 

The 10 most common ERP security issues and ways to fix them

Today’s digital landscape is as vulnerable as ever. Especially with enterprise resource planning (ERP) systems, they are exposed like never before. Kevin Beaver, independent information security consultant at Principle Logic, LLC, shares an article on TechTarget highlighting the 10 most common ERP security issues and the immediate ways IT teams can take action and fix them.

  1. Unknown vulnerabilities. “The most common ERP security problem is IT and security staff not knowing what they don’t know. IT leaders must first gain a thorough knowledge of their company’s ERP security risks before taking any further action. Once they understand their organization’s unique threats, vulnerabilities and related gaps, they can take the proper steps to minimize exposure and limit the effects when a security incident does occur.”
  2. Missing software updates. “Workstations and servers that are part of the ERP system are often missing needed software updates. Lack of updates can lead to anything from ransomware infections to denial-of-service attacks to full remote unauthenticated access. IT teams must regularly update software and implement security patches, including a formal patch program, even though doing so might lead to critical systems experiencing system outages and downtime.”
  3. Weak ERP authentication. “At a minimum, ERP authentication should be as strong as internal domain account controls. This standard usually isn’t met if the system is simply using unique credentials. IT leaders must take action to strengthen logins where needed to avoid security problems, which can include unauthorized access and system downtime.”
  4. Web application-specific vulnerabilities. “Some web applications allow SQL injection and privilege escalation, and they possess business logic flaws that allow users to manipulate parts of the system, including aspects belonging to other parties in a multi-tenant setup. IT leaders must be aware of which applications include these potential problems and include all web-related components in ongoing vulnerability and penetration testing efforts.”
  5. Open network shares. “Certain ERP systems — usually older ones — require network users to have access to the ERP system folders. This practice is extremely unsafe and can lead to ransomware and unauthorized access for the casual user, or attacker, who is browsing the network. IT leaders should consider a software change if the company’s current ERP system mandates these permissions.”
  6. Lack of communication about security issues. “Employees must notify IT or other tech leaders immediately when an ERP security issue occurs. Employees might assume that IT and security staff are taking care of any issues, but IT and security staff may not even know about them.”
  7. Lack of incident response planning. “IT leaders must make a plan now to avoid scrambling during a crisis. Staff should practice incident response procedures through tabletop exercises and make ongoing updates as needed.”
  8. Lack of proper testing. “IT leaders can’t address ERP security issues if they don’t know about them. They must implement periodic and consistent vulnerability scans and penetration testing that go beyond IT control audits.”
  9. Unclear employee expectations. “A security committee should work alongside legal counsel and human resources to ensure employee computer usage rules are clear and that employees are well-trained on security issues, acting as part of the team rather than working against it.”
  10. Lack of ongoing education for technical staff. “Tech staff must stay up to date on the most common ERP security issues as those issues grow and change and must understand the latest security concepts and practices.”

 

For Full Article, Click Here