Cybersecurity is a must for modern businesses: Cybercrime accounted for more than $1.33 billion in monetary damages in 2016, according to a report on Statista. While companies are deploying numerous security measures, cybersecurity only works as well as the weakest link — meaning employees who may not be up-to-date, or onboard, with security routines have the potential to let breaches occur.

So, how do you get employees to comply with cybersecurity procedures, for the good of not only the company and its clients, but also for the employees themselves? Below, seven members of Forbes Technology Council provide insight into how you can shift the way employees view cybersecurity compliance and improve overall digital vigilance.

1. Establish Awareness

Establish a cybersecurity awareness program. Conduct frequent mandatory employee training and other related cybersecurity interactions. Share examples from our day to day. Establish simple cybersecurity rules and procedures that employees can easily understand and adopt. The weakest link is the end user. Deploy procedures and tools for cyberthreat exceptions, including user behavior analytics. – Guy Yehiav, Profitect

2. Treat Data Seriously

Today, what used to be private is now no longer the case. In 2013, approximately 40 million Target customers had their names, numbers, emails and credit card information stolen. This is the consequence of a company not treating data seriously. Strong habits, both personal and organizational, surrounding cybersecurity need to be instilled at all levels to create a culture of ethical compliance. – Marc Fischer, Dogtown Media

3. Make It Personal

Making it personal helps with empathy. After the 2016 election, cybersecurity and phishing is on everyone’s minds. Employees are happy to comply when it’s clear that a company isn’t just protecting vital client information, but details about each employee as well. – Q Manning,Rocksauce Studios

4. Make It Easy

Today’s workforce has grown up using cloud applications that are easy to onboard and use. There is an expectation that business applications should follow those same design principles — that they are just as easy to implement, understand, use and collaborate with little training or manuals — as the tools they use at home. Adoption grows when they have access to business tools like that. – Jan Arendtsz, Celigo

5. Improve Understanding

Any form of resistance that comes regarding compliance is usually due to lack of understanding of the potential risks and low effort to reward ratio. Therefore, in order to improve buy-in, the company must make each employee understand how cybersecurity procedures can pose a threat to their work and, secondly, make the process to opt-in super seamless, especially if it’s a frequent case. – Devashish Sharma, CoHo

6. Give Employees A ‘Why’

These days, people want to find purpose in their work and make a difference in the world at large. Rather than focusing on how company profits increase with cybersecurity compliance, the focus should instead shift toward the fact that they help prevent the proliferation of cybercrime. Giving an employee a “why” will help them connect to the cause and increase their likelihood of meeting compliance. – Tony Raval, IDMERIT

7. Articulate Clearly

Clearly articulate the need and the importance of cybersecurity procedures and how it safeguards the company’s interests. Before you roll out any measures, get feedback from the stakeholders and incorporate them before launching company-wide. Recognize that there will be differences in access levels and cybersecurity needs among various departments of the company. – Bala Pitchandi, Justworks

As the use of mobile applications for work and leisure continues to rise, so does the number of security threats that target the sensitive data stored on these applications. In fact, in 2018 – a survey gathered from key cities around the country including Portland, Los Angeles, and New York – about

Simply put, we hardly ever hear about the potential security threats that we can encounter while using the apps on our phones. Therefore, mobile application security is not something that most people think about on a regular basis, if at all. But, it should be.

Every time that we download a new app we are putting our data at risk of being exposed or stolen. Now, to understand the severity of this issue there are a series of misconceptions about mobile security that we must first address. Whether it’s for business or personal use, understanding the reality of mobile application security is the first step toward developing a plan to keep your data safe. Here’s what you need to know:

Misconception 1: My iPhone is Secure, Right?

Actually, that’s not entirely true. Recently, Apple has released a series of security-minded advertisements in an effort to show that iOS is designed with data security at its forefront. And, while the latest iOS does offer some handy data-privacy features, like allowing users to opt-out of app tracking, the sad truth is that no operating system is completely hack-proof. 

In fact, just last month Apple issued an urgent security update for iOS, iPadOS, and macOS in order to correct a zero-day flaw that was thought to have been exploited. This was the thirteenth vulnerability that has affected Apple since the beginning of the year. 

Now, this is by no means a jab at Apple, as iOS continuously proves to be among the most secure operating systems for mobile devices. However, it’s important to realize that even the most secure mobile platforms available today are still susceptible to malicious activity. Therefore, users must be made aware of the data risks associated with mobile devices and take the necessary precautions to protect their data. 

Misconception 2: Apps Downloaded From Official App Stores are Secure

We are led to believe that just because an app is found on Apple’s App Store or the Google Play Store, it must be secure. Unfortunately, this isn’t always the case. While it is true that Apple and Google spend a profound amount of time and resources to ensure that their application marketplaces are free from malicious activity, it’s virtually impossible for these companies to neutralize every single threat at the moment of its inception. 

Let’s think about it – as of 2021 Apple’s App Store has 1.96 million apps available for download, while the Google Play Store has just over 2.87 million. In addition, it’s estimated that the App Store adds approximately 1,000 new apps per day while the Google Play Store adds somewhere around 1,300. That’s a lot of apps.

So how do Apple and Google manage every single one of these apps? The answer is they don’t. With thousands of apps being added on a daily basis, it’s simply not feasible to ensure that no malicious programs squeeze through the cracks of the App Store. Therefore, individual users should proceed with caution, and research the company or developer before installing an app on their phone. 

Misconception 3: I Deleted the App, so My Data is Gone

We saved the best for last as this is quite possibly the biggest misconception we’ll cover in this blog. For some reason, many users have the “out of sight, out of mind” mindset when it comes to the deletion of data, most likely due to the fact that they can no longer see it. However, if there’s one thing we’ve learned from the IoT, it’s that no data is ever truly gone. 

Sensitive data stored on mobile applications is no exception to this. What most users fail to realize is that even if we delete an app from our phone, our data from that app is still “alive” on the developer’s server. Of course, it may not bother some users that the developer still has access to their data, as most app developers will never look at that information again. However, in the event that said developer falls victim to a data breach, then all of that “deleted” data is now in the hands of the attacker. 

Are you considering developing an augmented reality app? Let us know more about your considerations around mobile app development in the comments section below! We here at Dogtown Media would love to better understand how we can help

Today, nearly every organization is looking to extend their offering though mobile applications in one form or another. From near exponential growth in mobile telehealth applications to innovative medical devices being accessible through mobile applications, we’re finding today that organizations are moving outside their typical model for providing value to their clients, and supplementing their offering with app-based services.

To this point, as technology becomes more integrated into our daily lives, we tend to share more and more personal data with these services. From entering personally identifiable information into apps, to entering credit card information for the use of in-app purchases, today’s individual shares their personal information with exponentially more services today, than any other time in history.

All of this data circulating within the application ecosphere, means big money for these cyber criminals. For instance, the sale of stolen personal information on the dark web accounts for an estimated $160 billion per year and ransomware hackers accumulate somewhere around $1 billion collectively each year. And what does this mean for the data owner? In the case of data breach, the data owner’s personal information is often sold allowing the highest bidder to exploit credit card information, social security numbers and other information to be used as a vector for identity theft.

So, is cyber theft going away? Not while the opportunity permits and the financial reward is available.

The Impact on Cyber Attacks on Business

Unfortunately, it’s not only the data owner that suffers during these attacks. Often the business responsible for storing, managing and transiting the data owner’s personal data also suffers financially in the form of fines, customer retribution and brand degradation. Many individuals don’t realize the astounding facts surrounding market losses due to these exploitative data breaches. In fact, the United States has the highest average cost per data breach of $8.19 Million dollars per breach, resulting in an astounding 60% of small businesses closing within six months of an attack. To shed some more light on this topic, let’s look at some common compliance regulations and the associated fines for organizations who fall short in meeting these compliance standards due to how they store, manage and transmit sensitive data.

PCI-DSS: PCI-DSS or the Payment Card Industry Data Security Standard is an information security standard enacted by the major credit card brands and administered by the Payment Card Industry Security Standards Council to oversee and manage how merchants use sensitive credit card information.

PCI-DSS Fines: PCI-DSS fines range from $5,000 – $10,000 per month for a term determined by the Payment Card Industry Security Standards Council. Further, these credit card brands will provide excessive oversight following a compliance failure.

HIPAA: HIPAA or The Health Insurance Portability and Accountability Act of 1996 is a federal law enacted by congress under President Bill Clinton that serves as a national standard to protect sensitive patient health information and protects that patient’s information from being shared or sold without the consent of the patient.

HIPAA Fines: HIPAA fines range from $100 per record violated to $50,000 per record violated. When considering that often many records are compromised in a data breach, the associated fines can add up very quickly. 

How to Move Forward

With today’s business in the cross hairs of both cyber criminals and regulatory agencies, it’s critically important to approach development practices with appropriate caution. This is where dedicated development teams can help. Often, organizations make a critical error in approaching the development of mobile applications. Either, organizations attempt to redirect internal resources to tackle their mobile application development internally or they scale up on new engineering staff quickly to tackle the new resource demand for the given project. 

Unfortunately, this practice can allow new mobile applications to be brought from inception to the app store hastefully, inadvertently missing or disregarding modern security practices. Our suggestion is to strongly consider outsourcing this responsibility to a dedicated mobile app development team who is laser focused on developing applications that not only meet the technical requirements of today’s modern mobile application, but also align with today’s security-first development practices. This simple decision can save an organization money, reduce a strain on resources and ensure new mobile applications are resilient to today’s modern threats.

As devices and sensors start becoming increasingly connected and technologically advanced, mobile apps are springing up to help users manage their Internet of Things (IoT) applications and systems. These mobile apps offer access, connectivity, and communication with technology to improve the smart city and smart home experience. But mobile app development is complex and requires planning and continuous optimization to better serve users.

For mobile apps that control IoT devices, sensors, and systems, user happiness is of the utmost importance. Here are seven challenges that a mobile app development firm may face when designing and developing an app for smart devices.

#1: UI/UX Design

User interface (UI) and user experience (UX) design are important facets of any consumer-facing technology. In mobile apps, UI and UX can make or break an app’s success with users. And without users, a mobile app is worthless. Ultimately, proper investment in UI and UX will attract more new users and engage loyal users.

It’s important to establish an app’s UI and UX guidelines early on so that any future changes are made in accordance with previously-established principles for branding, device support, user profiles, and more. With these instructions, new and old designers can work to maintain a consistent user experience. Although it can be tempting to skip UI and UX, don’t make the mistake of putting your users in the corner. Without their feedback, constant use of the app, and word-of-mouth recommendations, your mobile app could be doomed to fail. The time spent in introspection to develop UI and UX specifications will also help inform decisions and ideas further down the development cycle.

#2: Data Flow Management

It’s imperative to create a consistent experience for users by controlling the management of data flow. This requires a stable Internet connection, strong device and connectivity uptime, and a stable database connection. Databases are often used to collect data from multiple types of devices and sensors and aggregate it for use in an application with a front end, like a smartwatch, mobile app, or web app.

Because smart devices differ in their singular data management, it can be difficult to organize data together in a way that makes sense. However, this is an extremely important and foundational part of IoT systems management, so exemplary data flow is necessary.

#3: Network Connection

Speaking of stable and consistent data flow, network connectivity is an important cog in the IoT system. From there, anything is possible: smart analysis, predictive insights, and real-time notification systems are just a few features that can set your mobile app apart from its competition. The network connects all devices and sensors together before they collate their data into a database for later use.

As IoT technology advances, network demand will continue to grow. Networks need speed, a stable connection, and proven performance to adequately aggregate all devices and sensors under one umbrella.

#4: Network and Sensor Compatibility

It may not be enough to spring for a top-of-the-line network connection and infrastructure if devices and sensors aren’t compatible with the network. Because real-time communication and data transmission are necessary to allow users control over the IoT system, ensuring compatibility between the network and devices is essential. The compatibility needs to be stress-tested to ensure many devices and sensors can connect without issue, and the testing needs to occur periodically to make sure nothing has fundamentally changed.

The reason for this issue is that sensor and device manufacturers and vendors don’t work under standardized protocols. Besides the network and device compatibility, this can also lead to major issues with device-to-device compatibility. Thus, it is important to test this early on, rather than being close to the end of the development cycle and having to nearly start over.

#5: Hardware Compatibility

When devices aren’t compatible with each other, it usually becomes obvious pretty quickly. To avoid lengthening the development timeline with this issue, set specific hardware requirements early on in the project. When resolved early, it can prevent issues with the app’s functionality later on.

#6: Performance and Security

Although it’s difficult to optimize for, speed and performance are what a user requires as a prerequisite to user experience. With a slow or lagging mobile app, you’ll create frustration in your users, prompting them to leave negative reviews on your app’s page. Extensive user testing and interviewing is a great way to avoid major bug reports and application crashes while gathering UX and UI feedback.

Similar to speed and performance, security is a foundational requirement for users. If they find out that their data, especially sensitive information like login credentials, is stored insecurely, you can face substantial user backlash and even lawsuits. To ensure your application’s security is robust enough, set security standards at the beginning of the project for all designers and developers to follow. Make this a best practice if you’re planning on developing more mobile apps in the future. At our mobile app development studio in Los Angeles, we always prioritize security and performance in our mobile apps from day one.

#7: Choosing Development Technology

Early on in the development process, the development team has to agree upon the technology stack they’ll use to develop the application. The choice between building a native, hybrid, or cross-platform app can be made by looking at what existing interfaces exist and how the mobile app fits into the IoT ecosystem. Often, one technology will be the clear frontrunner that will allow for a strong user experience, flexible data flow management, and performance and security optimizations.

If needed, reach out to an experienced IoT app development firm for a short consultation. Ultimately, it’s important to squash this issue early.

Taking On Challenges

These seven challenges may seem difficult to overcome, but they are common and every mobile app development team faces them. How you tackle them and continue on to the next issue will determine how well your mobile app will meet your business requirements and users’ preferences. Above all, make sure you’re rising up to the challenges early on, rather than waiting until users start complaining about the issue.

Single connected devices, like mobile phones, have been utilizing the same technology for decades. This technology has known vulnerabilities in SIM cards as well as SMS and voice calls, but changes haven’t been made to protect consumers. Hackers can obtain private information and generate revenue for their criminal businesses. Couple this with the fact that many enterprise IoT systems allow employees to bring their own devices (usually mobile phones), and we’ve got a growing problem on our hands.

SMS Vulnerabilities and Attacks

Remember when each SMS message cost money to send in the early 2000s? There were also mobile phone scams that would send unwanted ads to people. The person would end up having to pay for the ad text messages, and phone companies caught on fast, prohibiting SMS ads. But there’s another threat lurking for SMS messages: smishing.

Smishing is a form of phishing, where the hacker sends a person an SMS with a phishing link. When the person clicks on the link, it downloads malicious software. IoT applications that are built with human decision-making, like order screens or payment terminals, are vulnerable to this but limited in number. So for other IoT devices, there must be another way to get into the device’s hardware and software.

In 2019, cybersecurity experts reported two major vulnerabilities for mobile phones: Simjacker and WIBattack. Both vulnerabilities are tied to SMS messages and SIM card software, and they allow a hacker to gain control of a device. Because each SIM card is a microprocessor, it has room for a software applet. Both vulnerabilities use an outdated applet (S@T Browser and Wireless Internet Browser (WIB)) that don’t have strong enough cybersecurity. The WIB vulnerability, in particular, is present on mobile phones from 85 major mobile carriers, including T-Mobile, Vodafone, and Dallas-based AT&T.

A hacker can send an over-the-air (OTA) SMS that can change SIM configurations in a person’s phone. The OTA SMS uses a secure key from the operator, but the vulnerable applets also accept SMS messages that don’t have security measures. The hacker can then execute malicious commands on the user’s SIM card, including sending SMS messages, getting location information, and making calls. The longer a device is being used, the more vulnerable it is to security exploits and, eventually, full control of the device.

Voice Call Issues and Weaknesses

Voice call fraud is a major issue for most consumers and mobile carriers, costing both parties an estimated total of $28.3 billion in 2019. The most common fraud type is the International Revenue Share Fraud, where customers are tricked into calling a premium number that charges high fees. The provider of the premium phone number and the company that rents the number split the revenue gained. The mobile carrier charges the customer, and if the customer tries to fight the charge, they may get their contract terminated.

Voice calls are relatively common, and they don’t include only consumer voice calls. For example, elevator emergency calls may use SIM cards to support voice. An attacker can get remote or physical control over these devices or SIM cards. If a hacker gains control over a lot of IoT devices, it could bankrupt a business.

Protecting Your Mobile Phone

IoT devices should be limited in their connectivity profile to the purpose they serve when deployed in an IoT system. For example, if the phone doesn’t need to receive SMS or voice calls, these features should be deactivated inside the connectivity provider portal. Sometimes, this deactivation needs to be done upon the device’s initial configuration.

Voice services should be limited to a certain group of recipients and receivers for specific use cases. Often, IoT app developers use Voice Over Internet Protocol to consolidate security measures to be the same as for data services. External SMS messages from other devices should be blocked so attackers can’t send malicious messages and links to the IoT device.

Application-to-peer SMS should be employed to authenticate their application in advance so that only the device owner can send and receive SMS messages from their device. Another way to protect IoT-enhanced enterprises is to set a limit on how many SMS messages can be sent or received by each device. This can greatly reduce the costs of smishing and hacking attacks.

Changing the Discourse

It’s important for major mobile carriers to issue safer SIM cards for their customers. Experts recommend that hardware manufacturers and mobile app developers work together to create a common security approach at the connectivity level. But it’s also imperative that consumers are trained to recognize smishing-type messages so that they can avoid clicking on malicious links. With IoT systems, SMS and voice capabilities not only unlock more flexibility and functionality for the system, but they also increase the vulnerability of the devices in the system.

Have you ever received a smishing SMS message on your SIM-enabled device? How did you know it was malicious? Let us know in the comments below!

AppCon 2020 has been underway for the past few weeks. While this year’s conference is completely digital, that hasn’t stopped the many mobile app developers and tech innovators in attendance from opening up meaningful dialogues with political leaders about the impact of emerging technologies on the future of the United States.

So much has happened in such a short amount of time that we thought a blog post covering some of the best highlights of this year’s event so far was warranted. With that said, let’s dive right in!

Week 1: The Future of the U.S. Depends on Internet Access

Besides being an essential utility that sustains the growth of the $1.7 trillion app economy as well as several small businesses in a variety of sectors, widespread internet access also supports hundreds of millions of Americans. With it, they’re able to access healthcare services, educational opportunities, and much more.

Unfortunately, more than 20 million U.S. citizens still lack access to an adequate broadband connection. And unless this is addressed soon, this digital divide will only grow larger with the introduction of new technologies. AppCon ’20 attendees got to speak with Federal Communications Commission (FCC) Commissioner Michael O’Rielly about this very topic.

Commissioner O’Rielly expressed intent in ensuring that broadband exists everywhere in the U.S. and placed special emphasis on getting underserved Americans connected. He stressed the importance of high bandwidth and low latency, and he also noted that how we achieve broadband access for all is less important than actually accomplishing it.

AppCon attendees also spoke with FCC Commissioner Brendan Carr, who was focused on making more spectrum available for use. Whether it’s not having a device to connect with healthcare professionals, being unable to rely on high-speed internet, or not having access to a private space for care, Carr was well-aware of the pain points of Americans across the country. He reassured AppCon attendees that more funding was coming for connected care.

FCC Legal Advisor Umair Javed and Travis Litman, Chief of Staff and Senior Legal Advisor for the FCC’s Wireline Competition Bureau, focused their meetings with AppCon attendees on the digital divide’s effect on education. COVID-19 has pulled back the curtain on just how necessary internet access and devices such as smartphones and laptops are for remote learning. During the meeting, Javed indicated that low power applications carried some potential for closing this gap.

Last but not least, AppCon attendees also got to meet with Evan Swarztrauber, a Policy Advisor of FCC Chairman Ajit Pai. Swarztrauber noted that an increase in rural healthcare budget was sorely needed, and so was an improvement in broadband access for these regions. With COVID-19 forcing aspects of society such as education and healthcare to go remote, folks out in the country will fall behind unless they have fast internet.

Week 2: Telehealth Must Remain Accessible, Even After COVID-19

Telehealth and connected tools have proven invaluable in the U.S. healthcare system’s response to COVID-19. It’s obvious that these technological paradigms are a necessity for all Americans, but unfortunately, some politicians don’t see it that way. Much of AppCon ’20’s Week 2 revolved around attendees meeting with congressional leaders to ensure that digital health remains a cornerstone in our country’s medical system.

Currently, the U.S. has an annual healthcare spend of $3 trillion, with $1 trillion going through Medicare and Medicaid. The country is short by about 30,000 physicians, and this shortage is estimated to grow to 90,000 by 2030. By that same year, 70 million Americans will be over 65, and 80% of them will be dealing with at least one chronic condition.

These statistics make it painfully obvious that telehealth capabilities should become a permanent fixture in the U.S. medical system. But before COVID-19, this technology was wrestling with rules written in the 1990s. Clearly, things have come a long way since then. Unfortunately, the temporary waiver that allows Medicare to cover telehealth is slated to end by November unless fast, meaningful action is taken.

AppCon attendees had the chance to speak with staff from the U.S. Commerce Department. Though 40% of Medicare patients don’t have adequate broadband access at home right now, the department members emphasized that telehealth transformation is definitely beneficial to Medicare. But we must keep the growth and convenience of this technology going without exacerbating health inequities. They also discussed that innovators and legislators must keep what works and let go of anything fraud-laden or inefficient.

To achieve this, the U.S. Commerce Department staff stressed that we need an honest, balanced approach to data management. We should prioritize the most useful data that provides the most positive impact for the fewest taxpayer dollars. We should also focus on delivering services and outcomes, not billing for simply noticing a malady and not treating it.

AppCon attendees also got to speak with Dr. Donald Rucker, the National Coordinator for Health Information Technology at the Office of the National Coordinator for Health IT (ONC). Rucker wants one of the main goals for Congress to be freeing up patients to have agency over their healthcare. And to do this, we must examine the mechanism behind data gathering and usage.

Digital health tools and wearables such as the Apple Watch should strive to put patients back in charge of their information. Rucker believes that patients and the American public have already paid for this data, so they should be in charge of it, not third parties.

Rucker went on to discuss a variety of topics with AppCon attendees, including interoperability, how difficult EMR integration is, HIPAA compliance, and the need to address the incomplete pictures of patient data that physicians have to deal with. He even mentioned that healthcare providers sometimes struggle to access their own data.

Stay Tuned for Our Coverage of Weeks 3 & 4!

While digital this year, AppCon 2020 has done an amazing job of bringing together mobile innovators from Los Angeles, New York City, and everywhere in between! But the party’s not over yet. Stay tuned for our coverage of weeks 3 and 4, where AppCon attendees will get the chance to discuss privacy, encryption, antitrust, and standard-essential patents (SEPs).

For the past few years, AppCon, the App Economy Conference, has taken over Washington, D.C. in late April. The annual event serves as an unparalleled opportunity for mobile app developers and other tech innovators to open a meaningful dialogue with political leaders about the future of emerging technologies and their impact on society.

This candid discussion is something that Marc Fischer, our CEO and Co-Founder, looks forward to every year. He usually makes the trek out to D.C. from Los Angeles just to attend this event. In the past, Marc has gotten the chance to talk with FCC Commissioner Michael O’Rielly and Director Ajit Pai about 5G’s future in rural areas, the White House Office of Science and Technology Policy (OSTP) about data privacy, and Congressman Ted Lieu about how education and innovation go hand-in-hand.

Due to COVID-19, AppCon 2020 has pivoted from its original arrangement — it has gone virtual! Thanks to this new digital format, the event is now spread over the course of four weeks so that attendees have a sufficient amount of time to discuss each important topic. Let’s take a look at the relevant issues that this year’s AppCon is tackling.

Why the App Economy Is Essential

Every year, AppCon is held by ACT | The App Association, an international organization that represents more than 5,000 small- and medium-sized tech companies across the mobile app economy. By connecting the tech industry’s top leaders with preeminent policymakers, ACT strives to drive smart innovation and regulation. Members of ACT include pioneers at the forefront of revolutionizing entertainment, improving productivity, enabling healthier lifestyles, and accelerating learning.

The app economy is probably bigger than you think; it’s a $1.7 trillion ecosystem that employs 5.9 million Americans. And this isn’t just in Silicon Valley; more than 83% of U.S. app companies are located outside of San Francisco. There are currently more than 2 million mobile apps available on major platforms like the App Store and Google Play. And with 3.4 billion app users around the world, it should come as no surprise that consumers spent more than $120 billion in app stores in 2019 — almost twice the amount they did in 2016.

Keeping the app economy strong and healthy is one of ACT’s biggest priorities, which is why the organization is extremely focused on building a workforce that’s educated and properly prepared for the 21st century. Despite a median annual salary exceeding $88,000, more than half a million computing jobs are unfilled in the United States. Only 65,000 U.S. college graduates earn a computer science degree each year, but this isn’t enough.

Computing and information technology occupations are projected to grow 12% by 2028, with software development jobs anticipated to grow by 21%. To address this substantial growth, ACT is urging Congress to pass the CHANCE in TECH Act, a legislation that would allow employers to streamline their apprenticeship processes and focus on developing and training job candidates correctly. ACT is also requesting that Congress appropriate at least $250 million to science, technology, engineering, and math (STEM) Master Teacher Corps (MTC) program so that educators can receive advanced training to teach computer science correctly.

Week 1: All About Broadband

It’s no secret that widespread internet access is an essential utility to sustain the continued growth of the app economy and numerous businesses. Besides this, hundreds of millions of Americans depend on the internet to access educational opportunities, healthcare services, and participate in the global economy in general. But more than 20 million U.S. citizens currently lack access to broadband connections, making the digital divide a colossal chasm.

In Week 1, AppCon will focus on facilitating discussions around how improved access to broadband in rural and urban communities can close this immense digital divide. Political and tech leaders will examine the benefits that come with using television white spaces (TVWS), broadband mapping, and of course, the deployment of 5G.

Week 2: More Connected Healthcare

The COVID-19 pandemic has pulled back the curtain on telehealth. Today, the advantages of connected health tools are readily apparent to patients, doctors, and lawmakers — and they’re simply too big to ignore. Week 2 of AppCon will hone in on everyday digital health examples from the COVID-19 crisis, including the recent results from temporarily lifting telehealth restrictions in the U.S.

AppCon’s attendees will also discuss aspects of healthcare policy including payment for digital health tools, removing reimbursement restrictions for them, interoperability, the WEAR IT Act, and the now obvious necessity of better access to telehealth services for all Americans. If you’re a healthcare app developer, you won’t want to miss this week!

Week 3: Prioritizing Privacy and Encryption

ACT’s member companies alone handle millions of terabytes of data every day. That means that each of these organizations is on the frontline of protecting sensitive user information and ensuring that it’s being used appropriately. Each ACT member knows that proper data security is imperative. That’s why AppCon ’20 Week 3 is dedicated to this vital topic.

Political leaders and ACT members will discuss current issues regarding privacy legislation and the need for ubiquitous end-to-end encryption. AppCon attendees will also tackle one of the most timely issues of the last few months: Facial recognition. By now, you’ve probably heard stories about how law enforcement has been using this technology during the protests across America. Week 3 of AppCon ’20 intends to get to the bottom of this topic and discuss its implications for the near and far future.

Week 4: Platforms and SEPs

What do online platforms, competition, and standard-essential patents (SEPs) mean for the app ecosystem’s future? There are a ton of moving parts that go into this topic, and they’ve only helped fuel various debates in recent months.

AppCon 2020 will close out its final week with a focus on discussion about platform regulations, including antitrust and Wi-Fi standards regulations, IoT device chips, Bluetooth, and much more.

Has this blog post got you excited about the weeks to come for AppCon 2020? For more info, click here!

Artificial intelligence (AI) and machine learning are allowing both businesses and consumers to boost their cybersecurity to unprecedented levels. In a recent post, we examined six ways that AI is leading the way towards rock-solid information security. In case you missed it, read it here.

For this article, we’ll take a closer look at how AI and machine learning are letting three major industries safeguard their data better. In each of these sectors, websites not only contain a wealth of sensitive information but also have a high volume of visitors every day. Let’s explore how AI helps to counter any threats that come their way.

1. Finding Fraud and Anomalies in Finance

As its name implies, anomaly detection is a technique that leverages AI development to identify any unusual activity. A prime example of this would be if a bank customer unexpectedly withdraws an enormous amount of money from his or her account. Because this goes beyond the customer’s usual behaviors, AI would flag this action and alert both the bank and account owner.

Credit card fraud happens to be one of the biggest problems for financial institutions. To minimize these threats, AI utilizes a misuse identification technique. In much the same way as our previous example, potential fraud is identified when transactions fall outside the boundaries of previously established customer behavior. For instance, if you live in New York City and your credit card was used to purchase something expensive in Beijing, then this would raise some alerts.

Loan application fraud is another substantial issue in the banking sector. To keep the loan application process efficient, convenient, and secure, banks employ AI to rapidly analyze an applicant’s information, identify any anomalies, and verify authenticity. The smart technology plays an integral role in eradicating fraudulent applications early in the process so that more resources can be dedicated to legitimate customers.

2. Ensuring Accuracy in Insurance

With the immense amount of information that insurers collect about individuals and organizations, it’s no wonder that they’ve become an incredibly valuable target for hackers. To remain competitive in today’s fast-paced world, many insurance firms have digitized their products and pivoted to online platforms. Unfortunately, this shift has sparked the possibility for new security threats.

As in banking, fraud is common in insurance. A noticeable portion of prospective policyholders fabricate information in order to manipulate the rates they’ll receive from insurance firms. Similar to finance, AI plays a vital part in inspecting and validating the data submitted by customers.

AI and machine learning applications are constantly updated to be familiarized with upcoming fraud trends. They’re also optimized for honest customers, too. Besides flagging potentially false claims for further investigation, AI also automatically detects and validates legitimate claims. In turn, this streamlines the processes of approval and payment. As a result, insurance companies can lower their costs, and customers receive reduced prices.

3. Keeping Personal Information Private in Healthcare

Since thousands of employees can now digitally access patient information, privacy and data protection in healthcare has become quite complex. Obviously, manual evaluation of patient data interactions is infeasible; it would take far too much time and energy. Luckily, AI is here to help.

AI-powered medical applications can meticulously scan all patient data transactions and assess the various factors related to each interaction in just a few seconds. This takes into account the area of access, number of times accessed, and the length of time each login remained active. So if a staff member’s account suspiciously accessed thousands of patient files within a minute, AI would definitely pick up on this unusual behavior.

Beyond electronic medical records, AI is also helping to make healthcare devices safer. An array of gadgets like insulin pumps and pacemakers are susceptible to cyber-attacks. But these are used by many people around the world. In a worst-case scenario, a pacemaker could even be directed to shock the patient.

Like in banking and insurance, AI’s anomaly detection prowess comes into play here. The technology can track all activity and identify any abnormal instructions being sent to the pacemaker system. In this case, AI literally makes the difference between life and death.

AI Is Opening up a New Era for Cybersecurity

Believe it or not, this is just the beginning of AI’s use in cybersecurity. Companies in different industries are the world are just starting to understand the benefits of incorporating this technology in their fold. Even tech titans like Google, Amazon, and Microsoft are still in the midst of shifting away from rule-based protocols to machine learning algorithm deployments that can analyze vast quantities of information.

With that said, hackers are incredibly resilient; there’s no doubt that some are already leveraging the capabilities of AI and machine learning for their nefarious acts. It’s imperative to remember that cybersecurity isn’t a result — it’s a process. Adopting new paradigms, updating old protocols, and staying abreast of developments is key to properly protecting your information.

How do you ensure your cybersecurity is rock-solid? Are you utilizing AI in these endeavors? If so, how? Do you think that AI will ultimately be good or bad for cybersecurity? As always, please let us know your thoughts in the comments below!

The Internet of Things (IoT) is amazing at making our day-to-day lives more efficient. Thanks to IoT development, we can now control our lights, thermostats, and even the locks on our doors with the push of a button on our mobile phones. We can even monitor our homes from afar with connected security cameras.

But let’s get real — the current state of IoT security leaves much to be desired. While the integration of smart devices into our lives has brought unparalleled convenience, it also leaves us more vulnerable to cybercrime.

The unfortunate fact is that numerous IoT devices contain little to no built-in security. That makes them easy targets for hackers. And to make matters worse, IoT’s interconnectivity means your whole suite of devices is on the line if just one gadget gets hacked.

In this post, we’ll cover 5 easy ways to ensure your IoT devices are secure. Put these tips into practice so you can have peace of mind knowing your technology is properly protected.

1. Change Your Router’s Factory-Default Settings

The very first thing you should do is change your router’s default name and password. Factory-given names can clue hackers in to your router’s make and model. In turn, their job of infiltrating your network will become much easier.

For your new name and password, avoid words and phrases that can be linked back to you or reveal any personal information. That means street addresses, family names, and pet names are all a no-go.

It’s obviously okay if you’re proud of the fact that you live on Broadway in New York City or Hollywood Boulevard in Los Angeles but come on — nobody trying to log onto your network needs to know that or be reminded of it. In fact, the more unusual and unrelated your router name and password are to you, the better!

2. Employ Strong Passwords

This tip may seem obvious, but you’d be surprised how many people still use ‘1234’ as a password. Using a strong password improves your security exponentially. So, while it may be annoying to type in, always try to use a long, elaborate, and complex password.

Here are some tips to help you create a great strong password:

1. Use a mixture of lowercase and uppercase letters, numbers, and symbols.
2. Do not use anything that’s personally tied to you.
3. Avoid using the same password for multiple accounts.
4. Make your password long. We can’t emphasize this one enough!
5. Avoid keeping notes (physical or electronic) of your passwords.

If you have trouble remembering all of your passwords, try using a verified password manager like LastPass. And for super-sensitive accounts that are vulnerable to hacking (like your bank account or work credentials), always make your password as complicated as can be.

We know how annoying it can be to type out long passwords that resemble an alien language. But trust us, it’s way better than being hacked.

3. Activate Two-Factor Authentication

Double down on your cybersecurity by enabling two-factor authentication. Adding this extra layer of protection can make a big difference in buffing up your security.

If two-factor authentication sounds like an unnecessary inconvenience, think of it this way: You already use it in your everyday life. Whenever you swipe a debit card, you usually have to provide your pin. That’s a type of two-factor authentication.

Protect all your assets like you protect your money. That debit pin can save you a lot of headaches and trouble if your card gets stolen. And just like this example, adding another line of defense like two-factor authentication allows you to keep tighter control over your accounts.

If one of your accounts gets hacked, you’ll get notified about it thanks to two-factor authentication. In fact, the hacker won’t be able to get in because you’ll be required to grant them access. It’s an easy way to stop hackers dead in their tracks.

The best part? You can activate two-factor authentication for almost any IoT device. And it’s pretty easy to do so. Follow this short guide from CNET to find out how to enable two-factor authentication on everything from email to Facebook.

4. Disable Your IoT Device’s UPnP Features

Many IoT devices have Universal Plugin and Play (UPnP) features. This lets multiple devices connect. For example, you can pair your smart voice assistant with your smart lights or thermostat to control them. This is undeniably convenient. But it’s also risky from a security standpoint.

When your UPnP feature is on, all a cybercriminal needs to do is discover one device. From there, they can find other connected devices. This leads to a domino effect that makes it simple for a hacker to wreak havoc on your entire system or network.

So take a moment to go into your IoT device settings. You should be able to find an option to disable UPnP.

5. Update Your IoT Devices Regularly

It’s easy to brush updates off. But you really shouldn’t be postponing them, especially for IoT devices. As we’ve discussed, numerous IoT devices come with little to no built-in security. For many manufacturers, software updates are their way of amending this issue.

Update your IoT device software routinely. This ensures any antivirus or anti-malware measures your device employs are the strongest they can be. They also often help address any security flaws that may have been included in older versions of the software.

Think of it this way: Hackers are always improving their game, so why shouldn’t you?

Secure Your IoT Devices as Soon as You Can

We hope you’ve enjoyed this brief guide to beefing up your IoT security! Each of these tips shouldn’t take you more than a few minutes to implement. So take some time to protect yourself properly right now.

What security measures do you employ to boost your IoT security? As always, let us know in the comments below!

What’s in store for the future of the Internet of Things (IoT)? Once reserved for industrial applications and smart security systems, IoT development has become ubiquitous today. For example, you can now walk into numerous retail outlets and purchase a toaster with Wi-Fi connection capability.

But as IoT expands to include almost every type of device imaginable, experts are beginning to question if the technology and market are moving in the right direction. Privacy and safety have become red-hot topics in this industry. Can IoT security improve enough to address these issues?

The Rise of IoT and Privacy Issues

In the 1970s, futurists like Steve Wozniak and Paul Allen envisioned a forthcoming era in which everyone could afford a personal computer. Skeptics were quick to dismiss these predictions, but fast forward to today, and they’d be easily proven wrong. Not only are computers everywhere, but sensors are now attached to everything.

Engineers are inventing new IoT solutions and applications daily. Manufacturing and logistics supply chains still rely on sensors as well as RFID and GPS technology to operate smoothly. But these paradigms have extended into the consumer arena.

Insurance companies now reward policyholders for frequent use of wearable devices. Modern home accouterments like temperature control, lighting, and security can all be managed with the push of a button. And many of us now have our very own personal digital assistant in the form of Alexa or Google Home.

As a result, the IoT industry is set to reach $3.77 trillion by the end of 2020 and doesn’t show any signs of slowing down. This unprecedented level of growth has raised concerns about the potential negative effects of IoT, particularly in regards to privacy and security. After all, IoT’s infrastructure generates a gargantuan amount of data every day.

At this level of adoption, privacy issues become paramount. Lawmakers around the world are racing to implement regulatory frameworks that protect consumer information gathered by IoT products. And terms of service agreements try to alleviate any distrust by spelling out everything an organization plans to do with a user’s data.

But it’s difficult to verify if companies are staying consistent with the policies they’ve set forth for themselves. Besides this, rogue actors, like a disgruntled employee, certainly aren’t playing by these rules. And to make matters worse, is the data even secure on the consumer’s end?

The Hidden Dangers of IoT Devices

Many of the factors we’ve mentioned may seem subtle or sound like something that couldn’t happen to you. To put things in perspective, Japanese policymakers have authorized a mass “cyberattack” to prepare for the 2020 Tokyo Olympic Games. Through this series of hacks, the Ministry of Internal Affairs and Communications hopes to identify unsecured IP addresses and any IoT devices that lack proper security.

Believe it or not, one of the ways they’ll be finding these devices is by trying common passwords like “1234” or “admin” to breach them. Many users don’t switch the default username and password of their devices, and even more people are unaware that they should do this with IoT devices too. Just by knowing the right port number, hackers can easily access the data of these gadgets.

It’s also worth noting that many users are unaware of when an IoT device is transmitting data. Many smart home appliances are forthcoming about the data they collect and send to remote servers. But few consumers actually take the time to read through this relevant information.

Shodan shines a light on just how severe this problem is.

Lots of Risk, Very Little Reward

It’s not uncommon for IoT equipment to make itself visible without users being aware of it. Shodan is a search engine that allows users to find specific types of computers and devices connected to the internet via various filters. In the past, users have found 50,000 different devices sharing keys on a single common port!

The worst part? There’s a good chance that many of these devices weren’t even necessary. Often, consumers purchase and install equipment without configuring or even using it again. Since finding those 50,000 devices, many of them have been cleared out of Shodan’s search results. But the search engine continues to track innumerable devices that are transmitting data, unbeknownst to their users.

A lot of these issues boil down to how the world approached IoT development as a whole. Innovation was the main priority, while security took a backseat. This becomes evident when looking at IoT connectivity devices like the Arduino module or the Alexa Connect Kit. The first example lacks any firewall capabilities. And the latter example, created by a famous Seattle developer and e-commerce giant called Amazon (you may have heard of them), partially relies on a closed-source design that could still be vulnerable to breaches.

With all of these risks, one has to wonder if the reward that consumers get in return is actually worth it. IoT devices are integral in the security and industrial sectors. But how much is there to really gain from a smart toaster or teapot? It’s imperative that people ask themselves these questions. Otherwise, without taking proper precautions, they risk sacrificing their privacy for what could amount to a minute convenience.

This isn’t to say that consumers should abandon IoT devices for their homes. As we mentioned, these gadgets are getting better in performance and capabilities every day. But before we keep improving them in these aspects, we must take care of security.

Some proponents of IoT security think the onus falls on manufacturers and developers to educate the public about the potential dangers of using these devices. Others think that the industry should slow down and let security catch up. Whatever the solution is, it’s clear that both developers and end-users must re-evaluate their priorities. Only then will IoT be able to flourish in a truly safe, productive manner.