The digitalswitzerland organization has made it its mission to unite the private sector, the public sector, the academic community and the population of all language regions in Switzerland around a digital agenda. Such an agenda should lead to Switzerland becoming a leading nation in terms of innovation, business location and digital competitiveness. With this in mind, digitalswitzerland invited experts, visionaries, industry pioneers and innovative companies from the public and private sectors as well as academia to the PalaCinema Locarno on August 7 to highlight the revolutionary impact of artificial intelligence on the modern business world. The event focused on three forward-looking questions: How can the Swiss creative tech ecosystem develop? How can Switzerland benefit from the supercomputers in Ticino? Why do the regions need to join forces in the age of AI?

The future of film and the audiovisual arts

Raphaël Brunschwig, Managing Director of the Locarno Film Festival, Andreas Meyer, President of digitalswitzerland, and Stefan Metzger, CEO of digitalswitzerland, opened the event. Stefano Rizzi, Head of the Economic Affairs Department of the Canton of Ticino, and Mauro Silacci, Head of the Finance and Economy Department of the City of Locarno, followed with some introductory words.

Art had a special place in connection with the Locarno Film Festival. Kevin B. Lee, Professor of the Future of Cinema and Audiovisual Arts at the Università della Svizzera italiana (USI), raised questions about the influence of artificial intelligence on art, artists and cinema in particular: How will the importance of cinema develop in the coming years? How does cinema envision its own survival? How are artists using this new technology - and how do audiences classify AI-generated art? His conclusion, inspired by Microsoft's closing words at the 2024 Cannes International Film Festival: Artificial intelligence is not creative - you are. But the "you" defines the value, the degree of acceptance and the reasonable disruption that AI brings with it.

AI and its many facets: from creative tech to the Swiss supercomputer

Marco Zaffalon, Professor at the Dalle Molle Institute for Artificial Intelligence (IDSIA, USI-SUPSI), began by explaining the history of artificial intelligence and its current capabilities and incapabilities. He also addressed the associated problems. He emphasized the importance of collaboration between universities, institutes, politics and industry to develop technologies and capabilities in Switzerland.

Christoph Weckerle from the Zurich Centre for Creative Economies shed light on changes in the use of AI in the cultural sector. According to Weckerle, AI was used to disseminate cultural content - today it is used to produce it. This is leading to changes that are revolutionizing the industry. Switzerland is still underdeveloped in the creative tech sector, with Weckerle pointing to a lack of collaboration at all levels. He also emphasized the importance of developing a Swiss strategic agenda for this area. There is therefore still a lot of room for progress. Giulia Lumina, ESG and Sustainability Manager at Andersen Tax and Consulting AG, explained how AI is helping them to achieve their goals.

Maria Grazia Giuffreda, Vice Director of the Swiss Center for Scientific Computing (CSCS), and Michele de Lorenzi, Deputy Director, gave an exclusive insight into the possibilities of the new Ticino center and its supercomputer "Alps", which opens its doors on September 14. The supercomputer will act as a catalyst for technological progress in the fields of artificial intelligence, machine learning and trustworthy infrastructure. Both emphasized the central role of the supercomputer as an element of trust, innovation and collaboration in Switzerland.

Joining forces

The event ended with a panel discussion on how important it is for Swiss regions to join forces in the age of AI and what obstacles need to be overcome. Milena Folletti, Digital Transformation Officer of the Canton of Ticino, Sophie Hundertmark, Consultant for GenAI and Bots, and Marco Zaffalon exchanged views on this topic. The discussion revealed that increased cooperation pools resources, drives innovation and strengthens confidence and Switzerland's global competitiveness. However, obstacles such as regional autonomy, a lack of public-private partnerships and differing legislation are slowing down progress.

The President of the State Council of the Canton of Ticino, Christian Vitta, concluded the discussion with the following topics: the progress that artificial intelligence has made possible in all sectors, the role that Ticino has played in technological innovation and the need for large-scale interregional cooperation.

Source: digitalswitzerland

Medical disposables - from gloves and blood bags to surgical equipment - generate enormous amounts of waste these days. At best, this waste is incinerated, but in many countries it ends up in landfills and can also end up in the environment. The COVID pandemic has contributed to an avalanche-like increase in the use of disposables. It is estimated that in 2022, used face masks alone will weigh around 2,641 tons per day worldwide - a huge mountain of plastic.

Thermochemical recycling as a solution

Medical waste is often overlooked in the discussion about the circular economy. Disposable medical items are usually made of various plastics that cannot be recycled with current technology. In addition, the items are considered contaminated after use and therefore need to be handled in a way that avoids the risk of spreading potential infections. It is also not possible to use recycled plastic in the manufacture of disposable healthcare items, as the requirements for the purity and quality of materials for medical use are very high.

All of these problems can be solved with the new method developed by Chalmers researchers. The technology is called "thermochemical recycling" and is based on a process called "steam cracking". The waste is broken down by mixing it with sand at temperatures of up to 800 degrees Celsius. The plastic molecules are then broken down and converted into a gas that contains building blocks for new plastic. "You can compare it to a thermal sledgehammer that smashes the molecules and destroys bacteria and other microorganisms at the same time," says Martin Seemann, Associate Professor at the Chalmers Division of Energy Technology. "What remains are various types of carbon and hydrocarbon compounds. These can then be separated and used in the petrochemical industry to replace fossil fuels currently used in production."

Great potential for saving valuable chemicals

To test the technology in practice, the researchers carried out two different projects in parallel in a test facility at Chalmers Power Central. In the first project, a number of different product types, such as face masks and plastic gloves, were subjected to the process. In the second project, a mixture was created that represented the average composition of hospital waste from the region's hospitals. The mixture contained around ten different plastic materials as well as cellulose.

The results of both projects were consistently positive, which shows the great potential of the technology. One of the projects was led by Judith González-Arias, who now works at the University of Seville in Spain. "What makes this technology so exciting is its ability to tackle the environmental problems we associate with disposable medical products. Thermochemical recycling not only addresses the problem of medical waste not being recycled today, but also enables the recovery of valuable carbon atoms. This is fully in line with the principles of the circular economy and offers a sustainable solution to the urgent problem of medical waste disposal," says Judith González-Arias.

The only option for products with strict requirements

Many manufacturers of materials for the healthcare sector are now very interested in creating a circular model in which products can be recycled and reused in a closed loop. However, materials to be used in sterile healthcare items have strict purity and quality requirements that basically cannot be met with sorting and mechanical recycling of plastics. With thermochemical recycling, however, it would be possible.

"It's really the only way to return this type of waste to the cycle," says Martin Seemann. "It's so elegant that the chemical industry can turn the material back into new material after it has been broken down to the molecular level." And he sees even more potential: "The same strict requirements for purity and quality actually also apply to food packaging. For this reason, most of the plastic collected from packaging is currently incinerated or recycled into items for which a lower quality is permitted."

The two projects build on Chalmers' previous research, which has shown how mixed plastic waste can be converted into raw material for new plastic products of the highest possible quality.

The technology works, but other factors also come into play

In order to spread the method, new material flows and functioning business models need to be developed in cooperation between the health and recycling sectors. Laws and regulations may also need to be changed at various levels in order for thermochemical recycling to become established in society. "Certain policy decisions would increase the value of plastic waste as a raw material for industry and increase the chances of creating viable circular business models around this type of recycling. For example, an obligation to capture carbon dioxide when incinerating plastics would create incentives to invest in more energy-efficient alternative technologies like ours instead," says Martin Seemann.

In many countries, the technical requirements for recycling medical waste and other mixed plastic waste through steam cracking are in place. However, the regulations and structural conditions vary, which determines how the players in waste management, the chemical industry and product manufacturing must work together to create functioning value chains in different parts of the world.

Source: Chalmers University of Technology, Gothenburg, Sweden

Blum-Novotest GmbH, based in Grünkraut near Ravensburg (Germany), is a global technology and innovation leader in measurement and testing technology. The company describes itself as a reliable partner to the global machine tool, automotive and aerospace industries. The company will be presenting its FormControl X software at the upcoming major industrial trade fairs AMB Stuttgart, IMTS Chicago and JIMTOF Tokyo. With this measuring and automation software, users can create complex measuring programs in a self-explanatory manner and automate machining processes by implementing closed control loops. But what else is the company interested in? Alexander Blum (AB) and Wolfgang Reiser (WR) provide the answers.

Mr. Blum, what changes do you see in the global production landscape?

AB: For some years now, we have been observing a clear trend towards five large blocs, which are formed around North America, Europe, Russia, India and China. Each of these blocks sees the need to have certain key industries in its own hands, including aerospace and defense, energy, semiconductors and medicine. Within the blocks there are highly productive production clusters, but also areas where simpler processes are automated. This relocation of production processes to the peripheral areas is a driver for automation, which is positive for us, because measuring in the process is a prerequisite for a lot of automation.

How is BLUM positioning itself for this changed world?

AB: We are installing Blum-Novotest Competence Centers (BNCC) in the USA, India and China. For Europe, our headquarters in Grünkraut is of course the Competence Center. These BNCCs are equipped with extended functions and competencies, such as local repair facilities or employees who carry out software adaptations for customer-specific processes or developments for local control systems. Product management is also being set up locally in order to reflect the requirements of the regions to us in Grünkraut. This enables us to better understand local markets and their requirements and supply them with suitable products and solutions. This gives local customers the security of receiving support even faster and with comprehensive expertise. The functional scope and size of this BNCC will continue to grow. This also changes our self-image - from "Made in Germany" to "Made by Blum-Novotest", as we have been doing for years. We are now an international company with employees at eye level in more than 20 countries.

The Competence Centers are of strategic importance for the emerging markets in particular. On the one hand, this brings more expertise directly to the local markets, and on the other hand, the local markets have the opportunity to exert more influence on future developments via the product managers. This involves, for example, control systems that are widely used locally, or adaptations and localizations in the user interface.

How are these developments reflected in BLUM products?

AB: We are constantly developing, and the high-end is increasingly being joined by an entry-level offering. However, this is not inferior, it is just simpler in some areas, for example by only providing the most important range of functions.

We will soon be introducing new products such as our Z-Nano LT+. This is a tool probe for tool length measurement and breakage detection, which will primarily appeal to customers who want to get into contact tool measurement. There are also existing products that fit well into these simpler process scenarios, such as our ZX-Speed series. Thanks to a multidirectional measuring mechanism, this probe can also perform radius measurements with a rotating tool by rotating the tool against the cutting direction as it touches the measuring disk. However, industry solutions such as laser measuring systems for drill-tap applications and simple machine concepts also open up the benefits of non-contact tool measurement technology to users in the entry-level sector.

At the same time, customers are also becoming more demanding ...

WR: The requirements of high-end customers continue to increase. Until recently, 5µ accuracy was sufficient, but now we are talking about 1µ and below. It is no longer just tool lengths and diameters that need to be measured, but entire cutting edge contours of circular segment cutters, for example. The result should then be visualized.

With LC-VISION, BLUM has an intuitive measuring software for the laser measuring systems in its portfolio ...

WR: With LC-VISION, not only can entire measurement sequences be visualized and evaluated, but a variety of measurement tasks can also be generated on the control screen without NC programming knowledge. Wear can be measured precisely and tools can be used up to the wear limit. The user can also analyze the progression of wear and compare tools from different manufacturers, for example. Last but not least, our DIGILOG technology produces high-quality data that is ideal for further processing using artificial intelligence.

In networked environments, the measured values can also move with the tool thanks to LC-VISION. Tools can be exchanged between machines and the new machine knows the last measurement and wear values of the tool directly. Monitoring tool wear - together with consistent use until the end of wear - offers enormous savings potential.

The flexibilization of production also means that many different workpieces need to be processed one after the other - automatically and without compromising on quality, of course. When a robot inserts the parts, the position must be measured after insertion and the processing adjusted. Success is checked after processing.

What solutions do you offer for this?

WR: Our FormControl X measuring and automation software is now available for these tasks. With FormControl X, users can create complex measurement programs in a self-explanatory way, automate machining processes by implementing closed control loops and make the measurement results usable in the sense of Industry 4.0. This makes manufacturing processes more transparent and faster, and optimizes the quality and manufacturing costs of the finished workpieces. This is not possible with a measurement in the measuring room alone, or is a major blind flight, as production continues until the measurement is taken in the measuring room and, in the worst case, only then is a deviation detected.

Let's take a look into the future: where are developments in measurement technology heading?

WR: I firmly believe in self-optimizing processes. Today, we often have the problem that the cutting tools are not manufactured as precisely as would be necessary to achieve the desired precision. If the machine measures the tools before machining, it can compensate for these deviations, as well as for wear. This is already possible today, but I believe we are moving faster and faster along this path. The machines optimize themselves and relieve the burden on competent operators, who no longer have to worry about many things themselves.

Further information: Blum-Novotest GmbH

Time and again, publications discuss the major threat to cyber security posed by employees. In particular, the focus is on disgruntled, bribed or angry former employees who have had data stolen. Human error is also regularly identified as another crucial and dangerous factor for cyber security. They can lead to serious security incidents resulting from carelessness within the workforce. Regular data security training for teams is therefore standard in most companies today, as is support from a modern IT security infrastructure. But how high do company managers actually consider the risk from within to be?

The cyber security service provider Sophos commissioned the market research institute Ipsos to survey representatives from C-level management (and explicitly not IT managers) in Germany, Austria and Switzerland on this question. Overall, the results show that managers in the three countries have a high level of trust in their workforces, both across industries and across smaller and larger companies.

Austria places great trust in its employees

Significantly more than half (64% in total) and remarkably more than in neighboring countries, Austrian managers rated the risk posed by their teams as very low (34%) or low (30%). Austrian retailers in particular have great confidence in their employees - as many as 62.5% of respondents believe that employees pose no risk. In general, it is also clear that it is the larger companies (200 employees or more) that rely on the safety awareness of their employees (46.2%). In the neighboring country, only 2 percent rate the danger from within as high; unlike in Germany and Switzerland, no one thinks it is very high.

Germany is generally confident

In Germany, too, more than half (56.7% in total) of the managers surveyed say that they consider the risk of security incidents triggered by employees to be very low (25.9%) or low (30.8%). A total of 26.9% see a medium risk, with even more caution among the representatives from retail companies surveyed, 35.5% of whom assume a medium risk. In Germany, only 1.5% of bosses consider the possibility of security incidents by employees to be particularly high.

For Switzerland: trust is good, caution makes sense

Swiss company managers are slightly less optimistic than their counterparts in neighboring countries when it comes to the level of cybersecurity awareness among the workforce. Here, slightly less than half of respondents (48% in total) believe that the risk from within is very low or low (24% in each case). Management in the manufacturing sector are particularly confident in this regard, with 42.1% of them describing the insider threat as very low. In Switzerland, 32% of those surveyed believe that the risk is medium, while only 2% of respondents in Switzerland rate it as very high.

Source: Sophos

This year's study "Swiss hospitals: This is how healthy their finances were in 2023" by PwC Switzerland speaks plainly: the financial situation of Swiss hospitals is alarming. Some cantons have already taken out rescue packages, and others are likely to follow. This raises the question of which facilities are still necessary and sustainable and which are not. The planned packages are likely to cost Swiss taxpayers over CHF 1 billion a year in view of the gaps and the support already provided, the study calculates. The study was conducted in July 2024 on the basis of the published annual accounts of 44 acute hospitals and 12 psychiatric clinics. In order to reflect the reality in practice, the study contains excursuses on various key topics and three interviews on best practice with renowned industry personalities.

Existential threat to acute care

According to PwC, the financial year 2023 shows worrying health figures for acute hospitals: eroding margins, falling liquidity, declining equity ratios. As tariff adjustments did not keep pace with inflation, the median EBITDAR margin shrank to a worrying 3.6 %, which is significantly below the industry target of 10 % defined by PwC and also marks the lowest level since the introduction of the SwissDRG tariff system in 2012.

In 2023, even more hospitals will be making losses than in the previous year. In view of the current financial results, hardly any of the study hospitals could survive on their own financial strength in the long term. This presents the cantons, as planners of healthcare provision, with difficult decisions with far-reaching consequences for the Swiss healthcare system. Patrick Schwendener, Head of Healthcare Deals at PwC Switzerland, comments: "Although many hospitals and their owners are aiming for an EBITDAR margin of 8 % to 10 %, they are not operating profit-oriented. This attitude sends out the wrong signals and ultimately jeopardizes the existence of the facilities." 

Psychiatric clinics continue to grow

Psychiatric clinics increased their total revenue by a median of 4.8 % in 2023 to a new record high. Growth was driven by a substantial increase in inpatient and outpatient revenue. The latter increased by a median of 11.6 % compared to the previous year. The EBITDAR margin climbed to a median of 8.1 %. Accordingly, psychiatric clinics are also sufficiently liquid to meet their short-term payment obligations. High capacity utilization, the necessary investment volumes and the worsening shortage of specialists remain key challenges in this segment. 

First aid yes, but

Since the beginning of 2022, the structural adjustment of the Swiss hospital landscape has accelerated due to financial challenges and a lack of specialists. System-related consolidation makes sense, but an uncoordinated approach can distort competition and prevent sensible structural adjustments. The cantons' planned first aid measures are likely to cost Swiss taxpayers a cumulative total of over CHF 1 billion per year. Philip Sommer, Head of Healthcare Consulting at PwC Switzerland, comments on this fact as follows: "Rescue packages are not a sustainable solution. In the long term, reforms are necessary to ensure the efficiency and stability of healthcare provision."

Systemic relevance as a key criterion

As a key argument for a targeted rescue of hospitals, PwC recommends focusing on the systemic relevance of individual facilities. A facility is systemically relevant if its closure would have a fundamental impact on the healthcare region. Whether for equity or debt subsidies, guarantees, compensation for public services, takeovers or rescue companies: In the decision-making process for restructuring, the cantons must define a suitable set of instruments for each individual hospital in an objective and owner-neutral manner and communicate them openly. Stefanie Schneuwly, Senior Manager Consulting Healthcare at PwC Switzerland, explains: "Hospitals that receive financial support from the cantons must be measured against clear criteria and requirements. This should be made transparent."

Politically preventing collapse

The current crisis is structural in nature and has grown over the years. Cost pressure, labour shortages, poorly financed outpatient care, a lack of necessary investment in digital transformation or infrastructural modernization and a lack of networking of hospital structures are putting financial pressure on hospitals. In order to prevent the collapse of the high-quality Swiss healthcare system and provide incentives for integrated, networked care, PwC believes that political adjustments to the framework conditions are necessary. The regulatory authorities should create better framework conditions, for example by using the uniform financing of outpatient and inpatient services directly for the right incentives in the tariff systems, adjusting the tariff systems more quickly to the cost reality via inflation adjustments, reducing the regulatory requirements in order to promote innovative care models and focusing on quality in the long term.

Source: PwC

The 155th Annual General Meeting of the SVTI Swiss Association for Technical Inspections was all about looking to the future. However, the SVTI can also look back on a successful year, as the 2023 annual report shows. 

2023 from the perspective of the Executive Board and management

The SVTI can therefore look back on a pleasing financial year 2023. According to the annual report, all inspectorates recorded a positive business performance and the inspectors and experts were well utilized. The inspectorates are set up with a view to the future and meet the requirements of the clients in the best possible way, the report continues. The development of the SVTI Group with the Swiss Safety Center and the branches was also positive. The strategy of consolidating all freelance activities in the Swiss Safety Center has proven successful and will be further expanded, the Board of Directors and Executive Board announced.

From the SVTI inspectorates

The Boiler Inspectorate under the new leadership of Dr. René Burkhard was pleased to note that once again more devices were registered than deregistered. The Swiss Lift Day, the second edition of which was organized by the Swiss Federal Inspectorate for Lifts (EIA) in Wallisellen in June 2023, has established itself as an event and meeting place for all those interested in elevators. At the Federal Pipeline Inspectorate, a working group examined the necessary amendments to the Pipeline Ordinance (RLV) and the Pipeline Safety Ordinance (RLSV) in order to create the technical requirements for new hydrogen pipelines. In the Nuclear Inspectorate, the "echolyst - Impact-Echo-System" was promoted as a development priority. The Pressure Equipment Market Surveillance Department carried out a random sampling program to ensure that recalls and warnings were issued for products that were already on the market.

Sustainability and innovation at the SVTI Group

In 2023, various sustainable measures were implemented at the SVTI Group, including the installation of charging stations for electric cars. This will be followed in 2024 by a photovoltaic system on the flat roof of the Richtistrasse 15 building in Wallisellen. In the area of innovation, the focus is on new non-destructive testing methods and supporting industry with decarbonization. For example, a project entitled "Use of blockchain technologies in testing processes" is being financed from the innovation fund. Sustainability, innovation and our role as an attractive employer are values that contribute significantly to our continued success.

The topic of AI has also arrived at the SVTI

A novelty in the SVTI's digital annual report is that the AI-generated Kayla Klarissa provides a lively review of the year. in the form of a video granted on the 2023 highlights.

Prof. Dr. Benjamin F. Grewe from ETH Zurich gave a talk on "A brief history of artificial and natural intelligence" at the 155th association meeting, which was less AI-based and more AI-driven and in line with current developments.

Source and further information: www.svti.ch

Around 60 percent of companies in Germany, Austria and Switzerland (DACH region) have fallen victim to a cyber attack at least once in the last two years. This is according to the "Cyber Security Report DACH 2024" by security firm Horizon3.ai. A sample of 300 companies was examined for the report. According to the report, well over a third (37%) of companies reported a specific incident. Just under a quarter (23%) did detect a hacker attack from the Internet, but were able to fend it off completely according to their own statements. 28% of the companies contacted by Horizon3.ai do not even know whether or not they have fallen victim to a cyber attack in the last 24 months. Only 12 percent of companies say "We are certain that we have not been attacked."

Almost a quarter were attacked three or more times

According to the "Cyber Security Report DACH 2024", almost a quarter of companies (23%) were exposed to a hacker attack three times and a further 12% even more frequently in the two years surveyed. A further 18% were "only" attacked twice during this period and 11% once from the internet. "The number of unreported cases is likely to be many times higher," suspects Rainer M. Richter, Head of Europe and Asia at the security company Horizon3.ai, which published the study. He fears: "In view of around 70 new vulnerabilities in software programs that are discovered every day and the growing complexity of computer and network environments, many companies have long since lost track of how vulnerable they really are and how often they are actually attacked. Cases of attackers roaming around company networks for months on end and tapping into confidential data without being noticed are well known. Many attacks only come to light when there is an immediate impact on ongoing operations or a ransom note appears on the screen."

Downtime, financial losses, legal consequences and data theft

According to the "Cyber Security Report DACH 2024", 63% of the companies surveyed had suffered downtime due to a cyberattack in the two years under review. 42 percent (multiple answers were requested) suffered financial damage as a result. 36 percent suffered legal consequences. In 34 percent of all cases, data was stolen. 29 percent of companies received a ransom demand in order to release data encrypted by hackers. 

Security expert Rainer M. Richter is surprised: "Many board members, managing directors and IT managers don't seem to realize that, in addition to the consequences for their company, they can also face personal liability if a cyber attack causes serious damage. In these cases, it is up to them to prove that they have done or ordered everything humanly possible to prevent sensitive customer data from being stolen, for example."

Widespread naivety at management level

The participants selected for the survey predominantly hold a position of responsibility in their company: Chief Information Security Officer (23 percent), Team Leader IT (21 percent), Chief Information Officer (18 percent), Chief Technology Officer (13 percent) and System Administrator (7 percent). "According to the survey, half of those personally affected do not expect to be held liable for potential damage," says Rainer M. Richter, surprised at the widespread naivety of managers when it comes to cyber risks.

The cyber security expert warns of a security chaos: "The economy is urgently called upon to do its homework when it comes to cyber security. The waves of attacks will be AI The pace of cyberattacks is becoming increasingly faster and more aggressive, while at the same time more and more devices are being connected to the company network through home office and the Internet of Things, making the gateways for hackers visibly larger. The gap between the level of risk and the level of protection is therefore widening." 

Penetration tests against security chaos

Rainer M. Richter advises companies to "carry out penetration tests with great frequency in order to continuously check their cyber resilience." During such a test, an attack is carried out on the company's own premises in order to detect security vulnerabilities. In the financial sector, the European banking supervisory authority carries out regular penetration tests under the term "stress test" to check the financial institutions' ability to defend themselves against hacker attacks. "I advise every board member, managing director, authorized signatory and IT manager from all other sectors to regularly subject their own company to this kind of acid test," says the Head of Europe and Asia at Horizon3.ai, certainly not entirely altruistically, as his employer operates a platform called NodeZero, which aims to make such penetration tests affordable for SMEs.

Source: www.horizon3.ai 

Experience shows that an important component of successful risk management strategies is process automation and process management. Both lead to greater consistency, efficiency and accountability across the organization. "Essentially, automation ensures that processes are carried out in accordance with established policies and regulations, reducing legal risk. Automation enables real-time monitoring and reporting of operational activities, allowing businesses to identify and address risks immediately. Important points when you consider that the new NIS2 directive is also coming into force soon," clarifies Cosima von Kries from Nintex, a provider of process intelligence and automation solutions. 

Many companies fail

However, many companies fail to introduce these technologies or do not exploit their full potential. This leads to uncertainties, disagreements among management and employees and can ultimately also cause security-related difficulties. Any technology is only as good as the user who operates it and the database that is used. "If companies are fit in the area of process automation and processing the right database, they can also implement the NIS2 directive or ISO 27001 very well. They then know, for example, how security incidents are reported digitally or how emergency plans are immediately initiated automatically depending on the security incident that has occurred. However, many companies are not aware of this and only think of pure security measures and tools when it comes to guidelines relating to information security or cyber security. But it goes much deeper and further. Only the right process automation helps companies to create holistic structures in which security guidelines can work effectively," Cosima von Kries goes into further detail. 

5 tips on how companies can improve their risk management

It therefore recommends that companies take the following five steps to successfully implement a process automation project and thus significantly improve risk management: 

1. Start step by step

Even though all the goals of the project are important, it is crucial to start small. Rather than trying to automate an entire process, it's best to narrow the focus of the implementation team. First, identify the areas in cybersecurity and information security infrastructure where process automation makes the most sense. The identified processes are evaluated according to their complexity, frequency and the potential risk associated with their manual execution. These can be, for example, recurring tasks such as patch management, log analysis, threat prevention, incident reporting or compliance monitoring.

Smaller, incremental changes can be reviewed and adapted more quickly. Successes encourage managers and employees to take the next step. Customers also benefit from the positive effects. A gradual changeover creates a culture of continuous improvement towards leaner processes and improved risk management. 

2. Communicate benefits clearly

Managers should involve employees in the change process at an early stage. They should inform their teams comprehensively about the benefits, procedures and change steps, as well as why information and cybersecurity are of the utmost importance in the company and why the implementation of various guidelines is a top priority. Employees who are aware of the benefits for the company and for their own way of working are more motivated to participate in the change. They also feel involved in the cultural change, valued in their work and supported by the new software. 

The first step is to document all processes in detail and then evaluate which processes can be automated and how effectively. It provides comprehensive information on how tasks are carried out, which roles and responsibilities are involved and what the overall workflow looks like. Based on this information, the second step is to identify opportunities for improvement, streamline processes and reduce risks by reducing procedural deviations.

3. Stay human-centered 

Effective risk management in companies focuses on the people who work there and remains so, no matter what stage of implementation and change the process automation project is at. Through targeted training and a culture of open exchange, companies can empower their employees to recognize potential risks at an early stage and act proactively. Involving all team members in decision-making processes and valuing their perspectives not only promotes trust, but also the company's innovative strength. A strong, informed and committed workforce thus forms the backbone of successful risk management that can react flexibly and resiliently to challenges.

4. Introducing technology even in highly regulated sectors 

Companies operating in highly regulated sectors, such as financial services, healthcare or the public sector, are generally reluctant to introduce new technologies. However, the potential benefits of process automation can be even greater here than in other business sectors. Process automation is particularly beneficial here, as it helps to meet compliance requirements, ensure data integrity and security, minimize errors, increase efficiency, improve transparency and traceability, and increase adaptability to regulatory changes. 

These benefits help to reduce the business risk, time and effort normally associated with adapting manual processes to new regulatory requirements and lead to cost savings as well as better resource utilization by significantly reducing redundant or manual tasks.

5. Avoid unintended risks 

Used correctly, process automation significantly reduces business risk. Used incorrectly, on the other hand, process automation can sometimes unintentionally introduce risk in the form of data breaches, privacy concerns and non-compliance. Therefore, it is critical that organizations implement governance mechanisms and data hygiene practices to identify and assess risks, implement controls to mitigate risks and ensure compliance with industry standards and regulations.

Automating complex, error-prone process steps ensures that they are carried out correctly every time. This reduces the risk of human error and costly consequences or reputational damage. Automated monitoring helps with regular checks and adjustments, e.g. to new guidelines such as NIS2, as well as quickly implementing improvements where necessary. 

Source and more information about the Nintex Process Platform: https://www.nintex.de/prozessplattform/

Artificial intelligence offers many opportunities and has great user potential. But there is also the other side of the coin: AI can also be used for criminal purposes. An analysis by Trend Micro shows the latest developments and highlights the threats that can be expected in the near future.

Jailbreaking-as-a-Service

While AI technologies are rapidly gaining acceptance in the business world, attempts to develop their own cybercriminal Large Language Models (LLMs) were largely abandoned in the cybercrime world last year. Instead, criminals shifted their focus to "jailbreaking" existing models, i.e. using special tricks to get them to bypass their integrated security measures. There are now offers such as Jailbreaking-as-a-Service. Criminals use sophisticated techniques to get LLMs to respond to requests that should actually be blocked. These techniques range from role-playing games and hypothetical scenarios to the use of foreign languages. Service providers such as OpenAI or Google are working on closing these security gaps. Cybercriminal users, in turn, have to resort to more sophisticated jailbreaking prompts. This has created a market for a new class of criminal services in the form of chatbot offerings for jailbreaking.

"Cybercriminals have been abusing AI long before the recent hype around generative AI in the IT industry. That's why we delved into the criminal underground forums to find out how cybercriminals actually use and deploy AI to achieve their goals and what kind of AI-powered criminal services are being offered," explains David Sancho, Senior Threat Researcher at Trend Micro. "We've looked at the underground conversations about AI and found that interest in generative AI has followed general market trends, but adoption seems to be lagging behind. We've also seen LLM offerings from criminals for criminals. These include FraudGPT, DarkBARD, DarkBERT and DarkGPT, which have many similarities. For this reason, we suspect that they most likely function as wrapper services for the legitimate ChatGPT or Google BARD - we call them Jailbreaking-as-a-Service services," David Sancho continued. "We have also investigated other potentially fake criminal LLM offerings: WolfGPT, XXXGPT and Evil-GPT. We are also looking at deepfake services for criminals: We've seen pricing and some early business models around these AI-powered fake images and videos."

Deepfake services on the rise

Deepfakes have been around for some time, but only recently have real cybercriminal offers been discovered. Criminals are offering deepfake services to bypass identity verification systems. This is becoming an increasing problem, particularly in the financial sector, as banks and cryptocurrency exchanges demand ever more stringent checks. Deepfakes are becoming cheaper and easier to create. Cybercriminals are using this technology to create fake images and videos that can fool even advanced security systems. A stolen ID document is often enough to create a convincing fake image.

What does this mean for the future?

Developments show that criminals are constantly finding new ways to misuse AI technologies. Although there has been no major disruption so far, it is only a matter of time before more serious attacks can be expected. Companies and private individuals must therefore remain vigilant and constantly improve their cyber security measures in order to be prepared for these threats. Three fundamental rules of cybercriminal business models will determine when malicious actors target GenAI on a large scale:

1. Criminals want an easy life: The aim is to achieve a certain economic result with as little effort and as little risk as possible.
2. New technologies must be better than existing tools: Criminals only adopt new technologies if the return on investment is higher than with existing methods.
3. Evolution instead of revolution: Criminals prefer gradual adjustments rather than comprehensive revisions in order to avoid new risk factors.

Conclusion: cybercriminal use of AI is only just beginning

The need for secure, anonymous and untraceable access to LLMs remains. This will encourage cybercriminal services to keep exploiting new LLMs that are easier to jailbreak or tailored to their specific needs. There are currently more than 6,700 readily available LLMs on the AI community platform Hugging Face. It can also be assumed that more and more old and new criminal tools will integrate GenAI functions. Cybercriminals have only just begun to scratch the surface of the real possibilities that GenAI offers them.

Trend Micro has compiled further information on this topic in a blog:

• https://www.trendmicro.com/de_de/research/24/e/ki-cybercrime-jailbreaks-bestehender-llm-modelle.html
• https://www.trendmicro.com/de_de/research/24/e/generative-ki-tools-fur-deepfakes.html

Many companies in Europe are already in the impact phase of using AI with regard to their employee experience: 79% of employee experience (EX) experts report a significant improvement in the quality of work of their employees as a result of AI. This is shown by the Employee Experience Report 2024a worldwide survey of 800 EX managers by Zendesk. 

AI increases efficiency and quality of work

"AI has already revolutionized the customer experience through personalization and increased efficiency. Now we are also seeing this development in the employee experience," says Tanja Hilpert, VP Central Europe (DACH & CEE) at Zendesk. "Not only do consumers benefit from AI technologies in their interactions with companies, but employees are also experiencing more and more advantages."

According to the survey, EX managers are increasingly adapting new working practices and tools to support their teams. In particular, they expect this to boost the productivity and satisfaction of their employees and give them a competitive advantage over their competitors. The following key findings emerge from the survey: 

• EX managers supplement their human team with supporting AI agents
• The introduction of self-service tools meets employee expectations in terms of flexibility and personalization 
• Employees are increasingly using AI-supported data analyses as a strategic basis for decision-making. 

Digital expansion of the team 

While the recruitment and induction of new employees used to take place on site in most cases, it is now increasingly taking place remotely. Consequently, the IT and HR decision-makers surveyed are increasingly relying on AI-based training and workflows: 35 percent want to expand their offerings. 

To strengthen their teams, EX managers expand their human team with AI agents that support employees support as co-pilots. 81% of those surveyed expect the integration of such AI solutions into EX to enable employees to solve complex tasks more effectively. This includes, for example, analyzing extensive data sets to derive corporate strategies. 79 percent of EX experts already recognize an improvement in the quality of employees' work through AI. Almost half (44%) cite faster data processing and higher productivity as important factors. 

Flexibility and personalization through self-service 

Respondents are aware that flexible working is essential for an optimal work experience. 84% consider the freedom to choose where to work to be an important factor that can contribute to work-life balance. Companies also benefit from this: 87% of managers consider flexible working hours to be crucial for increasing productivity. 

At the same time, decision-makers are increasingly relying on personalized EX solutions. This includes the use of AI-based platforms for employee training, for example. These platforms take into account the skills and learning styles of individuals instead of a one-size-fits-all approach. Personalized training, in turn, enables managers to identify individual development opportunities. Based on AI-supported data analysis, managers can offer each team member the best possible personal support - regardless of where they work. 36% of respondents already use AI to personalize EX. 

Self-service solutions are one possible answer to the increased expectations of flexibility and personalization. The use of such tools is driven by the positive impact of self-service and AI technologies on productivity and employee satisfaction, which 80 percent of EX executives observe. Accordingly, 84% of respondents have already invested in HR platforms that offer their employees self-service options. 

Data-based performance assessment 

Many employer experience experts are struggling with increasing flexibility in the workplace. Two-thirds of respondents cite accurately measuring productivity while working from home as a key challenge. New, data-driven approaches are needed to recognize performance in the remote age. EX leaders are therefore turning to AI-powered data analytics to assess engagement and productivity and optimize employee satisfaction. 

Source: Zendesk