DHL partners with HappyRobot for AI efficiency

Posted in Commentary with tags on November 25, 2025 by itnerd

DHL Group is accelerating its enterprise-wide AI strategy through a new partnership between its contract logistics division, DHL Supply Chain, and the AI startup HappyRobot. The collaboration marks a significant step in deploying agentic AI to streamline operational communication and enhance both customer experience and employee engagement. 

DHL Supply Chain has already successfully utilized HappyRobot’s AI agents across several regions and use cases, including appointment scheduling, driver follow-up calls, and high-priority warehouse coordination. These agents autonomously handle phone and email interactions, enabling faster, more consistent, and scalable communication. 

Strategic AI deployment across DHL Supply Chain 

Current deployments already in use across DHL Supply Chain target hundreds of thousands of emails and millions of voice minutes annually. AI agents are supporting key workflows such as appointment scheduling, transport status calls, and high-priority warehouse coordination – helping teams manage operational communication at scale and with greater consistency. 

AI agents as a new operating model 

These implementations have already shown measurable impact – significantly reducing manual effort, increasing responsiveness, and enabling teams to focus on more strategic tasks and exception Press release Page 2 of 3 handling. By automating high-volume communication workflows, AI agents like those from HappyRobot are helping DHL deliver faster, more customer-centric services, while improving the work experience for employees and contributing to long-term workforce retention. 

HappyRobot’s platform enables fully autonomous AI agents to interact via phone, email, and messaging, while integrating seamlessly with DHL’s internal systems. And DHL Group continues to expand its AI strategy across all divisions. Beyond current pilots, further use cases are tested.

Leave a comment »

CData Appoints Ken Yagen as Chief Product Office

Posted in Commentary with tags on November 25, 2025 by itnerd

 CData Software today announced the appointment of Ken Yagen as Chief Product Officer (CPO). Yagen will lead product strategy and engineering as CData scales its connectivity platform for enterprises deploying agentic AI internally and for software providers building AI into their products.

The appointment comes as CData experiences rapid growth in the AI connectivity space. With thousands of users already connecting enterprise data sources to AI systems through CData’s MCP Servers, and the recent launch of Connect AI—a managed Model Context Protocol (MCP) platform—Yagen’s leadership will accelerate the company’s product roadmap.

Advancing AI-Native Connectivity

Yagen joins CData as the company shapes the emerging category of AI-native connectivity. Connect AI provides the enterprise-scale infrastructure that AI systems and autonomous agents require: live, governed access to business systems combined with embedded system-level semantic intelligence that teaches AI the structure, relationships, and business logic native to each platform—transforming raw connectivity into operational fluency.

Yagen is an accomplished product management and technology leader with more than 25 years of experience driving innovation in enterprise software. Most recently at Warburg Pincus, he led AI and LLM initiatives across the firm’s portfolio companies, helping enterprises integrate emerging AI technologies into their business strategies. His career includes pivotal roles at MuleSoft, where he shaped product strategy for APIs and integration platforms that became foundational to modern enterprise architecture, as well as leadership positions at Box and Symphony, where he drove collaboration and enterprise SaaS innovation.

Dual Market Strategy: Enterprises and ISVs

Under Yagen’s leadership, CData will accelerate its dual go-to-market strategy, enabling both direct enterprise adoption and embedded use by independent software vendors (ISVs). Organizations are adopting CData’s managed MCP platform to standardize connectivity across departments and initiatives, while software providers are embedding CData’s connectivity into their products to deliver enterprise-ready AI capabilities without building integrations themselves.

Leave a comment »

US big banks hit by real estate fin-tech breach

Posted in Commentary with tags on November 24, 2025 by itnerd

Saturday, real estate lender tech provider SitusAMC confirmed a November 12 cyberattack impacting the sensitive personal information on the clients of hundreds of some of the nation’s biggest banks, including JPMorgan Chase.

The data exposed was related to residential mortgages, the company said. JPMorgan Chase, Citi, and Morgan Stanley are among those that have been notified that their client data may have been taken. 

   “The incident is now contained and our services are fully operational. No encrypting malware was involved,” the statement reads.

   “We remain focused on analyzing any potentially affected data,” SitusAMC’s chief executive, Michael Franco said.

SitusAMC manages extensive sensitive data collected through mortgage applications, including Social Security numbers. The fintech also provides regulatory compliance services to ensure lenders’ loans meet state and federal requirements. As a result, a breach could expose highly confidential information about lenders and their real estate portfolios.

   “We remain committed to identifying those responsible and safeguarding the security of our critical infrastructure,” FBI Director Kash Patel said in a statement.

Michael Bell, Founder & CEO, Suzu Labs had this to say:

   “SitusAMC proves that Wall Street’s hundreds of millions spent on bank cybersecurity is irrelevant when a third-party vendor holding SSNs, mortgage applications, and regulatory compliance data gets compromised.

   “The attackers bypassed JPMorgan, Citi, and Morgan Stanley’s defenses entirely by hitting the shared services provider with access to all their customer data.

   “Pentesting offers a lens inside these third-party environments and the lack of controls protecting customer data is shocking. Organizations need to start auditing vendor security postures with the same rigor they apply to their own perimeters.”

Damon Small, Board of Directors, Xcape, Inc. follows with this:

   “The recent cyberattack on SitusAMC underscores the significant and widespread third-party risk that major US financial institutions like JPMorgan Chase, Citi, and Morgan Stanley are currently exposed to.

   “Despite claims of containment, the breach resulted in the confirmed exfiltration of highly sensitive residential mortgage data, including Social Security numbers and private real estate holdings, all valuable targets for identity theft.

   “This incident confirms that the security of financial service providers is only as strong as the weakest link within their specialized fintech supply chain. Under regulations like GLBA, banks are ultimately accountable for protecting client data across their entire vendor network, necessitating the immediate implementation of Zero Trust principles for all third-party access.

   “Banks should treat this breach as if client data has been exposed by immediately activating dark-web monitoring, placing fraud alerts, and closely monitoring for unauthorized changes of address and wire instructions within their mortgage and servicing systems.

   “Lenders also need to immediately rotate tokens and credentials for SitusAMC integrations, implement stricter least-privilege access controls, and enforce breach-notification service-level agreements and data minimization practices through contractual obligations.

   “Regulators will be expecting concrete evidence of third-party risk management, including vendor audits, immutable backups, and well-tested incident response playbooks that cover the entire lifecycle of loan origination, servicing, and secondary market data flows.

   “Wall Street learned the hard lesson again: In the modern financial supply chain, the security of a bank’s information assets is only as effective as the least-protected mortgage application.”

This latest supply chain attack is going to be bad given the type of data that is now out there. I feel sorry for anyone who is potentially affected as this will not end well for them at all.

Leave a comment »

101 Black Friday Apps Analyzed: What data privacy costs do Black Friday bargains come with?

Posted in Commentary with tags on November 24, 2025 by itnerd

This Black Friday, around half of us will reach for our smartphones to try and bag the latest deal, with 27 percent of people preferring to do this via a retailer’s app. 

But is there a privacy cost in trying to get the best deal via an app?

Today, Comparitech researchers have published a study looking at just this. By analyzing 101 of the most popular Black Friday apps, they have found out the exact data privacy cost these convenient bargains come with. 

Key findings include: 

  • The average app requests access to nearly 29 permissions in total, 8 of which are classed as high-level/”dangerous”
  • The most common dangerous permissions are ones that request access to the device’s camera, access location data (precise geolocation data or approximate location based on cell tower or Wi-Fi data), and read and write to external storage (data outside of the app, e.g. stored on the device)
  • 23% of apps (23 apps out of 101) potentially violate Google’s privacy policy standards
  • The most common omission from privacy policies was the data retention period (not provided by 8 apps), followed by a clear policy on how users can delete their data (omitted or restricted/unclearly defined by 11 apps)
  • The average app comes with 7 trackers, with one app (Vinted) coming with 17
  • These apps have been downloaded by over 7 billion people

For full details, this research can be read here: https://www.comparitech.com/news/data-privacy-black-friday-apps/

Leave a comment »

2026 Predictions from SIOS Technology

Posted in Commentary with tags on November 24, 2025 by itnerd

Today’s 2026 predictions come from Cassius Rhue, VP of Customer Experience, SIOS Technology.

1) Cloud Computing

Hybrid and Multicloud Strategies Gain Momentum – “Hybrid and Multicloud solutions have become a more proven option to help organizations balance performance, cost, and resilience while avoiding vendor lock-in.  More enterprises will continue to consider and adopt hybrid and multicloud architectures in 2026. As a result, HA solutions that can seamlessly operate across diverse infrastructures will become indispensable to modern IT strategies.”

2) Cybersecurity

Cybersecurity Will Redefine the Role of High Availability – “The rising wave of cybersecurity threats is transforming how enterprises view HA clustering. In 2026, HA will not only be about achieving 99.99% uptime—it will also serve as a vital tool for maintaining security resilience. More organizations will use HA clusters to enable rapid, low-risk patching and updates, ensuring systems remain both highly available and protected against emerging threats.”

3) Data Management

High Availability Focuses on Ease of Use to Meet Growing IT Admin Needs – “As IT administrators and generalists are given increasing responsibility for managing complex high availability (HA) application environments, the demand for intuitive, automated HA solutions will surge. In 2026, IT teams will favor platforms that do not require specialized HA skills, minimize manual configuration and simplify cluster management. Vendors that prioritize ease of use, automation, and guided workflows will stand out as the market evolves toward accessibility for non-specialist admins.”

4) DevOps

DevOps teams will increasingly integrate high availability clustering into application planning to reduce deployment risk – “Clustering tools with robust APIs, automation hooks, and real-time observability will allow rapid updates without interrupting production services. DevOps engineers will use clusters to test patches against active workloads, reducing the risk and degree of change. HA becomes a built-in feature of the delivery process—not an afterthought.”

5) AI / Machine Learning

Continuous Availability: The New Foundation for Trusted AI – “AI and ML workloads will run more frequently on distributed clusters and GPU-intensive systems, where downtime creates costly disruptions. In 2026, IT admins will demand high availability solutions that simplify complex AI stacks and expose full visibility into data, storage, and node health. Continuous availability becomes a prerequisite for AI reliability and trust.”

6) Application Performance Management (APM)

Observability Becomes Essential for Complex IT Environments – “As IT infrastructures expand across on-premises, cloud, hybrid, and multi-cloud environments, visibility into application performance and health and interdependencies of the elements of the IT stack will become mission-critical. In 2026, observability will emerge as a key differentiator for HA solutions, allowing IT teams to identify and resolve issues before they impact uptime. The most successful HA platforms will provide deep insights across the full stack—from hardware to application layer.”

7) Virtualization

Consolidation of Virtual Application Environments Drives Up Complexity and Need for Easy-to-Manage HA – “As enterprises consolidate onto virtualized platforms, IT admins will manage more mission-critical workloads per host. HA clustering will provide automated and intelligent failover across hypervisors without requiring deep virtualization expertise. Growing cybersecurity pressures will drive adoption of cluster-based patch automation to protect large pools of VMs simultaneously. Virtualized environments won’t just run clusters—they will depend on them.”

8) Disaster Recovery

Growing need for Automated Disaster Recovery – “By 2026, high availability and disaster recovery IT admins will expect clustering tools to support disaster recovery locations with automate failover, verify replication integrity, and give full visibility into the entire application stack—including networking, storage, and cloud resources. Frequent cyber incidents will force DR teams to apply patches and recover systems rapidly, with clusters minimizing downtime during failover. Disaster recovery becomes proactive, not reactive.”

“By 2026, IT admins will require clustering tools for high availability and disaster recovery (HA/DR) to support greater visibility into and control of failover operations and environments. The rapidly evolving landscape of hybrid cloud and multicloud environments will demand sophisticated solutions capable of providing full visibility into the entire application stack—including networking, storage, and cloud resources— while simultaneously helping advance organizational cybersecurity processes and posture.”

Leave a comment »

$3.72B USD in Cyber Week Sales Expected In Canada: Salesforce

Posted in Commentary with tags on November 24, 2025 by itnerd

Salesforce is predicting a strong Cyber Week (Thursday, Nov. 27 through Monday, Dec. 1)., showing digital traffic and sales have been higher over the last seven weeks in comparison to 2024. This is based on data from over 1.5 billion global shoppers across 1.5 trillion page views – including Canada.

Consumers’ feelings towards AI-powered shopping are quickly changing (48% of AI users would trust an agent to make a purchase on their behalf), putting AI agents center stage this shopping season and driving an anticipated $73 billion globally during Cyber Week. 

In Canada, we have seen:

  • Cyber Week digital sales are expected to reach $3.72B USD, with 2% YoY growth.
  • Early-season momentum is strong: from Oct. 1 to Nov. 15, Canadian Gross Merchandise Value (GMV) is up 2% YoY, and digital traffic is up 3% YoY.

You can read the post on this here

Leave a comment »

Cybersecurity Continues to Strengthen at MicroAge

Posted in Commentary with tags on November 24, 2025 by itnerd

MicroAge is proud to share that it has successfully completed a rigorous security audit known as System and Organization Controls 2 (SOC 2) Type 2 as of November 21, 2025. The examination conducted by Johanson Group, LLP found that MicroAge meets high standards for keeping systems and data secure. The audit resulted in a clean report, meaning MicroAge met all the required criteria without any issues.

A SOC 2 audit provides independent, third-party validation that a service organization’s information security practices meet industry standards required by the American Institute of Certified Public Accountants (AICPA). During the audit, a service organization’s non-financial reporting controls related to the security of a system are tested. The SOC 2 report delivered by Johanson Group, LLP, verified the suitability of the design and operating effectiveness of MicroAge controls to meet the standards for these criteria.

Additionally, MicroAge has earned the Cybersecurity Maturity Model Certificate (CMMC) Level 1 attestation, which focuses on the protection of Federal Contract Information (FCI) by having organizations implement 15 foundational cybersecurity requirements. This certification is a critical step for companies working with the U.S. Department of Defense and demonstrates MicroAge’s ability to meet essential security requirements for protecting sensitive information.

What This Means to Clients
CMMC Level 1 attestation assures clients that MicroAge adheres to robust cybersecurity practices designed to protect sensitive federal information. By meeting these requirements, MicroAge provides an added layer of trust and compliance that allows clients to confidently engage in projects that demand strong security standards.

MicroAge intends to continue executing and improving its internal controls and provide consistent peace of mind to clients with annual SOC 2 reporting and ongoing compliance with CMMC requirements. On top of everything, safety of client and company information remains a top priority.

Leave a comment »

Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub

Posted in Commentary with tags on November 24, 2025 by itnerd

 There is new research that shows that hundreds of trojanized versions of well-known packages have been planted in the npm registry in a new Shai-Hulud supply-chain campaign. Which is of course, really, really bad.

Ensar Seker, CISO at SOCRadarhas provided the following comment: 

“This campaign marks a dramatic escalation in software supply‑chain threats. Unlike earlier attacks that compromised only a handful of packages or relied on drop‑in malicious dependencies, Shai‑Hulud is a self‑propagating worm that abuses developer workflows, steals developer/CI CD credentials, publishes them to public GitHub repositories, and then uses those credentials to infect additional packages. 

What makes it especially pervasive is that it targets npm packages with multi‑million download counts, packages such as @ctrl/tinycolor, Zapier, ENS Domains, PostHog and Postman have been impacted.  Through the injection of malicious scripts (often via lifecycle hooks like postinstall/preinstall) and hidden GitHub Actions workflows, the attacker turns every infected developer workstation and CI runner into a distribution node. 

To defend against this kind of attack, dev and security teams must treat npm package management and CI/CD pipelines as part of the threat surface. This means enforcing strict token/scoped access policies, limiting or auditing lifecycle scripts (especially preinstall/postinstall hooks), monitoring secrets in build environments and using behavioral analytics to detect unusual GitHub Actions workflows or outbound connections from build hosts. Given the worm‑like nature of Shai‑Hulud, time is of the essence: any delay in rotating tokens or cleaning compromised build agents can lead to rapid spread.

In short, Shai‑Hulud isn’t a typical “package compromise”; it’s a worm embedded into the dev supply chain. It signals that attackers are shifting from targeting compiled binaries and runtime environments toward the very processes developers use to build and ship software. No organization should assume “we don’t use npm, so we’re safe”, because even downstream dependencies or dev toolchains can become the launch pad.”

This illustrates the need for a software bill of materials so that it is clear where software components come from. But beyond that, developers need to know and have full confidence in the components that they use. That way the chances of this sort of attack are lessened.

Leave a comment »

Kyndryl and Microsoft study reveals that 78% of leading organizations highlight IT as a key enabler of environmental goals

Posted in Commentary with tags on November 24, 2025 by itnerd

Kyndryl in collaboration with Microsoft, today announced the findings of the third annual Global Sustainability Barometer Study, conducted by Ecosystm. The study reveals that integration-focused organizations – those that align sustainability with business strategy, empower employees and adopt advanced technologies like AI – are driving measurable business value and lasting impact in today’s rapidly changing world.

Integration-focused organizations lead the way globally

The 2025 Global Sustainability Barometer Study identifies a decisive shift from years prior: leading organizations embed sustainability into their core business processes to outperform their peers across regions and industries. These leaders turn sustainability from a side initiative into a value-creation engine, driving resilience, competitiveness and market differentiation. Notably, 78% of integration-focused organizations highlight IT as a key enabler in achieving sustainability goals, leveraging data, automation and AI for measurable impact, and 56% of IT teams now lead sustainability efforts beyond IT, up from 38% in 2024.

Key global findings

  • Core driver of strategy: 62% of integration-focused organizations embed sustainability into their innovation, cost savings and resilience strategies – compared to 34% of others – transforming sustainability from a compliance requirement into a catalyst for long-term growth and competitive advantage.
  • Financial gains: 59% of organizations worldwide report financial benefits from sustainability investments, primarily through operational efficiency, customer retention and new market opportunities.
  • Early agentic AI adoption: Globally, 30% of all organizations are piloting or deploying agentic AI for sustainability, with early adopters reporting measurable gains in cost savings, innovation and compliance.
  • Connecting policy, people, and purpose: 73% of organizations globally report strong alignment between technology and sustainability teams. By connecting departmental objectives, empowering employees and engaging stakeholders, these leaders move sustainability from a compliance exercise to a driver of business value and lasting impact.
  • Regional and industry momentum: Europe leads in aligning tech modernization and AI adoption for sustainability, propelled by robust regulatory frameworks. Across all regions, countries accelerating sustainability cite clearer return on investment (ROI) or new revenue opportunities as the top drivers (67%). Additionally, industries leading in agentic AI adoption and experimentation include energy and utilities, banking and transport – with focus placed beyond energy and emissions optimization, on operational resilience, resource efficiency and sustainable product design.

The study findings align with the 2025 Kyndryl Readiness Report and recognize the deeper integration between sustainability and IT. The Readiness Report reveals that 27% businesses that invest in IT modernization achieve sustainability-based benefits through efficiency, innovation, security and compliance, while 22% cite improved energy efficiency or sustainability as a critical outcome for digital transformation ROI.


About the Global Sustainability Barometer Study
The third edition of the Global Sustainability Barometer Study, conducted by Ecosystm and commissioned by Kyndryl and Microsoft, reflects the perspectives of 1,286 enterprise leaders spanning 20 countries and nine industry groups. Conducted between August and September 2025, this study aims to provide a comprehensive view of how integration, strategy, and technology are transforming sustainability from compliance to competitive advantage.

Learn more about the study, From Planning to Progress: AI-Driven Sustainability in Practice

Leave a comment »

Safer Black Friday and Cyber Week Shopping Demand More Than One Tool – Research Yields Consumer Security Tips

Posted in Commentary with tags on November 24, 2025 by itnerd

As millions of consumers prepare their budgets, credit cards and digital wallets for Black Friday and Cyber Week, the common wisdom is clear: use a VPN to protect your financial data. But in a study conducted by PureVPN, researchers with Ontario Tech University and CQR Cybersecurity found that relying on a standalone VPN, or juggling it alongside separate password managers and ad blockers, creates a false sense of security that cyber thieves are ready and able to exploit. PureVPN also announced a Black Friday and Cyber Week pricing discount of 88 percent at $1.49/month for unified, attack-thwarting online shopping and communications.

According to the study “The Cost of Fragmentation: Measuring Time, Spend and Risk in Personal Cybersecurity Tool Stacks,” the use of separate security tools for VPNs, password management, and ad blocking creates a dangerous security gap. The data shows that 38% of modern cyberattacks now exploit stolen credentials and exposed connections, specifically by taking advantage of the data exposed by non-integrated tools.

The Hidden Risk of the Security Gap

Shoppers often assume they are safe if they have a password manager and a VPN installed. However, when these tools don’t communicate and integrate with one another, risks emerge. A typical example of this is when a consumer auto-fills credit card details or passwords on mobile devices while their separate VPN is disconnected, a common occurrence due to “alert fatigue,” and those credentials can travel over the exposed network.

Alert Fatigue: The Enemy of Safe Shopping

The rush of online Black Friday deals and the contention for in-store “door opener” specials are chaotic. Adding a barrage of security notifications can make this chaos worse – and for many, overwhelming. And that’s when a shopper turns to risky behaviors like turning off their VPN. The study found that the average consumer manages 3.4 distinct security apps, and spends up to 27 hours a year maintaining them, leading to a cycle of “alert chaos”:

  • 44% of users receive overlapping alerts from different apps.
  • 38% of those who receive overlapping alerts admit to ignoring these alerts entirely due to the volume.
  • 29–34% leave essential tools disabled or miss paid features, turning fragmented apps into “open doors” for attackers.

Safer Shopping Solution: Integrated and Easy Protection, Not Competing Apps

For a safer holiday shopping season, PureVPN is offering discounts on its new Unified Security Suite, which was specifically designed to close security gaps for mobile and online shoppers – especially those who aren’t IT hobbyists. Combining a VPN, Password Manager, Dark Web Monitoring, and Tracker Blocking into a single app, the suite ensures that critical actions are protected automatically.

Key PureVPN Unified Security Suite protections for Black Friday shoppers include:

  • Secured Autofill: The integrated VPN and Password Manager ensure that all time credentials or credit card numbers are autofilled as they travel through an encrypted tunnel.
  • Real-Time Anti-Tracking: The built-in Tracker & Ad Blocker stops advertisers and malicious scripts from building profiles based on shopping habits.
  • Real Savings: By replacing redundant subscription apps, users can stop wasting the costs of overlapping, non-integrated apps, which can cost as much as $850 annually, according to the study’s research findings.

PureVPN’s Black Friday and Holiday Season Pricing – Now 88% Off.

PureVPN has launched a $1.49/month Black Friday offer on its Unified Security Suite app to help protect privacy in response to the last year of rising cybercrime, offering consumers the best value-to-feature ratio among VPN providers.

Availability

The new unified PureVPN app is now available on Android and iOS. This Black Friday, shoppers can secure their digital footprint not just with a VPN, but with a complete, integrated defensive perimeter. With the Unified Security Suite now live on both platforms, PureVPN is redefining personal protection: one app, zero complexity, complete peace of mind.

To learn more, visit: https://www.purevpn.com/order

Leave a comment »

« Older Entries
Newer Entries »