Critical vulnerabilities across 20 of the most popular travel & tourism websites detailed

Posted in Commentary with tags on July 24, 2025 by itnerd

The Business Digital Index (BDI) platform evaluated and ranked 20 of the most visited travel and tourism websites by their cybersecurity posture.

Each company’s score reflects performance across seven security categories: software patching, web app security, email protection, system reputation, hosting infrastructure, SSL/TLS configuration, and data breach history. 

Here are the 20 most popular travel & tourism websites ranked by cybersecurity (best to worst):

Out of the 20 travel and tourism websites analyzed, just two—Trip.com and Flightradar24—achieved an A grade.

These four—Wetter.com, Hilton, Marriott, and Skyscanner—received the lowest cybersecurity scores.

To find out what critical vulnerabilities these websites have and why some of them score so low, please see the full report here: 

https://businessdigitalindex.com/research/cybersecurity-analysis-reveals-critical-vulnerabilities-across-20-major-travel-tourism-websites

Leave a comment »

CIRA’s Net Good Grants back Indigenous, rural and youth-led initiatives for a safer, more connected Canada

Posted in Commentary with tags on July 24, 2025 by itnerd

Today, CIRA is proud to announce 13 transformative, community-led initiatives funded through its 2025 Net Good Grants program. From remote broadband infrastructure to youth-focused cybersecurity training, these projects are advancing internet safety, access and digital sovereignty across Canada.

Each initiative equips communities with the tools, knowledge and infrastructure they need to thrive in an increasingly challenging digital world. The collective impact spans most provinces and territories, reflecting a broad and diverse commitment to digital resilience from the ground up.

Key insights

  • Over 270,000 community members will benefit from this year’s Net Good Grants
  • Three infrastructure projects building community-managed connectivity networks
  • Two policy engagement projects raising awareness and amplifying local voices in internet sovereignty discussions
  • Eight online safety projects empowering youth, educators and community leaders

In British Columbia, communities like rural Shuswap region and Cortes Island are developing locally governed broadband co-operatives so that they can build, own and operate networks to directly serve their residents and generate revenue.

Initiatives like the Digital Defenders Project in Saskatchewan and the Northwest Territories, the SmartScroll Digital Safety Program in small-town Ontario and Cyber Ready Islanders in Prince Edward Island are helping young people recognize and respond to online harms, misinformation and privacy risks.

For professional development, the University of Ottawa’s CyberSafe Youth project is delivering cyber attack simulation training to youth in Quebec and Ontario, while the Malahat Nation in B.C. is establishing a cybersecurity operations centre and training hub through its Malahat Internet Safety Initiative.

Every initiative is rooted in local collaboration, underscoring a community-first approach to digital empowerment. These projects not only focus on youth development, but will also train educators, parents and community leaders, extending their impact through intergenerational learning and institutional partnerships.

Whether through civic engagement in internet policy, broadband infrastructure co-ops, or multilingual online safety programs, these projects exemplify how community-led innovation can drive systemic change and ensure no one is left behind in Canada’s digital future.

Resources 

Leave a comment »

Artificial Intelligence Adoption in S&P 500 Firms Brings New Security Challenges, Study Finds

Posted in Commentary with tags on July 24, 2025 by itnerd

As artificial intelligence becomes increasingly central to the operations of America’s largest corporations, recent research reveals potential security vulnerabilities that could affect both organizations and their customers. 

An analysis by cybersecurity experts at Cybernews examined AI deployments across the S&P 500 and uncovered close to 1,000 potential weak points that may lead to data exposure, theft of proprietary information, and erroneous AI actions.

The study found that 327 S&P 500 companies publicly report using AI tools in their operations in sectors including finance, healthcare, manufacturing, and energy. 

While these tools have accelerated innovation and efficiency, safety measures have yet to fully catch up, leaving systems open to misuse or failure. This includes AI outputs that may be inaccurate or misleading, unintended disclosure of confidential data, and risks of corporate secrets being compromised.

The potential vulnerabilities extend across multiple industries. Technology and semiconductor companies are especially vulnerable to data leaks and intellectual property risks. Financial institutions might face challenges protecting client data while ensuring AI does not reinforce unfair bias in lending. 

Healthcare providers carry the added responsibility of protecting patients from flawed AI-driven recommendations. Meanwhile, industrial and infrastructure sectors must guard against disruptions that could affect critical services, such as power supply or supply chain operations.

For consumers, the consequences are tangible. Unsecured AI systems risk leaking private details – ranging from medical histories to financial records – while flawed AI judgments could influence decisions that directly affect people’s health and finances. 

As AI tools play a larger role in retail, banking, transportation, and other areas, protecting these technologies becomes essential for public protection.

The report highlights past incidents that illustrate these dangers. IBM’s Watson once offered unsafe cancer treatment suggestions. Apple’s credit system faced scrutiny after allegations of gender bias. Zillow’s AI-driven pricing led to substantial financial losses. Additionally, Samsung experienced unintended source code disclosures due to inappropriate use of AI chatbots by employees.

As AI further transforms businesses, past incidents and potential threats show how crucial it is to improve security strategies in parallel. 

Leave a comment »

Guest Post – Workflow Automation: a Primer

Posted in Commentary with tags on July 24, 2025 by itnerd

By Tim Flower, VP of DEX Strategy, Nexthink

What Is workflow automation?

Workflow automation takes manual or scripted tasks and processes performed by employees and groups them in a logical order, initiated by automated or manual triggers. These workflows include decision points, branches, tasks, and calls to other systems or humans for additional insights, delivering fast, consistent, repeatable, and scalable outcomes with minimal or no human intervention. 

But modern workflow automation goes beyond simple task execution by leveraging low-code/no-code platforms to lower the skills entry point, and to deliver more complex AI-driven decision-making processes that continually optimize themselves. In fact, many systems can now “automate the automation,” further reducing errors, speeding time-to-market, ensuring compliance, and eliminating bottlenecks. 

How does it work? 

Originally, workflow automation consisted of repeatable tasks scripted for automated execution, bringing efficiency to humans by handling defined, repetitive processes. Over time, it evolved into more robust AI-powered decision-making, enabling automation of complex and variable workflows.

Today, workflow automation can:

  • Optimize itself using machine learning, analyzing historical data to improve workflows over time.
  • Leverage event-driven automation, where real-time business triggers (e.g., exceeding a technical threshold or dropping below an inventory level) automatically initiates a process workflow.
  • Integrate with AI-powered digital employee experience (DEX) tools, which can analyze human behavior and operations, and suggest new automation opportunities based on a broad enterprise view.

As AI continues to evolve, workflows will become more self-improving, reducing the need for human intervention even in process design.

Why should businesses use workflow automation? 

Businesses that do not embrace workflow automation risk falling behind their competition. The benefits include:

  • Faster, more efficient operations – Automating processes reduces execution time, leading to significant reductions in processing times in key IT and business functions.
  • Lower operational costs – Companies using automation report 30% or more cost savings by reducing manual effort, according to LatentBridge.*
  • Improved employee productivity – Employees are freed from repetitive, low-value tasks, allowing them to focus on more strategic work.
  • Better customer experiences – Faster service delivery and error reduction lead to higher customer satisfaction and retention rates.
  • Scalability – Companies can handle more work without proportionally increasing costs or headcount.

How best to deploy workflow automation?

To implement modern workflow automation effectively, businesses need three key components:

  1. Broad, multi-source data – Automation opportunities should be identified using real-time data from multiple systems. Process mining tools can analyze inefficiencies and suggest improvements.
  2. AI-driven automation creation – The skill barrier to automation should be lowered using AI and low-code/no-code solutions, enabling business users to build automations without heavy IT involvement.
  3. A unified automation platform – A solution that combines workflow automation with real-time experience monitoring, sentiment analysis, and measurement of business outcomes is crucial to track effectiveness and continuously improve processes.

Additionally, proper change management, security, and governance must be considered to ensure successful adoption and compliance.

Common implementation mistakes

Businesses often face these pitfalls when implementing workflow automation:

  • Not identifying the right problems to solve – Automating low value processes while missing what really matters can result in lower returns. 
  • Failing to optimize first – Automating inefficient processes without first optimizing them can lead to wasted efforts.
  • Using a fragmented approach – Selecting tools that don’t integrate across all enterprise systems results in automation silos.
  • Not tracking value – Without clear success metrics, businesses may struggle to measure ROI and justify further investment.
  • Trying to automate too much at once – Overloading teams with too many changes can cause adoption failures. A phased approach is more effective.
  • Not monitoring for unintended consequences – Poorly designed workflows can introduce new problems or outcomes that weren’t present before.

Emerging workflow automation trends

Businesses embracing workflow automation with AI and DEX capabilities will outpace the competition. Those who delay adoption will find themselves increasingly behind as automation plays a bigger role across enterprises. There are several trends happening that should demand some attention:

  • Hyper-automation – AI, machine learning, and robotic process automation (RPA) will increasingly work together to automate as much as possible.
  • Conversational automation – AI-powered intelligent chatbots and voice assistants will play a larger role in initiating and executing workflows.
  • Process mining and AI-driven optimization – AI will proactively analyze and recommend new automation opportunities.
  • End-to-end digital experiences – Automation will integrate deeply into Digital Employee Experience (DEX) strategies, ensuring seamless workflows across systems to improve the overall employee experience at work.

Tim Flower, VP, DEX Strategy for Nexthinkhas worked in enterprise IT for over 30 years, and since joining Nexthink in 2015, he has helped businesses large and small around the world to understand the power of information when viewed through the end-user.  

Leave a comment »

Bell Pure Fibre Ranked Fastest Internet in Canada For The Third Year In A Row

Posted in Commentary with tags on July 23, 2025 by itnerd

Ookla’s Canada Speedtest Connectivity Report (H1 2025) has hit the street along with the accompanying Speedtest Awards.

For the third year in a row, Bell Pure Fibre has been named Canada’s Fastest Internet — a Speedtest Award win based on millions of real-world consumer tests from Q1–Q2 2025. In addition to this award, Bell ranked #1 in the Speedtest Connectivity Report for:

  • Median download and upload speeds
  • 90th percentile performance

Bell’s wireless network also continues to show strong performance, with the Speedtest Connectivity Report reaffirming leadership in key mobile categories across the country.

 Full reports are here:

Leave a comment »

The data of 100 million Swedish citizens has been exposed

Posted in Commentary with tags on July 23, 2025 by itnerd

The Cybernews research team has uncovered a major data leak exposing over 100 million detailed records tied to Swedish citizens and companies.

An unsecured server exposed a large collection of sensitive business intelligence and personal data, with records spanning 2019 to 2024 across 25 indices — some over 200GB in size.

Analysis suggests the data originated from Risika, a leading Nordic data analytics firm. However, metadata indicates the server was likely operated by an unidentified third-party client, not Risika itself.

What data was leaked?

  • Full legal names, including history of previous names
  • Swedish personal identity numbers
  • Date of birth and gender
  • Address history, both in Sweden and abroad
  • Civil status and information about deceased individuals
  • Foreign addresses for emigrants
  • Debt records, payment remarks, bankruptcy history, property ownership indicators
  • Income tax data spanning several years (2019–2023)
  • Activity and event logs (including income statement submissions, migration status, and address updates)

Significance of this leak

  • These records effectively mapped out a five-year financial and behavioral profile of Swedish citizens and organizations, making the scale and precision of this leak especially concerning.
  • The leaked data offered a detailed, time-stamped snapshot of how both individuals and organizations function, tracking everything from address changes and income shifts to debt, tax filings, and business ties.
  • The sheer volume and precision of the information make the dataset extremely valuable and dangerous. Banks, lenders, and compliance teams could use it for risk assessments and credit analysis. 
  • Attackers could weaponize this intelligence for everything from corporate surveillance and competitor profiling to highly targeted phishing campaigns, social engineering, or extortion. 

To read the full research report, please click here.

Leave a comment »

Abstract Security Introduces Shift Left for Detection, Turning Real-Time Insight into a Strategic Advantage

Posted in Commentary with tags on July 23, 2025 by itnerd

Abstract Security, the pioneer in streaming detection and response, today unveiled its groundbreaking Shift Left strategy for security operations—bringing real-time analytics, correlation, and response closer to the source of data. Abstract’s new model empowers security operations teams to detect threats in stream, before data hits storage—not after the damage is done. 

Read more about the Shift-Left Detections Approach from Abstract Security: www.abstract.security/blog/shift-left-detections-with-abstract.  

Why Shift Left for Detection Matters 

Instead of analyzing logs hours after an event, Abstract enables security teams to detect and respond in the moment: 

  • Real-time correlation across cloud, endpoint, identity, and SaaS sources 
  • In-stream threat intelligence and asset context 
  • Instantaneous detection logic execution, before data hits the SIEM or data lake 

The result: security operations that are not only faster, but smarter, leaner, and more effective. 

A New Standard for ROI in Detection 

Traditional detection requires pushing massive volumes of telemetry into SIEMs just to run rules—an expensive, delayed, and inflexible process. Abstract changes the economics of detection by running analytics in-stream: 

  • Up to 70% reduction in SIEM ingestion volume 
  • 4x faster detection using ready-to-deploy rules with no custom tuning required 
  • Improved signal-to-noise ratio, enabling faster, more confident responses 

To learn more about how companies like Juul Labs are already transforming their journey with Abstract, visit https://www.abstract.security/abstract-canvas.   

Detection-as-Code, Powered by ASTRO

Abstract’s ASTRO team delivers constantly evolving detection logic and threat intelligence as code—built for real-time execution. ASTRO also treats DFIR as code, enabling live incident investigations, timeline reconstruction, and playbook automation directly in the stream. 

  • No manual queries 
  • No stale enrichments 
  • No delays in response 

DFIR becomes just as fast and automated as detection itself. Learn More about the DFIR-As-Code from Abstract in their blog series here. 

A Shift Worth Making 

Abstract’s Shift Left philosophy offers security teams a chance to modernize without overhauling. You don’t need to rip and replace. You just need to move detection to where the action is—before the threat moves past you. 

Leave a comment »

EnGenius Multi-Gigabit Switch Delivering 2.5G Performance with 90W PoE++ Announced

Posted in Commentary with tags on July 23, 2025 by itnerd

EnGenius Technologies Inc. has announced the launch of the ECS2530FP, a powerful L2+ Multi-Gigabit switch designed to meet the demands of modern enterprises. The ECS2530FP delivers advanced performance and flexibility, offering multiple management options—locally, via EnGenius Private Cloud, or through the EnGenius Cloud platform—empowering IT teams with complete control across any deployment scenario.

The ECS2530FP delivers unmatched flexibility and power with 24 multi-gigabit 2.5GbE PoE+ & PoE++ ports and 6 dual-speed 10G SFP+ uplinks, offering the bandwidth, speed, and fiber connectivity enterprises need to support high-throughput applications such as Wi-Fi 7 access points, AI surveillance systems, and advanced VoIP deployments.

This new switch is engineered with 16×PoE+ (802.3at) and 8×PoE++ (802.3bt) ports, capable of supplying up to 90W per port, ideal for powering the latest high-demand devices. A generous 740W total PoE budget ensures the ECS2530FP can support dense device environments with ease.

Manage the ECS2530FP from anywhere using the intuitive EnGenius Cloud platform. Features include device provisioning, bulk firmware updates, real-time monitoring, alert notifications, and AI-driven insights, giving IT admins full visibility and control from a single pane of glass.

Key Features & Benefits:

  • Multi-Gig Performance for Enhanced Efficiency

Empowers enterprise networks, ECS2530FP supports multi-gig connectivity, delivering high-speed data transfers, lag-free 4K and 8K video streaming, and optimized performance for daily SMB tasks. Whether supporting remote work, video conferencing, or bandwidth-intensive applications, these switches ensure network efficiency and responsiveness.

  • High-Speed Uplinks for Scalable Networks

The ECS2530FP features 6×10G SFP+ uplink ports that deliver high-capacity fiber connectivity for seamless data aggregation and uplinks to core switches. With dual-speed support for both 1G and 10G SFP modules, these ports provide the flexibility needed for scalable network designs and ensure future-ready performance as bandwidth demands grow

  • Unleashing Maximum Power with PoE++ Support

With 16×PoE+ (802.3at) and 8×PoE++ (802.3bt) ports, the ECS2530FP delivers up to 15.4W, 30W and 90W per port respectively, providing robust power for a wide range of high-demand devices. From Wi-Fi 7 access points and PTZ cameras to video conferencing systems, LED displays, and VoIP phones, this switch eliminates the need for separate power sources—simplifying deployment and supporting even the most power-intensive network environments.

  • Robust Power Budget for Scalable Network Deployments

A high total 740W PoE budget allocation supports dense, multi-device environments with power to spare. Ideal for large-scale deployments in enterprise campuses, hotels, retail stores, schools, and smart buildings.

  • Seamless Performance for Data-Intensive Networks

Ensures ultra-fast packet forwarding with minimal latency, delivering a reliable and seamless experience across all connected devices—even under high-traffic loads and during peak usage times.

Availability

The ECS2530FP will be available from EnGenius authorized resellers and distribution partners by the end of July. For additional product specifications and purchasing information, visit: ECS2530FP Product Page

Leave a comment »

StarTree Opens the Iceberg Lakehouse to the Outside World

Posted in Commentary with tags on July 23, 2025 by itnerd

StarTree today announced support for Apache Iceberg in StarTree Cloud, enabling it to serve as both the analytic and serving layer on top of Iceberg, delivering interactive insights to internal and external applications directly from the data lakehouse. With this launch, StarTree redefines what’s possible with Iceberg, transforming it from a passive storage format into a real-time backend capable of powering customer-facing applications and AI agents with high concurrency serving thousands of simultaneous users with consistent speed and reliability.

While Apache Iceberg and Parquet have become popular open table formats for managing data in the lakehouse, they are not query engines and most existing query engines built around them struggle to meet the performance SLAs required for external-facing, high-concurrency analytical applications. As a result, companies have historically avoided serving data directly from their lakehouse, instead relying on reverse ETL pipelines or transforming the data into proprietary formats for separate serving systems—adding latency, complexity, and cost. StarTree removes these constraints by offering real-time query acceleration directly on native Iceberg tables. By combining open table formats like Parquet and Iceberg with Pinot’s powerful indexing and high-performance serving capabilities, StarTree enables applications to deliver live, interactive insights directly from the lakehouse without data duplication, format conversion, or operational trade-offs.

A Real-Time Serving Layer for Iceberg

StarTree Cloud integrates directly with Iceberg using open standards (Parquet and Iceberg table formats) and enhances performance with powerful indexing, intelligent materialized views (StarTree Index), and localized caching. Unlike traditional tools like Presto, Trino, or ClickHouse that rely on lazy loading and scanning, StarTree is built for low-latency, high-concurrency access, making it ideal for powering interactive dashboards, real-time data products, and operational workloads with strict SLAs.

Key capabilities include:

●        Native support for Apache Iceberg and Parquet in StarTree Cloud

●        Real-time indexing and aggregations, including support for numerical, text, JSON, and geo indexes

●        Intelligent materialized views via the StarTree Index

●        Local caching and pruning for low-latency, high-concurrency queries

●        No data movement required—serve directly from Iceberg

●        Intelligent prefetching from Iceberg, minimizing irrelevant data scans

With StarTree Cloud, companies can now unlock the full potential of their lakehouse investments and deliver modern, intelligent user experiences without architectural sprawl.

Availability
Support for Apache Iceberg in StarTree Cloud is available today in private preview. For more information, visit www.startree.ai.

Supporting Resources

●      StarTree Adds Native Iceberg Support: Serve High-Concurrency Queries Directly from Your Lakehouse

Leave a comment »

Experity Launches Care Agent: The First Clinical Intelligence Solution for Urgent Care

Posted in Commentary with tags on July 23, 2025 by itnerd

Experity, today announced the launch of Experity Care Agent, the industry’s first clinical intelligence solution designed to put urgent care consumers in control of their healthcare. Utilizing data, analytics, and AI to redefine how patients interact with clinics, Care Agent facilitates the entire care journey while maintaining each clinic’s unique voice and brand identity.

According to Forrester, healthcare organizations are focused on a top initiative in 2025: Implementing technologies that improve patient experiences, support care virtually, and enable clinic decision-making for personalized medicine. Experity Care Agent is the only solution on the market that solves for each of these operational needs as a standalone product.

Experity Care Agent goes far beyond generic healthcare chatbots. With a dual-channel communication approach, it functions using mobile messaging (SMS/RCS) for smart registration, and secure web chat for all substantive interactions including triage assessments, discharge notes, payment collections, and care reminders. This proprietary architecture invented by Experity is HIPAA compliant.

As an emerging leader in urgent care clinical intelligence, these are the top reasons why urgent cares benefit from using Experity Care Agent:

  • Intelligent skills architecture: Modular capabilities span pre-visit preparation, real-time
    assistance, and post-visit follow-up that can be customized to each clinics’ specific
    needs
  • White-labeled brand experience: Patients interact with their clinic’s brand and voice, not a third-party platform
  • Clinical integration: Deep integration with EMR and practice management systems ensures continuity of care information
  • Compliance-first design: HIPAA-compliant dual-channel approach uses mobile messaging for notifications and secure web chat for PHI-related interactions

Experity Care Agent has launched with core skills including digital discharge document delivery and lab results communication, with additional dynamic capabilities planned throughout 2025 and 2026. The platform’s marketplace model allows clinics to select and activate skills that align with their specific operational needs and growth strategies.

In addition to its Care Agent, Experity announced its AI-driven Partner Ecosystem earlier this
year and is on pace to release AI Insurance Matching and AI Scribe before year end. With the
goal of expanding urgent care staff impact, Experity believes AI is the force multiplier behind
every administrator, provider, and employee who can now focus on the real human connections
that heal people.

Leave a comment »

« Older Entries
Newer Entries »