Copyright TechTarget - All rights reserved https://cyber.law.harvard.edu/rss/rss.html Techtarget Feed Generator en Sat, 13 Jun 2026 15:46:50 GMT https://www.techtarget.com/whatis editor@techtarget.com <p>The Enterprise Connect session on 911 requirements is arguably the only topic at the conference with life-or-death implications. Get 911 wrong, and you put health and safety in danger. Without proper 911 administration, anyone who needs assistance may not reach the right emergency services call center, and first responders may not locate callers quickly.</p> <p>The panel discussion had some key takeaways and action items for anyone responsible for emergency services calling management.</p> <p><b>Editor's note:</b> <i>This article provides no legal guidance. We recommend those responsible for 911 location and call routing management consult with appropriate legal counsel to determine their organization's risk and potential liability.</i></p> <section class="section main-article-chapter" data-menu-title="NG911 moves from planning to implementation"> <h2 class="section-title"><i class="icon" data-icon="1"></i>NG911 moves from planning to implementation</h2> <p>At Enterprise Connect 2024, the 911 requirements discussion shifted from <a href="https://www.techtarget.com/searchunifiedcommunications/quiz/Test-your-knowledge-of-E911-compliance-requirements">Enhanced 911</a> (E911) toward Next Generation 911 (NG911). E911 enables 911 call centers or public safety answering points to identify a caller's location and phone number. The location could be as simple as the caller's building address, or it might include additional dispatchable location information, such as floor, wing or cubicle.</p> <p>For the last several years, various civic and government organizations, including the National Emergency Number Association (NENA), have led the <a href="https://www.techtarget.com/searchunifiedcommunications/tip/Companies-prep-for-NG911-implementation-but-hurdles-remain">development of Next Generation 911</a> (NG911), which enables callers to share more information with first responders. This could include floor plans, information on elevators and building access points, sensor data, video and more.</p> <p>While not <a target="_blank" href="https://urgentcomm.com/911/continued-pause-announced-for-california-statewide-ng911-deployment" rel="noopener">every emergency call center</a> can support NG911, deployments are increasing. Several unified communications and third-party vendors are introducing NG911 services, offering the potential for faster and more accurate responses to emergency scenarios.</p> <p>The FCC has also adopted NG911 transition rules for originating service providers. When a 911 authority makes a valid request, providers must support transition requirements that can include IP-based SIP delivery, connectivity testing, location information and interoperability with NG911 delivery points.</p> <p>NG911 can improve location handling by using more dynamic location information from systems such as location management servers, network components and GPS-capable devices. Instead of relying only on static E911 database records that can contain errors or update slowly, NG911 architectures are designed to send richer, more current data with emergency calls.</p> <p>Panelists agreed that NG911 is not just emerging. Rather, NG911 is here today, and telecom managers must take an active approach to implement it in their environments.</p> <blockquote class="main-article-pullquote"> <div class="main-article-pullquote-inner"> <figure> Telecom managers must stay abreast of emerging trends and technologies that help first responders locate callers and have the information they need to deal with an emergency quickly and effectively. </figure> <i class="icon" data-icon="z"></i> </div> </blockquote> </section> <section class="section main-article-chapter" data-menu-title="Local authorities can help with compliance"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Local authorities can help with compliance</h2> <p>Metrigy found that just 63.8% of the 400 organizations participating in its "Employee Engagement Optimization: 2025" <a href="https://metrigy.com/product/employee-engagement-optimization-2025/" target="_blank" rel="noopener">study</a> believed they were compliant with the two federal laws governing 911 in the U.S. The two laws are the following:</p> <ol class="default-list"> <li><b>Kari's Law</b>, which requires direct dial to 911 (no prefix), contemporaneous notification of appropriate central location and a valid callback number.</li> <li><b>RAY BAUM's Act</b>, which requires transmission of dispatchable location information to the emergency call center.</li> </ol> <p>In these situations, the <a href="https://www.techtarget.com/searchunifiedcommunications/tip/5-key-strategies-to-ensure-E911-compliance">issue of compliance</a> is clouded in uncertainty, especially for older multiline phone systems that predate the laws, remote employees and fixed-mobile services that transform mobile phones into an extension of the enterprise phone system.</p> <p>The conference panelists provided the following advice for organizations to become compliant with 911 requirements:</p> <ul class="default-list"> <li>Seek legal guidance.</li> <li>Communicate 911 calling limitations with employees and other in-building personnel, such as contractors.</li> <li>Engage with local authorities to understand what they need to accurately respond to an emergency. Telecom managers need to communicate regularly with first responders and test their 911 configurations.</li> </ul> <div class="btt-thumbnailContainer"> <span class="btt-thumbnailTitle">Recapping Enterprise Connect 2024</span> <a class="btt-thumbnailLink" data-video-id="611743" data-channel-id="18865"> <div class="btt-thumbnailImgContainer"> <img class="btt-videoBtThumbnail" src="https://cdn.brighttalk.com/ams/california/images/communication/611743/image_974436.png?width=640&amp;height=360"> </div></a> <time class="btt-video-duration" datetime="PT18M28S">18:28</time> </div> <div class="btt-modal"> <div class="btt-modal-content"></div> </div> </section> <section class="section main-article-chapter" data-menu-title="Mobile phones pose problems"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Mobile phones pose problems</h2> <p>An interesting point of discussion was the shift to a mobile phone-first world. A few years ago, NENA <a target="_blank" href="https://www.nena.org/page/911statistics" rel="noopener">estimated</a> that, in many areas, 80% of 911 calls originated from mobile devices.</p> <p>However, in many cases, if employees call 911 from personal or company-provided mobile phones, those calls bypass the enterprise phone system and UCaaS provider. That means they may not trigger enterprise workflows for internal notification or provide the same level of in-building dispatchable location detail that organizations manage for MLTS and UC calling.</p> <p>First responders might arrive at a building without knowing exactly where to find the caller, and on-site personnel might not know about the call. In addition, companies that rely solely on mobile phones must ensure they don't have dead spots that inhibit employees from making 911 calls in an emergency.</p> <p>Some vendor services enable companies to geofence their offices. In these cases, when a person inside a building calls 911, the 911 operator can see more detailed location information, and the front desk security personnel receive a notification. In addition, wireless 911 location rules and emerging location technologies are improving vertical, or z-axis, location information, which can help first responders identify a caller’s floor in multistory buildings, enabling them to reach the caller.</p> </section> <section class="section main-article-chapter" data-menu-title="Track emerging trends"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Track emerging trends</h2> <p>911 isn't sexy. It doesn't get the attention of AI. And investing in 911 is an employee safety and risk avoidance move, not one that generates revenue.</p> <p>But 911 is the only topic in the telecom world with life-or-death implications. Those responsible for telecom management must get it right. Telecom managers must stay abreast of emerging trends and technologies that help first responders locate callers and have the information they need to deal with an emergency quickly and effectively.</p> <p><b>Editor's note:</b> <i>This article was updated to improve the reader experience.</i></p> <p><i>Irwin Lazar is president and principal analyst at Metrigy, where he leads coverage on the digital workplace. His research focus includes unified communications, VoIP, video conferencing and team collaboration.</i></p> </section> Next Generation 911 supports richer emergency communications and better location data. Learn what NG911 means for enterprise 911 compliance, mobile calls and risk. https://cdn.ttgtmedia.com/rms/onlineimages/check_g496816315.jpg https://www.techtarget.com/searchunifiedcommunications/tip/Enhanced-911-transitions-to-Next-Generation-911 Fri, 12 Jun 2026 15:20:00 GMT <p>With the rise of AI, the need for specialized low-latency processing to rapidly produce and render images, videos and 3D graphics is surging. GPUs, which can run thousands of mathematical operations, are foundational to facilitating the development and deployment of AI-driven applications. But global demand for GPU-centric computing has exceeded hyperscaler capacity. Specialized providers emerged to deliver GPU-as-a-service platforms, known as <i>neocloud</i>.</p> <p>Neoclouds offer high-performance GPU compute power essential for <ins datetime="2026-05-28T11:15" cite="mailto:Darah,%20Deanna"><a href="https://www.techtarget.com/searchdatacenter/feature/Infrastructure-for-machine-learning-AI-requirements-examples">AI and machine learning workloads</a></ins>. These specialized, purpose-built clouds provide dense GPU clusters and ultra-low-latency interconnects to support accelerated, power-efficient processing for AI and ML tasks. Neoclouds give organizations access to on-demand GPU clusters, typically bare metal, without requiring clients to sign up for the extensive set of adjacent services associated with hyperscaler engagements. &nbsp;</p> <p>These GPU clusters can be located at the edge, closer to content creation and consumption points, to alleviate latency issues. Vendors recognize the AI opportunity as a significant revenue opportunity, projecting the pipeline for connectivity in this <ins datetime="2026-05-28T10:40" cite="mailto:Darah,%20Deanna"><a target="_blank" href="https://www.reuters.com/technology/nvidia-invest-2-billion-ai-cloud-firm-nebius-2026-03-11/" rel="noopener">$2 billion sector.</a></ins></p> <section class="section main-article-chapter" data-menu-title="Raising the design quotient"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Raising the design quotient</h2> <p>So, how does a neocloud interconnection architecture <ins datetime="2026-05-28T10:45" cite="mailto:Darah,%20Deanna"><a href="https://www.datacenterknowledge.com/ai-data-centers/neoclouds-vs-hyperscalers-will-ai-s-specialized-clouds-prevail-">differ from traditional cloud infrastructure</a></ins>? The compute performance required to support AI workloads necessitates ultra-high-bandwidth, low-latency network connectivity.</p> <p>To support GPU clusters, neocloud providers often use a dual-network approach with the following:</p> <ul type="disc" class="default-list"> <li>A conventional front-end Ethernet network for user traffic.</li> <li>A second high-performance backend fabric network.</li> </ul> <p>The second network is dedicated to GPU-to-GPU communication, enabling AI <ins datetime="2026-05-28T10:50" cite="mailto:Darah,%20Deanna"><a href="https://www.techtarget.com/whatis/definition/cluster">clusters</a></ins> to process high volumes of internal data flows. This setup ensures optimal performance without the bottlenecks that happen on a traditional cloud network.&nbsp;</p> <p>Neoclouds often use <ins datetime="2026-05-28T11:34" cite="mailto:Darah,%20Deanna"><a href="https://www.techtarget.com/searchnetworking/definition/network-fabric">network fabrics</a></ins> such as InfiniBand because the technology delivers greater bandwidth and lower latency than traditional data center Ethernet connectivity to support parallel GPU workload processing. This fabric removes networking overhead that can impede sizable AI training tasks.</p> <p>Unlike conventional cloud networks built to move north-south client-server traffic, neocloud interconnections need to be optimized for east-west data transfer between servers. In a neocloud, the GPU network must move significant synchronization traffic for distributed AI training <ins datetime="2026-05-28T11:07" cite="mailto:Darah,%20Deanna"><a href="https://www.techtarget.com/searchnetworking/answer/How-to-test-for-packet-loss-on-a-broadband-connection">without packet loss</a></ins>. The neocloud network, in essence, is a high-performance computing cluster interconnect that supports potentially thousands of GPUs working simultaneously without throughput barriers.</p> <p>Because these networks are dedicated to AI workloads, the isolation eliminates the contention and jitter typical of a multi-tenant network. This enables the consistent, predictable performance required for AI.</p> <p>Organizations must ensure their networking procedures are aligned with neocloud architectures. Instead of handling conventional branch-to-data center transfers, SASE networks handle high-throughput AI model training and inference traffic. SASE and SD-WAN policies are necessary to ensure high bandwidth and minimal packet loss for data-intensive training sets.</p> </section> <section class="section main-article-chapter" data-menu-title="Rising to the challenge"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Rising to the challenge</h2> <p>Neoclouds can provide the foundation organizations need to develop and deploy AI-driven applications. But the inherent complexity of integration and connectivity differs from that in conventional cloud environments. Unlike hyperscaler clouds, which typically offer easy entry points and peering for enterprise interconnections, neoclouds don't use public internet exchanges. This can cause erratic latency and throughput. This places the onus on network operations teams to build bespoke connections.</p> <p>The intensive computing requirements in a neocloud environment mean AI performance can take a hit if the network isn't up to the task. In many cases, neocloud providers are still expanding capacity. This can hamper scalability and performance.</p> <p>Because neoclouds are so nascent, mature hyperscaler environments could lack certain security and observability features. The responsibility to build these capabilities could fall to enterprise security and operations teams. Neocloud providers also tend to offer fewer tools and have more limited partner ecosystems than their hyperscaler peers. This places an additional burden on customers who likely lack the internal neocloud skillset.</p> <p>For organizations that already navigate the challenge of managing a multi-cloud environment, neocloud adds another layer of complexity. From a networking perspective, this translates into more involved <ins datetime="2026-05-28T11:11" cite="mailto:Darah,%20Deanna"><a href="https://www.techtarget.com/searchnetworking/feature/BGP-tutorial-The-routing-protocol-that-makes-the-Internet-work">routing and policy management</a></ins>.</p> </section> <section class="section main-article-chapter" data-menu-title="On the flip side"> <h2 class="section-title"><i class="icon" data-icon="1"></i>On the flip side</h2> <p>Neoclouds can provide a path forward for optimal multi-cloud computing by providing an environment dedicated to the specific requirements of AI applications while maintaining standard infrastructure for general workloads. In other words, neocloud is not a replacement for conventional cloud, but a parallel specialized environment.</p> <p>From a cost perspective, neoclouds promise cost savings of 50% to 70% compared to <ins datetime="2026-05-28T11:14" cite="mailto:Darah,%20Deanna"><a href="https://www.techtarget.com/searchenterpriseai/feature/FinOps-can-manage-AI-computing-costs-experts-say">running AI compute in conventional public clouds</a></ins>. Because neoclouds are designed specifically for AI workloads, they rely on infrastructure and capabilities such as advanced liquid cooling to deliver faster model training and more efficient GPU utilization.</p> </section> <section class="section main-article-chapter" data-menu-title="Best practices for neocloud success"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Best practices for neocloud success</h2> <p>Some organizations might feel rushed to develop AI-driven applications that produce desired business outcomes. For neocloud deployment, however, enterprises should consider many factors in advance. Two of the most important questions organizations should ask are the following:</p> <ol type="1" start="1" class="default-list"> <li>Does the architecture map to business objectives?</li> <li>Is the planned application aligned with an organization's mission?</li> </ol> <p>With AI mandates being set across enterprises, it can create a rushed mentality toward developing AI-driven applications that produce desired business outcomes.&nbsp;&nbsp;</p> <p>Businesses need to produce a consistent network model across clouds while creating policy variations that meet workload requirements. Cost also needs to be part of the equation. Inefficient deployments have plagued multi-cloud implementations, which drive up expenses and reduce dividends. Enterprises need to approach the total costs of neocloud connectivity with this in mind.</p> <p>Network standards and the ability to move workloads to secondary environments are key issues that need to be addressed. A neocloud environment where critical AI workloads run must be resilient from the beginning.</p> <p><em>Amy Larsen DeCarlo has covered the IT industry for more than 30 years, as a journalist, editor and analyst. As a principal analyst at GlobalData, she covers managed security and cloud services.</em></p> </section> Demand for computational power optimized for AI is driving the rise of the neocloud, but can the transport infrastructure keep up with the pace of change? https://cdn.ttgtmedia.com/rms/onlineimages/cloud_g1297025236.jpg https://www.techtarget.com/searchnetworking/tip/How-neocloud-is-influencing-network-connectivity Fri, 12 Jun 2026 15:15:00 GMT <p>Due to the growing popularity of AI-enabled development, the market for AI coding tools is getting increasingly crowded. Organizations can choose from context-aware integrated development environments (IDEs) and editors like Replit and Google Antigravity, autonomous coding agents such as Claude Code, coding assistants like <a href="https://www.techtarget.com/searchsoftwarequality/news/366623845/New-GitHub-Copilot-agent-edges-into-DevOps">GitHub Copilot</a> and Sourcegraph Cody, and generative AI (GenAI) platforms such as ChatGPT. Together, these tools are making custom development faster, easier and more accessible.</p> <p>These benefits notwithstanding, this modern development approach also presents several limitations and challenges.</p> <p>This article explores how AI lowers development barriers for three categories of enterprise software. It also unpacks the limitations of AI-assisted development and provides guidance to help organizations navigate the tradeoffs between building custom software and buying ready-made suites.</p> <section class="section main-article-chapter" data-menu-title="UCC: Build or buy?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>UCC: Build or buy?</h2> <p>A unified communications and collaboration (<a href="https://www.techtarget.com/searchunifiedcommunications/definition/unified-communications-and-collaboration-UCC">UCC</a>) platform integrates multiple communication capabilities into a single, centralized, cohesive ecosystem. This eases business collaboration and enables seamless communication mobility for remote or hybrid teams.</p> <h3>Where custom AI shines</h3> <p>AI tools accelerate UCC software development by automating coding, testing, debugging and even providing documentation so that companies can launch messaging, video calling, virtual whiteboards and other features much faster compared with traditional development approaches. With AI assistance, developers can easily create custom collaboration workflows, integrations, automations and features tailored to the needs of specific organizations. They can also use GenAI tools and AI agents to build custom chatbots, test and debug the platform and even prepare user documentation.</p> <h3>Where suites win</h3> <p>While AI is changing how organizations build, customize and optimize UCC platforms, readily available UCC platforms like Microsoft Teams and Zoom also offer several advantages, including prebuilt integrations to accelerate organization-wide UCC deployment and ease platform scalability.</p> <p>Another advantage of buying a UCC suite is that UCC vendors manage all code updates. This lowers the customer firm's maintenance costs and reduces its operational complexity. Vendor-led maintenance can also help keep integrations and connections functional, relevant and reliable as connected systems evolve, though customers still need to govern configurations, APIs and custom workflows.</p> <p><a href="https://www.techtarget.com/searchunifiedcommunications/feature/Explore-unified-communication-products-for-your-organization">Popular UCC products</a> include Microsoft Teams, <a href="https://www.techtarget.com/searchunifiedcommunications/definition/Cisco-Webex">Cisco Webex</a>, Zoom Workplace and Slack.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/microsoft_teams_phone_vs_cisco_webex_calling-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/microsoft_teams_phone_vs_cisco_webex_calling-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/microsoft_teams_phone_vs_cisco_webex_calling-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/microsoft_teams_phone_vs_cisco_webex_calling-f.png 1280w" alt="Table comparing Microsoft Teams Phone features against Cisco Webex Calling features" height="482" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Microsoft Teams and Cisco Webex are two popular collaboration platforms with integrated support, analytics and auto attendant features. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <h3>What to consider</h3> <p>AI tools can generate code for UCC platforms much faster than human developers. However, AI-generated code may contain inefficient logic that introduces latency and degrades user experience. AI tools can also create "buggy" or insecure code. A 2026 IOActive <a href="https://www.ioactive.com/the-security-gap-in-ai-generated-code/" target="_blank" rel="noopener">report</a> found that 31.6% of the AI-generated code samples it tested were fully vulnerable, with exploitable security flaws. The finding underscores the need for human review, secure development practices and security testing before AI-generated code reaches production.</p> <p>AI-generated code can also be difficult to maintain over time if development teams lack visibility into how the code was produced. Dependence on proprietary AI development environments and intellectual property theft are some of the other risks of AI-assisted UCC development.</p> <p>Of course, purchasing a commercial UCC product also involves certain tradeoffs between benefits and drawbacks.</p> <p>For one, its features may not fully align with an organization's unique workflows or operational requirements. They could also face integration challenges when connecting custom workflows to other enterprise systems, such as CRM or ERP. Also, as business needs evolve, maintaining and updating custom features can increase long-term costs.</p> <p><a href="https://www.techtarget.com/searchdatacenter/definition/vendor-lock-in">Vendor lock-in</a> is another significant drawback. Depending on a single UCC vendor limits an organization's flexibility. Migrating to a different vendor or product can also be costly. Off-the-shelf UCC suites also require ongoing governance to ensure compliance with data privacy and security standards.</p> </section> <section class="section main-article-chapter" data-menu-title="ERP and SCM: Build or buy?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>ERP and SCM: Build or buy?</h2> <p><a href="https://www.techtarget.com/searcherp/definition/ERP-enterprise-resource-planning">ERP</a> and supply chain management (<a href="https://www.techtarget.com/searcherp/definition/supply-chain-management-SCM">SCM</a>) platforms are critical for enabling companies to unify core processes, streamline operations, reduce costs and respond more effectively to business disruptions.</p> <h3>Where custom AI shines</h3> <p>AI enables companies to build custom modules and interfaces for ERP and SCM systems, particularly when standard systems do not address their specific business needs. AI simplifies the creation of automations and workflows within ERP and SCM, reducing manual development effort and operational costs. AI tools can also ease the integration of advanced demand forecasting tools and capabilities such as intelligent inventory optimization, anomaly detection and automated reporting.</p> <p>Lenovo offers one example of how AI can support supply chain planning and disruption response. A May 2026 NC State University Supply Chain Resource Cooperative <a href="https://scm.ncsu.edu/scm-articles/article/building-the-intelligent-supply-chain" target="_blank" rel="noopener">case study</a> described Lenovo's in-house AI-powered supply chain platform, iChain, which uses company data and external signals to support risk sensing, planning and decision intelligence. In it, Jack Fiedler, Lenovo's senior vice president of global supply chain, described how the hardware supplier used AI to <a href="https://www.computerweekly.com/news/366640549/AI-infrastructure-investment-in-the-Middle-East-enters-a-new-geopolitical-reality" target="_blank" rel="noopener">monitor geopolitical events</a> and anticipate potential logistics disruptions, such as airspace closures, so teams could develop mitigation plans earlier.</p> <h3>Where suites win</h3> <p>While AI is transforming ERP and SCM development, it also has several limitations.</p> <p>Building enterprise platforms internally -- even with user-friendly AI tools -- requires substantial, expensive human expertise across a wide variety of areas, including infrastructure, cybersecurity, governance and code maintenance. Another problem is that generic AI models lack visibility into firms' unique configurations, module interactions and master data hierarchies unless they are securely grounded in internal code, documentation and system context. This visibility gap could limit the system's reliability. It could also lead to data corruption and hinder cross-system decision-making.</p> <p>AI-generated ERP/SCM architectures might contain security vulnerabilities, logic inconsistencies or governance gaps. Without rigorous human oversight and secure development controls, AI-generated code can introduce authorization gaps, injection risks, hardcoded credentials or other vulnerabilities into production environments. Finally, AI tools could generate obsolete or incorrect code, making it harder to maintain a reliable system in the long-term.</p> <blockquote class="main-article-pullquote"> <div class="main-article-pullquote-inner"> <figure> Without rigorous human oversight and secure development controls, AI-generated code can introduce authorization gaps, injection risks, hardcoded credentials or other vulnerabilities into production environments. </figure> <i class="icon" data-icon="z"></i> </div> </blockquote> <p>Companies can avoid these problems by investing in commercial ERP/SCM suites.</p> <p>Mature, enterprise-grade ERP and SCM suites from reliable vendors are designed with industry-specific best practices baked in. These products reduce implementation timelines and risk. They also integrate numerous core processes and features into a centralized platform to reduce data silos and improve workflow coordination. Additionally, most vendors offer ongoing support in the form of system monitoring, continuous quality checks and security patches, so organizations don't need to maintain large, expensive in-house maintenance tools and teams.</p> <p>Popular ERP platforms include SAP Cloud ERP, <a href="https://www.techtarget.com/searcherp/news/366640636/Oracle-calls-Fusion-Agentic-Applications-next-level-AI-for-ERP">Oracle Fusion Cloud ERP</a> and Microsoft Dynamics 365 Finance, while SAP Integrated Business Planning, Oracle Fusion Cloud SCM, Microsoft Dynamics 365 Supply Chain Management and Blue Yonder are major SCM or supply chain planning options.</p> <h3>What to consider</h3> <p>Off-the-shelf products might not fully align with an organization's unique operational workflows or integrate well with its legacy systems, so enterprises might need to build, update and manage custom-built components. These activities require specialized, hard-to-find talent that can increase operational costs.</p> <p>Another challenge: If the workflows and modules are not properly maintained or integrated with core systems, the organization's technical debt could increase. Poor integration -- especially in combination with weak governance -- can also create security or compliance issues, increasing the risk of data loss and compliance violations.</p> </section> <section class="section main-article-chapter" data-menu-title="CX: Build or buy?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>CX: Build or buy?</h2> <p>Customer experience (<a href="https://www.techtarget.com/searchcustomerexperience/definition/customer-experience-CX">CX</a>) platforms collect and analyze customer feedback, behavioral signals, service interactions and journey data to help companies reduce friction in customer journeys and deliver more personalized, consistent experiences.</p> <h3>Where custom AI shines</h3> <p>GenAI- and agentic-AI powered development tools are increasingly transforming how organizations build CX platforms. AI tools reduce the time and effort required to launch, enhance or modernize them. Organizations can also incorporate advanced capabilities into the platforms, such as intelligent routing, real-time customer insights, personalized recommendation engines or sentiment analysis dashboards. Additionally, developers can use AI to improve customer engagement across digital channels by setting up automated chatbots.</p> <p>Vodafone offers one example of AI-enabled customer care development. Using Microsoft's GenAI tools, the company developed SuperTOBi and SuperAgent to improve customer self-service and help customer care agents respond to complex queries more efficiently.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/key_attributes_of_agentic_ai_vs_generative_ai-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/key_attributes_of_agentic_ai_vs_generative_ai-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/key_attributes_of_agentic_ai_vs_generative_ai-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/key_attributes_of_agentic_ai_vs_generative_ai-f.png 1280w" alt="Table comparing agentic and generative AI key attributes" height="330" width="559"> <figcaption> <i class="icon pictures" data-icon="z"></i>Advances in both agentic AI and GenAI are transforming the development of CX platforms. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <h3>Where suites win</h3> <p>While AI can be a game-changer for CX platform development, relying heavily on AI tools may create several problems for organizations, including security and compliance risks. CX AI systems often need access to large volumes of customer interaction data for grounding, personalization, evaluation or fine-tuning, which raises privacy, security and governance requirements. Without strong security guardrails, human oversight and governance, this data is vulnerable to manipulation and theft, opening up serious compliance and legal liabilities for organizations.</p> <p><a href="https://www.techtarget.com/searchsecurity/tip/Security-risks-of-AI-generated-code-and-how-to-manage-them">AI-generated code might also contain hidden security vulnerabilities</a> or flawed logic that could affect the platform's reliability. Additionally, AI-generated code might not properly connect with other enterprise systems, such as CRM or marketing automation. Integration gaps can lead to incomplete or outdated customer records or broken workflows, resulting in fragmented or inconsistent CX and potentially damaging customer trust and brand reputation. Lastly, AI-generated CX architectures could be difficult and expensive to troubleshoot and maintain, particularly in complex enterprise environments with dense integrations and evolving requirements.</p> <p>CX suites can help companies to avoid the challenges of AI-assisted development. Commercial products provide prebuilt integrations, eliminating the need for costly custom development and enabling seamless syncing of data across all departments, business systems (e.g., CRM, ticketing systems) and communication channels.</p> <p>Many platforms also provide numerous mature capabilities out of the box, such as customer journey orchestration, sentiment analysis, predictive recommendations, analytics, personalization, workflow automation and chatbots. These capabilities enable organizations to better understand customers and meet their CX expectations -- without significantly increasing implementation timelines, cost or risk. Additionally, CX platforms from established vendors typically include security, privacy and compliance controls that can help organizations meet regulatory obligations, but customers still need to configure, govern and document how customer data is processed.</p> <p><a href="https://www.techtarget.com/whatis/feature/Best-customer-experience-management-software">Popular CX platforms</a> include <a href="https://www.techtarget.com/searchcustomerexperience/news/366643472/Zendesk-adds-AI-tools-in-pursuit-of-autonomous-service">Zendesk</a>, Qualtrics CustomerXM, Salesforce Service Cloud and Adobe Experience Cloud.</p> <h3>What to consider</h3> <p>Significant human effort and expertise may be needed to integrate custom CX offerings with some business systems. Also, customization can be limited by vendor architecture, licensing models and integration constraints, preventing organizations from tailoring the system to their unique workflows or customer segments. Thirdly, organizations might incur additional costs to scale custom features to handle increased customer data and traffic, add third-party digital channels, and maintain and update the platform.</p> <p>Lastly, they might have limited control over how the platform processes sensitive customer data. In-house governance weaknesses could make it difficult to manage data privacy and ensure compliance with stringent regulations such as GDPR.</p> </section> <section class="section main-article-chapter" data-menu-title="Which approach is better?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Which approach is better?</h2> <p>To choose the right paradigm, leaders need to carefully weigh the benefits of each against its tradeoffs in governance, integration, staffing, technical debt and ongoing costs. It is equally important to ensure that build vs. buy decisions align with broader business objectives and operational realities.</p> <p>Organizations pursuing AI-driven innovation can realize significant benefits. However, AI also shifts governance, integration responsibility and long-term cost management <i>back</i> onto the enterprise. The key to low-risk AI-enabled development is to adopt a strategic approach that balances opportunity with risk. By doing so, organizations can create successful, AI-forward operating models.</p> <p><i>Rahul Awati is a PMP-certified project manager with IT infrastructure experience spanning storage, compute and enterprise networking.</i></p> </section> AI is making custom development more accessible, but it also shifts governance, integration responsibility and long-term cost back onto the enterprise. https://cdn.ttgtmedia.com/rms/onlineimages/collab_a275903017.jpg https://www.techtarget.com/searchenterprisedesktop/feature/How-AI-is-reshaping-the-software-build-vs-buy-decision Fri, 12 Jun 2026 14:58:00 GMT <p>A little foresight can go a long way to support an ERP implementation. COOs or other C-suite members serving as the project sponsor should be proactive about ensuring the team is planning the right steps for the post-implementation process.</p> <p>Reaching a new ERP system's go-live milestones is crucial for a successful rollout, but important work remains after go-live. The implementation team might have needed to postpone some issues until after the go-live date, and some specific tasks must wait until after go-live regardless. C-suite leaders should understand that completion of post-implementation tasks can make or break an ERP system's adoption.</p> <p>Here are the tasks the project team should carry out post-ERP implementation as well as how they can prepare before go-live so they're set up for success.</p> <section class="section main-article-chapter" data-menu-title="1. Focus on ERP training"> <h2 class="section-title"><i class="icon" data-icon="1"></i>1. Focus on ERP training</h2> <p>A small selection of employees might begin training before go-live. But the main training period will usually occur right after go-live, when the implementation and training team makes sure all employees and external users acquire the knowledge needed to use the new system. This is also an opportunity for the training team to refine their training material based on early feedback from the training sessions they run.</p> <p>To make the training easier for employees, project leaders should consider building and regularly adding to an FAQ that compiles questions from employees as employees send them and making sure the FAQ provides clear answers.</p> </section> <section class="section main-article-chapter" data-menu-title="2. Finalize process documentation"> <h2 class="section-title"><i class="icon" data-icon="1"></i>2. Finalize process documentation</h2> <p>The ERP implementation likely involved updates like automating manual processes or changing an existing process to fit within the new ERP's functionality.</p> <p>The ERP configuration team should have kept much of the process documentation up to date during configuration. After the implementation, the team should carry out a final review of the documents and&nbsp;<a href="https://www.computerweekly.com/opinion/Succession-in-the-world-of-ERP">simplify the instructions</a>&nbsp;on how to use the documents, if needed.</p> </section> <section class="section main-article-chapter" data-menu-title="3. Prioritize outstanding issues"> <h2 class="section-title"><i class="icon" data-icon="1"></i>3. Prioritize outstanding issues</h2> <p>Often some issues aren't resolved during the final testing phase and before go-live. Project leaders should make sure the tasks that were previously postponed aren't forgotten after the go-live.</p> <p>COOs should ensure the project manager has scheduled a meeting with key stakeholders shortly after go-live so the project manager can review the outstanding issues and prioritize them for resolution against any new issues reported post go-live.</p> </section> <section class="section main-article-chapter" data-menu-title="4. Respond to user questions"> <h2 class="section-title"><i class="icon" data-icon="1"></i>4. Respond to user questions</h2> <p>ERP system&nbsp;<a href="https://www.techtarget.com/searcherp/feature/Top-change-management-tips-for-ERP-implementation-success">users will inevitably have questions</a>&nbsp;after go-live, no matter how well training is conducted. The ERP project team should make sure users know who to contact for answers.</p> <p>In addition, if external parties are accessing the ERP system, they might need different contact options than internal users.</p> </section> <section class="section main-article-chapter" data-menu-title="5. Schedule project update meetings"> <h2 class="section-title"><i class="icon" data-icon="1"></i>5. Schedule project update meetings</h2> <p>Once the ERP system is live, key stakeholders will&nbsp;<a href="https://www.techtarget.com/searcherp/answer/What-is-a-commonly-overlooked-step-in-an-ERP-implementation">continue to request updates</a>. For example, they might ask for information on deferred issues, identify new ones, ask for statistics on system usage and request updates on how the project is tracking against KPIs.</p> <p>The project team must continue providing updates and producing dashboards until everyone agrees the project is closed or the next phase of the project is initiated.</p> </section> <section class="section main-article-chapter" data-menu-title="6. Carry out data migration"> <h2 class="section-title"><i class="icon" data-icon="1"></i>6. Carry out data migration</h2> <p>The implementation project team might not have migrated all the historical data during the project because&nbsp;<a href="https://www.techtarget.com/searcherp/tip/5-ERP-implementation-best-practices-CIOs-should-know">the data is old</a>&nbsp;and of a lower priority. The organization also might have decided not to include the historical data in the new ERP because it will be stored in a separate system.</p> <p>If the historical data will be stored in the new ERP, then the project team will need to take care of the data migration following go-live.</p> </section> <section class="section main-article-chapter" data-menu-title="7. Clean up data"> <h2 class="section-title"><i class="icon" data-icon="1"></i>7. Clean up data</h2> <p>After go-live, the project team might need to quickly resolve issues with some of the migrated data.</p> <p>These issues might not have been resolved before because of a tight deadline for the data migration or because decisions made during the data migration process might need to be reversed now. For example, the team might have created duplicate records for the same vendor during the data migration, and the team needs to delete the duplicates.</p> <p>The team might also find previously unknown errors that they missed during the data migration process. For example, the data conversion scripts might have changed the data in an unexpected way.</p> </section> <section class="section main-article-chapter" data-menu-title="8. Carry out a post-implementation review"> <h2 class="section-title"><i class="icon" data-icon="1"></i>8. Carry out a post-implementation review</h2> <p>Shortly after go-live, the project leader should arrange meetings to discuss the project and document what went well and what could be improved in a future release or for the next IT project. Depending on the size of the project team, it may be necessary to schedule multiple meetings to make sure everyone has a chance to submit feedback. Also, having different meetings for different stakeholder groups can keep each meeting focused on topics relevant to attendees. For example, a vendor may have had a different experience than someone in the finance department or a technical resource assigned to the project.</p> <p>The project leader may want to use multiple mediums to capture feedback, including in-person and remote meetings as well as surveys and informal discussions to gather input.</p> </section> <section class="section main-article-chapter" data-menu-title="9. Offboard departing team members"> <h2 class="section-title"><i class="icon" data-icon="1"></i>9. Offboard departing team members</h2> <p>Team members often move on to other projects shortly after the go-live milestone. Before that happens, project leaders should make sure departing team members finish any necessary tasks.</p> <p>These tasks might include finalizing implementation documents, completing any outstanding expense reports and timesheets and potentially training another team member on their area of responsibility.</p> </section> <section class="section main-article-chapter" data-menu-title="10. Complete project closeout"> <h2 class="section-title"><i class="icon" data-icon="1"></i>10. Complete project closeout</h2> <p>Once the implementation is complete, the team might need to complete some specific tasks to officially close the project.</p> <p>Tasks include finalizing all the necessary documents, ensuring the software development code is stored properly, finalizing payments and confirming that all tasks that were outstanding at go-live are complete. If the project will continue with a next phase, then these activities should focus on closing the previous phase.</p> </section> <section class="section main-article-chapter" data-menu-title="11. Plan for the next phase"> <h2 class="section-title"><i class="icon" data-icon="1"></i>11. Plan for the next phase</h2> <p>The organization will likely need to complete additional work post go-live. That work might include implementing new features, addressing new or previously known defects, or integrating a third-party tool.</p> <p>The implementation team should initiate a new planning cycle before starting these tasks so the group can scope the work, get approval and build a team. The team should also give key stakeholders an opportunity to provide input into the items that the group will address and the time frame in which they will do so.</p> </section> <section class="section main-article-chapter" data-menu-title="12. Monitor AI responses and insights"> <h2 class="section-title"><i class="icon" data-icon="1"></i>12. Monitor AI responses and insights</h2> <p>Post go-live, the project leader should be sure to assign one or more team members the task of actively monitoring the results and insights provided by AI. These people can potentially provide the correct answers when AI tools provide wrong or vague answers. In this way, the AI tool learns for future questions.</p> <p>Also, it's important that a human validates any AI-generated insights or reports to confirm their accuracy.</p> <p>While AI has come a long way in the past couple of years, there are still nuances in the English language that AI might not understand. For example, there may be instances where AI interprets negative-sounding words to always mean a negative answer, such as a sentence that contains "not" or "terrible," whereas it interprets words such as "great" and "good" as only positive.</p> <p><em>Eric St-Jean is an independent consultant with a particular focus on HR technology, project management and Microsoft Excel training and automation. He writes about numerous business and technology areas.</em></p> </section> Learn the essential steps your project team must take to ensure ERP implementation is successful after the go-live. https://cdn.ttgtmedia.com/rms/onlineimages/toolGearArrow_g1157744678.jpg https://www.techtarget.com/searcherp/tip/10-steps-you-need-to-carry-out-post-ERP-implementation Fri, 12 Jun 2026 13:00:00 GMT <p>Ensuring 911 calls are routed to the proper emergency call center with accurate caller location is a challenge that has grown more complex as companies manage both cloud communications and a hybrid workforce.</p> <p>In addition, some organizations don't invest in the resources needed to properly evaluate and ensure compliance, or they may be unfamiliar with state and local requirements. One example is Alyssa's Law, which a growing number of states have adopted to require panic alarm systems in public schools so emergency responders can be alerted quickly during an emergency.</p> <p>Let's examine what you can do to navigate a 911 hybrid work environment, <a href="https://www.techtarget.com/searchunifiedcommunications/quiz/Test-your-knowledge-of-E911-compliance-requirements">ensure compliance</a> and prepare for NG911.</p> <p><b>Editor's note:</b><i> This tip provides no legal guidance. We recommend those responsible for 911 location and call routing management consult with appropriate legal counsel to determine their organization's risk and potential liability.</i></p> <section class="section main-article-chapter" data-menu-title="Understanding 911 compliance requirements"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Understanding 911 compliance requirements</h2> <p>In the United States, companies are subject to regulations issued by federal, state and local authorities. At the federal level, two key laws are Kari's Law and RAY BAUM's Act.</p> <p>Kari's Law, in force for <a target="_blank" href="https://www.fcc.gov/sites/default/files/mlts_faqs.pdf" rel="noopener">multiline phone systems</a> manufactured or installed after Feb. 16, 2020, requires that covered multiline phone systems let users call emergency services without having to first punch in a prefix, such as an 8 or 9, to reach an outside line. It also requires that appropriate personnel, such as on-site security, are notified whenever a 911 call is made.</p> <p>Additionally, it mandates that 911 calls sent to an emergency call center (ECC) or a public safety answering point (PSAP) must include a valid callback number to enable the operator to reach the original caller if the call is lost.</p> <p>But for older systems, compliance can often be a gray area depending on the system's age, when it was last updated and the scale of the update. The Federal Communications Commission (FCC), for its part, said it considers upgrades to core multiline hardware or software systems to be sufficient enough to place these systems under the oversight of its regulations. To minimize risk, companies should consult with appropriate legal counsel.</p> <p>RAY BAUM'S Act mandates that calls placed to 911 <a href="https://www.techtarget.com/searchunifiedcommunications/feature/Build-a-strategy-for-compliance-with-federal-911-laws">provide a dispatchable location</a>, which the FCC defines as a "validated street address of the 911 calling party, plus additional information, such as suite, apartment or similar information necessary to adequately identify the location of the caller."</p> <p>In cases where building access is restricted, it's critical that front-desk security personnel are aware that a 911 call was placed from within the building and can identify the caller's actual location.</p> </section> <section class="section main-article-chapter" data-menu-title="911 compliance lags"> <h2 class="section-title"><i class="icon" data-icon="1"></i>911 compliance lags</h2> <p>Unfortunately, not every company adheres to regulations. According to Metrigy's "Employee Engagement Optimization: 2025" study of 400 companies, just 64% of organizations with offices in the U.S complied with both Kari's Law and RAY BAUM's Act. This number has remained virtually unchanged over the last several years.</p> <p>Reasons for not following the laws vary, but are usually attributable to a lack of understanding and a view that older systems are grandfathered in and thus compliant. In addition, some organizations don't invest in the resources needed to properly evaluate and ensure compliance, or they may be unfamiliar with state and local requirements, including <a target="_blank" href="https://makeourschoolssafe.org/alyssas-law/" rel="noopener">Alyssa's Law</a>. Now on the books in 11 states, Alyssa's Law requires school districts to install panic alarms within all public school buildings that can be activated in the event of an emergency.</p> </section> <section class="section main-article-chapter" data-menu-title="Achieving 911 compliance"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Achieving 911 compliance</h2> <p>Fortunately, both unified communications (UC) vendors, as well as third-party software suppliers, offer tools to provide compliance and manage employee location and 911 call routing. These range from apps that track employee location in real time to those that ensure that location information is shared both with on-site personnel and ECC/PSAP operators.</p> <p>In cases where a 911 caller's location can't be pinpointed, the software typically routes the call to a national call center that attempts to determine the caller's location before contacting the appropriate ECC.</p> </section> <section class="section main-article-chapter" data-menu-title="Preparing for Next Generation 911"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Preparing for Next Generation 911</h2> <p>UC providers are also <a href="https://www.techtarget.com/searchunifiedcommunications/tip/How-to-manage-E911-in-a-multivendor-UC-environment">actively supporting Next Generation 911</a> (NG911). Here, endpoints learn their location from network components or other devices and then send that information along with the 911 call. Emerging NG911 capabilities include text-to-911, where available, and the ability to share information with first responders, such as exit locations, elevators and even security camera footage.</p> <p>For remote workers, most services require users to configure a dispatchable location. The UC software validates the address is correct and prompts users to update their locations when it detects a change in the network environment.</p> <blockquote class="main-article-pullquote"> <div class="main-article-pullquote-inner"> <figure> The reality for companies trying to ensure 911 compliance is that most 911 calls are placed from personal or company-provided cellular phones. </figure> <i class="icon" data-icon="z"></i> </div> </blockquote> </section> <section class="section main-article-chapter" data-menu-title="Mobility continues as a pain point"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Mobility continues as a pain point</h2> <p>The reality for companies trying to ensure 911 compliance is that most 911 calls are placed from <a href="https://www.techtarget.com/searchunifiedcommunications/answer/How-do-you-manage-cloud-telephony-E911-location-information">personal or company-provided cellular phones</a>. In these cases, because the call isn't handled by the enterprise phone system or UC as a service (UCaaS) provider, there may be no way to transmit accurate caller location or to notify on-site personnel that an emergency call has been placed.</p> <p>Some 911 management providers can link personal or company-provided cellphones to office locations, but these products aren't widely deployed. Metrigy found that only 18% of companies use third-party platforms for 911 call and location management.</p> <p>Services such as Cisco Webex Go and Microsoft Teams Phone Mobile can <a href="https://www.techtarget.com/searchunifiedcommunications/tip/Fixed-mobile-convergence-could-solve-UC-services-gap">connect a cellphone's native dialer </a>with a company's UCaaS environment, but emergency calling capabilities can vary by carrier, country, configuration and device type. IT teams should verify whether these services can transmit dispatchable location, route calls to the appropriate ECC/PSAP and notify on-site personnel before treating them as part of a 911 compliance strategy. Again, it's best to consult legal counsel to determine risk.</p> <div class="extra-info"> <div class="extra-info-inner"> <h3 class="splash-heading">Hybrid work 911 compliance checks</h3> <p>Hybrid work creates more variables for 911 compliance because employees might place emergency calls from offices, homes, shared workspaces or mobile devices. Use these checks to review whether your phone system, UCaaS tools and emergency response processes account for those different work scenarios.</p> <p>✓&nbsp; Verify how remote workers update their dispatchable location.</p> <p>✓&nbsp; Confirm whether UCaaS and mobile calling services route emergency calls to the correct ECC/PSAP.</p> <p>✓&nbsp; Determine whether on-site personnel are notified when employees call 911 from enterprise calling tools.</p> <p>✓&nbsp; Review how personal and company-provided mobile phones fit into emergency response plans.</p> <p>✓&nbsp; Test location information and routing across office, remote and mobile work scenarios.</p> <p>✓&nbsp; Educate employees on how 911 calls are handled from each approved calling option.</p> </div> </div> </section> <section class="section main-article-chapter" data-menu-title="Education, tools can help"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Education, tools can help</h2> <p>To help reduce 911 compliance challenges and make it possible to navigate 911 in a hybrid work environment, consider the following steps:</p> <ul class="default-list"> <li>Ensure compliance with appropriate federal, state and local laws.</li> <li>If you are still relying on older systems, evaluate the need to make them comply with Kari's Law and RAY BAUM'S Act.</li> <li>Deploy available 911 management tools from your UC providers, supplementing them with third-party specialty tools as needed.</li> <li>Determine and address the risk of mobile 911 calls.</li> <li>Educate users about how 911 calls are handled across all work locations.</li> </ul> <p><i>Irwin Lazar is president and principal analyst at Metrigy, where he leads coverage on the digital workplace. His research focus includes unified communications, VoIP, video conferencing and team collaboration. </i></p> </section> Hybrid work, cloud calling and mobile phones complicate 911 compliance. Learn how IT teams can reduce risk and help employees get emergency assistance. https://cdn.ttgtmedia.com/rms/onlineimages/location_g10188619.jpg https://www.techtarget.com/searchunifiedcommunications/tip/Navigating-E911-in-the-hybrid-workplace Fri, 12 Jun 2026 11:27:00 GMT <p>For those who manage phone systems, a key responsibility is ensuring that calls to 911 are sent to the proper answering point, and accurate caller location information is available to emergency call center operators.</p> <p>That task has been complicated by three fundamental paradigm shifts in the communications and calling space:</p> <ul class="default-list"> <li>Employees are increasingly untethered to specific locations. They might work from home, a public space or from multiple <a href="https://www.techtarget.com/searchunifiedcommunications/tip/Understanding-hot-desking-pros-and-cons-for-the-hybrid-office">hot desking workspaces</a> within company offices.</li> <li>More employees are relying on mobile devices -- personal or company-provided -- as their primary means of communication.</li> <li>Cloud-based calling services are replacing on-premises private branch exchanges (PBXs), with varying capabilities to track user location. The near ubiquity of mobile phones adds another challenge: Organizations might not be notified when a 911 call is placed from a personal smartphone within an office location.</li> </ul> <p>The days of simply managing desktop telephones at fixed locations are over.</p> <p>An effective Enhanced 911 (E911) compliance strategy has two important functions:</p> <ol class="default-list"> <li>To maintain accurate phone location information, regardless of the type of endpoint and whether it is on the enterprise network or remotely connected to company-provided phone services.</li> <li>To ensure 911 calls are transmitted to the proper emergency call center (ECC) or public safety answering point (PSAP) based on the caller's current location. For example, if a person with a company office in Chicago is working from home in Milwaukee, the 911 call must reach the 911 operator in Milwaukee so emergency personnel are dispatched to the right location.</li> </ol> <p>Meeting these goals in an ever-changing environment requires a proactive approach. Improper <a href="https://www.techtarget.com/searchunifiedcommunications/answer/How-do-you-manage-cloud-telephony-E911-location-information">location management and call routing</a> make an organization vulnerable to regulatory liability, civil risk and, more importantly, employee health and safety.</p> <blockquote class="main-article-pullquote"> <div class="main-article-pullquote-inner"> <figure> Meeting these goals in an ever-changing environment requires a proactive approach. Improper location management and call routing make an organization vulnerable to regulatory liability, civil risk and, more importantly, employee health and safety. </figure> <i class="icon" data-icon="z"></i> </div> </blockquote> <section class="section main-article-chapter" data-menu-title="Steps to ensure compliance and minimize risk"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Steps to ensure compliance and minimize risk</h2> <p><b>Editor's note:</b><i> This tip provides no legal guidance. We recommend those responsible for 911 location and call routing management consult with appropriate legal counsel to determine their organization's risk and potential liability.</i></p> <h3>1. Assess regulatory compliance</h3> <p>In the United States, <a target="_blank" href="https://www.fcc.gov/mlts-911-requirements" rel="noopener">two primary laws</a> govern 911 compliance: Kari's Law and RAY BAUM's Act.</p> <ul class="default-list"> <li>Kari's Law requires new multiline phone systems sold, leased or installed after Feb. 16, 2020, to directly dial 911 without needing to use a prefix, such as an 8 or 9, to reach an outside line. It also requires appropriate personnel, such as on-site security individuals, to be notified whenever a 911 call is made, and mandates that 911 calls sent to an ECC/PSAP have a valid callback number.</li> <li>RAY BAUM's Act, Section 506, requires calls sent to 911 operators provide a "dispatchable location," which the Federal Communications Commission defines as "a location delivered to the PSAP with a 911 call that consists of the validated street address of the calling party, plus additional information such as suite, apartment, or similar information necessary to adequately identify the location of the calling party." In most cases, first responders arrive and require security personnel to escort them to the caller, so it's critical for those individuals to know the specific location where the 911 call originated.</li> </ul> <p>Nearly 64% of organizations are compliant with both Kari's Law and RAY BAUM's Act, according to Metrigy's "Employee Engagement Optimization: 2025" <a href="https://metrigy.com/product/employee-engagement-optimization-2025/" target="_blank" rel="noopener">study</a> of 400 companies. This is only a slight increase from 2023 when 63% of companies reported compliance with both laws. In addition to these federal regulations, several states and cities have their own regulations covering the segmentation of large facilities and how 911 calls are sent to local PSAPs. Addressing risk means ensuring E911 compliance for all employees, in all locations, on all endpoints.</p> <div class="extra-info"> <div class="extra-info-inner"> <h3 class="splash-heading">911 compliance checklist for enterprise phone systems</h3> <p>Use these checks to review whether your 911 compliance strategy covers the main risk areas:</p> <p>✓ Users can dial 911 directly without first dialing a prefix for an outside line.</p> <p>✓ Designated internal personnel, such as security or front desk staff, are notified when a 911 call is placed.</p> <p>✓ Calls include a dispatchable location, such as building, floor, suite or room information.</p> <p>✓ Location information accounts for remote and hybrid workers.</p> <p>✓ Personal and company-provided mobile phones are addressed in the emergency response plan.</p> <p>✓ UCaaS, SIP trunking and calling providers support 911 location management, call routing and testing.</p> <p>✓ Providers have a plan to support NG911 requirements as they continue to evolve.</p> <p>✓ The organization regularly tests 911 routing and location information across major endpoint types.</p> </div> </div> <h3>2. Mitigate risk</h3> <p>IT leaders should assess what tools are available to them from their phone system providers to help them meet regulatory requirements, and then determine what changes or additional deployments might be needed to ensure compliance. Network-level protocols can help track the location of desktop phones, but pinpointing softphones and mobile phones requires additional investment in dedicated 911 location management tools -- especially in mixed PBX or <a href="https://www.techtarget.com/searchunifiedcommunications/definition/cloud-telephony-cloud-calling">cloud calling</a> platform environments.</p> <p>Organizations should also evaluate 911 management and call routing capabilities from their <a href="https://www.techtarget.com/searchunifiedcommunications/definition/SIP-trunking">Session Initiation Protocol trunking</a> providers if they have their own public switched telephone network connectivity. Metrigy research finds that approximately half of companies rely on third-party or managed services to handle 911 location and call routing management. Such platforms might offer additional benefits, such as misdial prevention and 911 call recording.</p> <h3>3. Go beyond phones</h3> <p>Once a call is placed to 911 and the appropriate security personnel have been notified, consider how the 911 call is integrated into an emergency response plan. Vendors like Intrado, 911inform and RedSky Technologies offer the ability to integrate 911 calls into <a href="https://www.techtarget.com/searchitoperations/definition/IT-incident-management">incident management</a> platforms, enabling security personnel to not only identify a caller's location, but potentially tie that call into other available data from IoT devices, including cameras, sensors and door locks.</p> <p>In some cases, it might be possible to share this information with first responders so they can assess the situation. In addition, consider mobile phone-specific location management capabilities from vendors like 911inform.</p> <h3>4. Plan for Next Generation 911 (NG911)</h3> <p><a href="https://www.techtarget.com/searchunifiedcommunications/tip/Companies-prep-for-NG911-implementation-but-hurdles-remain">NG911 revamps location management</a> by enabling phones to determine their location via a variety of information sources, including GPS, and to transmit real-time location data to the PSAP at the time of a 911 call. Advanced capabilities support new communication modalities, such as text to 911, and let devices share video with first responders.</p> <p>The FCC has also adopted NG911 transition rules for originating service providers. While most enterprises will not manage that transition directly, IT teams should understand how their providers plan to support NG911 requirements, including IP-based 911 traffic delivery, location information and connectivity testing.</p> <h3>5. Include mobile phones</h3> <p>Today, almost everyone carries a mobile device, and <a target="_blank" href="https://www.nena.org/page/911statistics" rel="noopener">statistics</a> show that approximately 80% of 911 calls are placed via these devices. Even if a company has a rock-solid plan for an enterprise phone system, it's very likely employees will use their personal or company-provided mobile phones to call 911 -- especially if their only option is a company-provided mobile device.</p> <p>These calls are <a href="https://www.techtarget.com/searchunifiedcommunications/tip/Fixed-mobile-convergence-could-solve-UC-services-gap">handled by wireless carriers</a> that likely won't be able to notify on-site personnel that a call was made or the caller's exact location Products from vendors, including 911inform, address this issue by enabling mobile operators to map enterprise offices and provide on-site notification when a 911 call is made from a mobile phone.</p> <h3>6. Test, test, test</h3> <p>Configuring 911 location and call routing management isn't something that's done once and then forgotten. Ensure your organization has a regular schedule of tests across all potential calling endpoints. If it's available, use <a target="_blank" href="https://support.bandwidth.com/hc/en-us/articles/210291778-The-933-service" rel="noopener">933 testing</a> to minimize calls into actual PSAPs. And, as part of your training program, ensure employees are aware of any potential limitations in 911 call routing.</p> <p>Addressing each of these 911 compliance issues creates a high likelihood that, when an employee places a 911 call, it goes to the correct ECC/PSAP and with the caller's accurate location. It also means a more effective response to any incidents that might have triggered the initial call.</p> <p><b>Editor's note:</b> <em>This article was updated to improve clarity and reflect current 911 compliance considerations. </em></p> <p><i>Irwin Lazar is president and principal analyst at Metrigy, where he leads coverage on the digital workplace. His research focus includes unified communications, VoIP, video conferencing and team collaboration.</i></p> </section> Multivendor phone systems can complicate E911 management. Third-party platforms can help centralize call routing, location management and compliance. https://cdn.ttgtmedia.com/rms/onlineimages/telecommunications_g1200200188.jpg https://www.techtarget.com/searchunifiedcommunications/tip/5-key-strategies-to-ensure-E911-compliance Fri, 12 Jun 2026 10:34:00 GMT <p>Buying, upgrading or replacing an <a href="https://www.techtarget.com/searcherp/definition/ERP-enterprise-resource-planning">ERP</a> system is a complex endeavor that ranks as one of the most important investments a company will undertake.</p> <p>As small companies mature and leave behind siloed accounting systems and spreadsheets, and as larger companies replace cobbled-together legacy technology that requires frequent patching, integration and data alignment, decision-makers must consider not just which products and technologies to buy, but also the specific features and capabilities they need to improve how they do business.&nbsp;</p> <p>Furthermore, enterprise application software continues to improve, and global economies face disruptions such as tariffs, oil price shocks and natural disasters. Therefore, it's imperative for companies to <a href="https://www.techtarget.com/searcherp/feature/When-vendor-timelines-redefine-ERP-modernization-strategy">invest in modern ERP systems</a> that can quickly adapt to changing business environments. The integrated modules of an ERP system facilitate sharing of actionable data and improve visibility across departments, thereby enhancing decision-making and team collaboration across finance, HR, manufacturing, logistics and other core business processes.</p> <section class="section main-article-chapter" data-menu-title="Why buy ERP?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Why buy ERP?</h2> <div class="imagecaption alignRight"> <img src="https://cdn.ttgtmedia.com/rms/onlineimages/sommer_brian.jpg" alt="Brian Sommer, President, TechVentive">Brian Sommer </div> <p>Nevertheless, many companies try their best to not replace their ERP systems for at least 10 to 15 years -- and, in some cases, up to 25 years -- said Brian Sommer, an ERP analyst and president of TechVentive.</p> <p>"The disruption potential to an organization is so great that most people would rather have a root canal than replace their ERP system," Sommer said. "These things come with significant risk. If you don't do the implementation just right, if you don't do all the change management correctly, and if the integrations go awry, then you've got a real disaster on your hands. And that's why companies take these decisions very seriously." &nbsp;</p> <p>Joshua Greenbaum, principal at Enterprise Applications Consulting, called buying an ERP system "a real reckoning." He said companies that run their operations on Microsoft Excel spreadsheets, Intuit QuickBooks accounting software and legacy systems that don't share data aren't nimble enough to adapt to the changing business environment.</p> <p>"When companies have overlapping processes and, for example, one department has the customer record with 15 alphanumeric characters and the other uses 22, or you have two manufacturing plants and each one has a different bill of materials for the same product, the inefficiencies are intolerable, especially when you are trying to play in the big leagues," Greenbaum said.</p> <p>Another reason to want an <a href="https://www.techtarget.com/searcherp/tip/8-tips-for-a-successful-ERP-upgrade-project">ERP system with up-to-date functionality</a> is to reduce the time and money spent implementing patches and integrating disparate systems that don't work so well anymore.&nbsp;</p> <p>"The only time a company should ever actually worry about the integrations between two systems is the first time they put it together, and hopefully it should stay intact forever," Sommer said.</p> <p>The effort needed to tweak systems and export data from one system to import it into another doesn't grow top-line revenue. "That process does not contribute to a wider profit margin and may, in fact, do the opposite," he said. "You are not process-excellent and you are not operating in a way that puts you at the top of your competitive ranking in your industry." &nbsp;</p> <p>Greenbaum added that as companies deliberate on how a new ERP system or upgrade will improve their business, project leaders should focus on <a href="https://www.techtarget.com/searcherp/feature/Top-change-management-tips-for-ERP-implementation-success">change management</a>, understand how their back office currently operates, find the right stakeholders, secure executive buy-in and decide where they want to be in five years.</p> <p>"All of those things are much more important than which software to select, because nothing will work right if you don't have those kinds of factors in play," he said.</p> <div class="youtube-iframe-container"> <iframe id="ytplayer-0" src="https://www.youtube.com/embed/PPewd17otM0?autoplay=0&amp;modestbranding=1&amp;rel=0&amp;widget_referrer=null&amp;enablejsapi=1&amp;origin=https://www.techtarget.com" type="text/html" height="360" width="640" frameborder="0" loading="lazy"></iframe> </div> </section> <section class="section main-article-chapter" data-menu-title="ERP features that make a difference"> <h2 class="section-title"><i class="icon" data-icon="1"></i>ERP features that make a difference</h2> <p>Moving to a new ERP system isn't so much about buying technology as much as it's about using the technology as a means to perform specific tasks. Here are some of the key capabilities and features an ERP system should have:</p> <ol class="default-list"> <li><a href="https://www.techtarget.com/searcherp/definition/SaaS-ERP-software-as-a-service-ERP-hosting">Multitenant SaaS</a> (public cloud) deployment. This ERP architecture eliminates the need to manage data centers, as well as related maintenance and security costs. It offers subscription pricing, which can often be more cost-effective than licensed on-premises ERP (especially in the short-to-intermediate term), preconfigured business processes and automatic updates. Additionally, public cloud provides scalability and easy access to ERP for remote workers.</li> <li>Compliance and control features that act as an integrated system to ensure the organization adheres to laws, regulations, internal policies and industry standards, in addition to meeting reporting requirements.</li> <li>Forecasting software that taps historical and real-time data to help organizations understand changing business dynamics and predict the performance of such critical variables as revenue, supply, demand and cash flow.</li> <li>Purchase-to-pay (AKA procure-to-pay, or P2P) capabilities, which link an organization's <a href="https://www.techtarget.com/searcherp/tip/Procurement-automation-use-cases-for-CSCOs-to-consider">procurement function</a> to its accounts payable department. P2P features help companies manage how they acquire goods and services more efficiently by providing better end-to-end visibility into the process, from identifying needs and placing purchase orders to receiving goods, processing the invoices and making payments.</li> <li>A quote-to-cash feature, which provides a workflow that closes the gap between sales and accounting systems. It <a href="https://www.techtarget.com/searcherp/tip/Learn-benefits-and-challenges-of-CRM-and-ERP-integration">links sales, finance and operations teams</a> and helps them collaborate on deals that are then configured, priced, contracted, invoiced and paid accurately and efficiently.</li> <li>Globalization features to help ERP users navigate the complexities of international business operations. Having a centralized system to monitor the exchange rates and regulatory environments of different countries helps companies improve their planning strategies and make informed decisions in key areas like global finances, supply chains and human resources.</li> <li><a href="https://www.techtarget.com/searcherp/feature/The-ERP-HR-module-Key-features-explained">An HR module</a>, which helps companies manage their talent more effectively and respond to shifting employment patterns, such as upticks in remote and hybrid work, AI-related layoffs and the ongoing trend toward <a href="https://www.techtarget.com/searchcio/tip/The-CIOs-guide-to-skills-based-workforce-planning">skills-based hiring</a>.</li> </ol> </section> <section class="section main-article-chapter" data-menu-title="Understanding the role of AI in ERP"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Understanding the role of AI in ERP</h2> <p>For several years, many ERP modules have had generative AI (<a href="https://www.techtarget.com/searchenterpriseai/definition/generative-AI">GenAI</a>) features that provide content generation, conversational analytics and insights to improve decision-making. More recently, agentic AI capabilities are being added that can autonomously reason, plan and make decisions in areas such as forecasting, supply chain management and logistics.&nbsp;&nbsp;</p> <div class="imagecaption alignLeft"> <img src="https://cdn.ttgtmedia.com/rms/onlineImages/greenbaum_josh.jpg" alt="Photo of Joshua Greenbaum, Principal, Enterprise Applications Consulting">Joshua Greenbaum </div> <p>AI tools dominate C-suite discussions, and the technology admittedly can go a long way to <a href="https://www.techtarget.com/searcherp/feature/366628821/AI-and-ERP-The-digital-labor-evolution-in-manufacturing">improving ERP systems</a>, but Greenbaum said ERP implementation projects should keep their traditional focus on improving business processes, efficiency, optimization and productivity and less on the benefits of GenAI and agentic AI.</p> <p>"It's a mistake to think AI first. Let's figure out what it is that we need to improve," Greenbaum said. "What does it look like now, and what do we want it to look like next? And what systems are involved? Then, and only then, should you ask, 'Does my preferred vendor have a better way to do this with a modern AI system?'"</p> <p><i>Nicole Lewis is an independent business and technology journalist who covers public policy, technology and business issues.</i> &nbsp;</p> </section> Analysts say the focus should be on key tasks and business processes instead of the technology, and they share their advice on the features that do the most to add value. https://cdn.ttgtmedia.com/visuals/searchCloudComputing/use_cases/cloudcomputing_article_019.jpg https://www.techtarget.com/searcherp/feature/ERP-software-selection-Is-ERP-right-for-you Fri, 12 Jun 2026 09:00:00 GMT <p>When an organization's storage systems were primarily managed internally by IT staff, compliance best practices typically focused on documenting required controls, maintaining retention schedules, restricting access, verifying backups and gathering evidence for periodic reviews.</p> <p>That model has been changing.</p> <p>In the past decade, expectations for data storage compliance have evolved significantly in response to changes in IT architecture, expanding data volumes, fragmented regulatory requirements and new security and <a href="https://www.techtarget.com/searchenterpriseai/tip/AI-risk-management-A-strategic-guide-for-enterprise-leaders">AI-related governance risks</a>. When organizations still managed critical data on-premises in corporate data centers, best practices for enterprise storage typically focused on capacity planning, data availability, performance and audit readiness.</p> <p>While these concerns still matter, today's best practices for enterprise data storage must also address the growing role storage plays in policy enforcement. To be effective, compliance initiatives need to help organizations build storage architectures that can be managed as centrally as possible through automated control planes. This transition is often described as a change in focus from infrastructure-centric storage to data-centric storage.</p> <section class="section main-article-chapter" data-menu-title="Why data storage compliance is complex"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Why data storage compliance is complex</h2> <p>The challenge today is that many enterprises have heterogeneous storage environments made up of cloud platforms, traditional on-premises arrays, dedicated backup platforms and legacy <a href="https://www.techtarget.com/searchstorage/answer/The-difference-between-SAN-and-NAS">SAN/NAS</a> infrastructure. While advancements in automation have helped organizations centralize and standardize policy intent significantly, it is still unlikely that any single tool or vendor service will be able to enforce policy consistently everywhere an organization's data resides.</p> <p>In a perfect world, storage compliance policies could be transformed into code that enforces policy consistently across all environments. For example, if a compliance regulation required personally identifiable information to be encrypted, retained for a specific number of years and deleted upon verified request, those controls could be programmed into encryption settings in cloud storage, retention settings in backup systems and access controls in identity services. Logs from each system could then be aggregated into platforms like Splunk or Microsoft Sentinel and normalized into a format that supports analysis, validation and reporting.</p> <p>In the real world, however, comprehensive machine-enforceable workflows for compliance enforcement are likely to still be years away. While governance platforms like Microsoft Purview can help organizations reduce enforcement drift by linking data classification to downstream mechanisms, policy enforcement ultimately depends on what integration points and technical controls each underlying storage system supports.</p> </section> <section class="section main-article-chapter" data-menu-title="Best practices for enforcing storage compliance"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Best practices for enforcing storage compliance</h2> <p>Misalignment between policy intent and real-world enforcement is a significant source of legal, financial and reputational risk. The following best practices can help organizations close enforcement gaps:</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineImages/security-hipaa_compliance-f.png"> <img data-src="https://www.techtarget.com/rms/onlineImages/security-hipaa_compliance-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineImages/security-hipaa_compliance-f_mobile.png 960w,https://www.techtarget.com/rms/onlineImages/security-hipaa_compliance-f.png 1280w" alt="HIPAA compliance checklist" height="310" width="559"> <figcaption> <i class="icon pictures" data-icon="z"></i>Follow these strategies to ensure HIPAA compliance. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <ul class="default-list"> <li>Use data discovery and classification tools to inventory data, map where it is stored and identify who has ownership and/or administrative access.</li> <li>Define governance policies in business terms rather than platform terms to reduce ambiguity and encourage internal teams to implement controls on different platforms as consistently as possible.</li> <li>Convert common compliance controls into <a href="https://www.techtarget.com/searchitoperations/tip/Apply-policy-as-code-best-practices-to-reap-benefits">policy-as-code</a> where feasible and use compensating controls when automation is not feasible.</li> <li>When considering what to automate, focus attention first on platforms that store regulated data and repositories that require substantial manual administration.</li> <li>Use a governance platform like Microsoft Purview to connect regulated data with common downstream controls for regulations and standards like GDPR, HIPAA and PCI DSS.</li> <li>Adopt <a href="https://www.techtarget.com/searchsecurity/definition/zero-trust-model-zero-trust-network">zero trust</a> principles for storage access and encrypt data at rest and data in transit.</li> <li>Strengthen access governance with <a href="https://www.techtarget.com/searchsecurity/definition/role-based-access-control-RBAC">role-based access controls</a> (RBAC) that support the <a href="https://www.techtarget.com/searchsecurity/definition/principle-of-least-privilege-POLP">principle of least privilege</a>.</li> <li>Enable WORM-style immutability within existing storage, archive and backup platforms.</li> <li>Centralize logs, audit trails and automated evidence collection to reduce manual review effort and improve confidence in audit results. (These practices also support SOC 2 recommendations for storage compliance.)</li> <li>Continuously test control effectiveness by validating deletion workflows, retention triggers, backup recoverability and access revocation processes to help identify enforcement drift before it becomes a material compliance risk.</li> <li>Turn exceptions into a managed program. Document where identical policy enforcement is not possible, assign owners, define compensating controls and track remediation timelines.</li> <li>Use refresh cycles and digital transformation initiatives to <a href="https://neevdata.com/blog/legacy-system-decommissioning-retiring-systems/">retire legacy systems</a> that create the greatest enforcement gaps over time.</li> </ul> <div class="youtube-iframe-container"> <iframe id="ytplayer-0" src="https://www.youtube.com/embed/ilLEdbfzw-I?autoplay=0&amp;modestbranding=1&amp;rel=0&amp;widget_referrer=null&amp;enablejsapi=1&amp;origin=https://www.techtarget.com" type="text/html" height="360" width="640" frameborder="0" loading="lazy"></iframe> </div> </section> <section class="section main-article-chapter" data-menu-title="Roles and responsibilities"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Roles and responsibilities</h2> <p>Even though machine-driven compliance enforcement may be the target goal for many organizations, people will still continue to play a key role in defining policy, handling exceptions, validating controls and maintaining accountability.</p> <p>Even though machine-driven compliance enforcement may be the ultimate goal for some organizations, people will continue to play a critical role in defining policy, handling exceptions, validating controls and maintaining accountability.</p> <p>In the enterprise, this division is often formalized through an RACI matrix that clarifies roles and responsibilities. For example, the organization's compliance legal team may be accountable for interpreting compliance requirements and defining policy; the security team may be responsible for designing controls; the storage team may be responsible for implementing controls; and the operations team may be responsible for validating controls work as intended.</p> </section> <section class="section main-article-chapter" data-menu-title="Takeaway"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Takeaway</h2> <p>Data storage compliance has changed significantly in the past decade, and best practices can no longer be treated merely as a checklist for periodic audits or regulatory reviews. Organizations that treat storage compliance as a continuous engineering discipline will be better positioned to scale governance, reduce risk and adapt to changing regulations and standards.</p> <p>Margaret Rouse is an award-winning writer and technologist known for her ability to explain the value of emerging technology to business users.</p> </section> Storage administrators and managers stressing over compliance should follow these analyst-recommended strategies, including taking advantage of automation and anonymizing data. https://cdn.ttgtmedia.com/visuals/IoTAgenda/business_of_iot/iotagenda_article_008.jpg https://www.techtarget.com/searchstorage/tip/6-data-storage-compliance-strategies-for-the-enterprise Fri, 12 Jun 2026 00:00:00 GMT <p>Implementing AI in various forms has been all the rage in enterprises in the last few years, but evidence that all the investment is paying off is scant.</p> <p>In fact, it appears that organizations are hitting an AI plateau, where AI investments have made some gains, but productivity is <a href="https://www.techtarget.com/searchcio/post/Why-enterprises-shouldnt-accept-good-enough-AI-ROI">leveling off</a>.</p> <p>AI deployments are on the rise. According to the McKinsey State of AI 2025 <a target="_blank" href="https://www.mckinsey.com/capabilities/quantumblack/our-insights/the-state-of-ai#/" rel="noopener">report</a>, 88% of surveyed organizations now use AI for at least one operational function. This is up from 78% in the previous year's survey. However, this investment is not paying off, at least for now.</p> <p>Just under 40% of organizations report that AI investments have generated any impact on profitability. In most cases, this amounts to less than 5% of total EBIT [earnings before interest and taxes], and just 6% of organizations for which AI investment has had more than a 5% impact on EBIT.</p> <p>Agentic AI use is growing, according to the report, with 62% of organizations experimenting with AI agents. While 23% of these say they are scaling AI agents in at least one function, there's no single function where the "scaled or fully scaled" share exceeds 10%.</p> <section class="section main-article-chapter" data-menu-title="Hidden barriers to AI transformation"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Hidden barriers to AI transformation</h2> <p>All this suggests that organizations use AI widely, but these deployments are not paying off yet.</p> <p>Organizations are hitting an AI plateau because they're <a href="https://www.techtarget.com/searchcio/feature/Agentic-ai-in-practice-lessons-from-real-deployments">deploying AI technically</a>, but they're not doing it in a way that's visible to the effects of the changes, said Chris Willis, chief design officer and futurist at Domo.</p> <p>Organizations believe they can buy and deploy the tools and assume that the successful transformation will just happen. However, there are many hidden <a href="https://www.techtarget.com/searchcio/feature/AI-is-fundamentally-transforming-organizations">barriers to transformation</a>, including organizational inertia and a culture that doesn't foster innovation, he said.</p> <p>One of the biggest factors in organizations hitting the AI plateau is the mistaken assumption that everyone is a natural innovator or will have the freedom to innovate in ways they haven't been asked to before, Willis said.</p> <p>"AI leaders say, 'We're just going to give everybody all these tools, and then they're going to figure it out,' but that's like magical thinking," he said. "Did they hire innovators? [Was the guy] in accounting hired because they like to work outside and think outside the box?"</p> <p>These employees may or may not be creative or innovative thinkers, but organizations are task-based, functional hierarchies, and people are hired and incentivized to work within them, Willis said.</p> <p>Organizations are hitting an AI plateau because they are deploying AI out of FOMO and the pressure to solve problems, without clearly defining the problems, he said.</p> <blockquote class="main-article-pullquote"> <div class="main-article-pullquote-inner"> <figure> If you're trying to transform, you have to transform more than one thing, you have to redesign how decisions, workflows and accountability are handled. </figure> <figcaption> <strong>Chris Willis</strong>Chief Design Officer and Futurist, Domo. </figcaption> <i class="icon" data-icon="z"></i> </div> </blockquote> <p>"If you're trying to transform, you have to transform more than one thing. You have to redesign how decisions, workflows and accountability are handled," Willis said.</p> </section> <section class="section main-article-chapter" data-menu-title="AI leadership gap"> <h2 class="section-title"><i class="icon" data-icon="1"></i>AI leadership gap</h2> <p>Organizations are hitting an AI plateau and are struggling to get value from their investments, said Mike Kazmier, head of AI at Banyan Software.</p> <p>There are two reasons why AI programs are flailing, he said. One is that they lack the leadership to marshal them through the deployment and make it a business priority. The other is that they are skipping at least one of the <a target="_blank" href="https://www.harvardbusiness.org/wp-content/uploads/2023/05/2023_05_6-key-levers-of-a-successful-organizational-transformation.pdf" rel="noopener">six pillars of true transformational change</a>.</p> <p>"Too many companies think that just buying the technology gets you the instant reward without addressing the operating model changes, the people's skill improvement and the data that's required, because data is the fuel of all AI," Kazmier said.</p> <p>To avoid hitting an AI plateau, organizations need both a solid strategy at the top and a robust governance system at the bottom that manages risk and ensures value, he said.</p> <p>AI proliferation across the enterprise is accelerating at a speed that leaders are finding <a href="https://www.techtarget.com/searchcio/feature/AI-transformation-is-inevitable-but-requires-change-management">difficult to manage</a>, said Fern Halper, founder of the AI Foundations Group.</p> <p>There's pressure on executives to move on AI quickly, Halper said. They must acknowledge this reality while simultaneously dealing with their organizational, data and governance readiness.</p> <p>The pace of AI change has led some executives to wonder if they can keep up, she said. For example, the former CEO of Coca-Cola, James Quincey, <a target="_blank" href="https://finance.yahoo.com/markets/stocks/articles/coca-cola-ceo-shift-puts-043122379.html" rel="noopener">stepped down in March</a> amid the company's transformation to AI and digital growth.</p> <p>However, organizations are caught between the <a href="https://www.computerweekly.com/news/366643449/Challenging-AI-hype-narratives-with-director-Valerie-Veatch">AI transformation hype</a> and the reality, where many are <a href="https://www.techtarget.com/searchcio/feature/How-CIOs-move-from-AI-experimentation-to-operationalization">stuck in experimentation</a> and pilot mode, largely because they have not thought enough about the foundations, Halper said.</p> <p>"Organizations have stalled out because they were trying to use easy-to-use tools, but they hadn't put their data foundation, governance or skills foundation in place, and they can't get any further because they've plateaued out," she said.</p> </section> <section class="section main-article-chapter" data-menu-title="Not just another tech deployment"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Not just another tech deployment</h2> <p>Dan Leiva, founder at CXAmplify, agreed that one reason for organizations hitting an AI plateau is that they roll it out like any other technology project, treating the rollout as the end of the project.</p> <p>"It's not owned after the rollout, which is the most important part because there's drift, there's changes in the upstream data, there's no watching it after it goes," Leiva said. "The big difference with agentic AI is that it doesn't stop when it rolls out. You've got to watch it after it rolls out."</p> <p>Organizations are now assessing how to deploy AI successfully and avoid AI plateaus.</p> <p>Willis said that one way to move forward is to come back to the fundamentals of technology deployments. Organizations should pick a few use cases that are well-understood, have value and already have unified governed data.</p> <p>"You can then embed AI into the workflow rather than creating a separate siloed tool, and you can keep humans doing what humans do very well -- which is bringing judgment to the process," he said. "Then you can measure the impact and see if you can repeat that outcome."</p> <p>The problem with AI is that many organizations are jumping straight to the prototype stage without fully considering if they are solving the right problem or should be solving that problem at all, Willis said.</p> <p>"For example, for automation, people aren't asking if they should automate this, so they're creating new problems, or they're using new and expensive technology to solve a thing that they've solved already," he said.</p> <p>The AI transformation and the question of productivity are not new stories, Willis said.</p> <p>A generation ago, organizations began to furnish all employees with PCs, promising to greatly improve productivity -- even if most people at the time didn't know what to do with them.</p> <p>There was a huge amount of investment, hype and FOMO from the organizational side, and a huge amount of anxiety on the employee side, Willis said. But it took years for organizations to realize productivity gains.</p> <p>"Today, we can't imagine doing work without PCs. But it takes time because we have to understand the technology and that there are other parts around the technology," he said. "There are missing technologies, missing cultures, missing role definitions and missing education. You need all this and more before you can really leverage what's happening."</p> <p><i>Jim O'Donnell is a news director for TechTarget, where he covers IT strategy and enterprise ESG.</i></p> </section> Despite widespread adoption, organizations are reaching an AI plateau because they treat it as a typical technology implementation rather than one requiring fundamental change. https://cdn.ttgtmedia.com/rms/onlineimages/arvr_a199792447.jpg https://www.techtarget.com/searchcio/feature/Breaking-through-the-enterprise-AI-plateau Wed, 10 Jun 2026 17:12:00 GMT <p>The harder part of citizen AI <i>is not</i> letting business users build. (They are already going to build -- or, at least, try.) The harder part <i>is</i> deciding where local autonomy ends and enterprise oversight begins.</p> <p>A small tool that summarizes notes or drafts an internal update is one thing. A tool that touches customer records, changes account data, updates a financial workflow, sends information to an outside model or triggers a business process is something else.</p> <p>The closer AI tools move to the work, the more important it becomes to define what kind of autonomy they actually have.</p> <p>That is where citizen AI needs more than excitement, training and good intentions. It needs boundaries.</p> <section class="section main-article-chapter" data-menu-title="AI tools need both autonomy and boundaries"> <h2 class="section-title"><i class="icon" data-icon="1"></i>AI tools need both autonomy and boundaries</h2> <p>AI tools -- <a href="https://www.techtarget.com/searchenterpriseai/tip/4-main-types-of-AI-explained">generative, agentic or otherwise</a> -- need both autonomy and boundaries.</p> <p>That may sound contradictory on the surface. But in the enterprise AI world, freedom and restriction are not opposites; they are complementary. AI tools need enough room to do useful work, but not so much room that they quietly reach into systems, data or workflows the business never intended them to touch.</p> <p>That is the idea behind a phrase that should probably be plastered across almost every enterprise AI use case: <i>bounded autonomy</i>. The concept is simple: AI can have agency, but that agency needs limits.</p> <p>That applies to citizen AI just as much as it applies to sophisticated AI tools supported by IT inside ERP, finance, HR, customer service and other enterprise software platforms. The level of control will vary by use case, but the need for control does not go away.</p> <p><a href="https://www.techtarget.com/searchenterpriseai/tip/Citizen-developers-are-redefining-enterprise-AI-development">Citizen-built AI tools</a> need clearly defined access to data, clear limits on the actions they can take and clear rules for when human review is required. They also need to account for customer impact, financial impact, compliance risk and whether the tool is touching systems the business depends on.</p> <p>Human oversight matters, but it is not enough by itself. A person being "in the loop" does not help much if the tool has already been given broad access to the wrong data or the ability to take actions no one reviewed.</p> <p>AI tools -- especially those created by business users -- should not be able to quietly gain access to systems, data or actions that the enterprise would never approve if IT, security or compliance had reviewed them first.</p> <p>That is bounded autonomy.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/agentic_ai_security_at_a_glance-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/agentic_ai_security_at_a_glance-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/agentic_ai_security_at_a_glance-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/agentic_ai_security_at_a_glance-f.png 1280w" alt="Infographic showing agentic AI security risks and controls, including access, monitoring, identity, data protection and safeguards for AI agents" height="560" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Citizen-built AI tools need room to do useful work, but enterprises still need guardrails around data access, permissions, actions, monitoring and ownership. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> </section> <section class="section main-article-chapter" data-menu-title="Bounded autonomy needs context, too"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Bounded autonomy needs context, too</h2> <p>But bounded autonomy might need one more word: context.</p> <p>Citizen AI tools do not just need limits on what they can access and what actions they can take. They also need enough business context to understand what the data means, which system is authoritative, where the data came from and which rules apply before the tool acts.</p> <p>So maybe the fuller idea is <i>bounded contextual autonomy</i>.</p> <p>That means autonomous <a href="https://www.techtarget.com/searchdatamanagement/feature/How-agentic-AI-governance-tackles-data-security-challenges">AI usage is bounded by governance</a> and guided by context. A citizen-built tool should not only be prevented from touching the wrong data; it should also be kept from using the right data in the wrong way.</p> <p>That matters because raw data access is not the same as business understanding.</p> <p>A tool might see a customer record, an employee profile, a supplier status or a finance workflow and still miss the meaning around it. Is the customer active or on hold? Is the supplier approved in one region but restricted in another? Is the employee record current? Is the finance action allowed without review?</p> <p>Those are <a href="https://www.techtarget.com/searcherp/feature/Why-context-engineering-is-the-next-enterprise-software-priority">context questions</a> as much as governance questions.</p> <p>For citizen developers, that means the guardrails cannot stop at permissions. The enterprise also needs shared definitions, source-of-truth rules, policy constraints and escalation paths so local AI tools do not act on data stripped of its business meaning.</p> </section> <section class="section main-article-chapter" data-menu-title="Low-risk tools can stay close to the business"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Low-risk tools can stay close to the business</h2> <p>None of this means every small tool needs a full enterprise software review. It <i>does</i> mean the company needs a risk-based model.</p> <p>Low-risk tools can stay close to the business. Higher-risk tools need review, monitoring, access limits and human approval. Critical tools need IT ownership.</p> <p>This is the difference between empowerment and anarchy. The enterprise needs a controlled place for business users to build, test and improve local AI tools without letting those tools quietly drift into production systems no one owns. A local AI tool should not become enterprise software by accident.</p> <blockquote class="main-article-pullquote"> <div class="main-article-pullquote-inner"> <figure> A local AI tool should not become enterprise software by accident. </figure> <i class="icon" data-icon="z"></i> </div> </blockquote> <p>That controlled space should be wide enough for business users to solve real problems. But it also has to be clear enough that everyone knows when a tool has outgrown it. That line will not always be obvious.</p> <p>A small automation might start as a personal productivity helper. Then a team starts using it. Then it touches shared data. Then it becomes part of a real workflow. At some point, it stops being a useful shortcut and becomes something the business depends on.</p> <p>That is when ownership has to change.</p> <div class="extra-info"> <div class="extra-info-inner"> <p></p> <h3 class="splash-heading">When citizen AI needs IT review</h3> <p>Not every citizen-built AI tool needs the same level of review, but some signals should push a local tool closer to IT, security or compliance.</p> <p>A citizen-built AI tool needs more review when it:</p> <ul class="default-list"> <li>Touches sensitive customer, employee or financial data.</li> <li>Changes account records, workflow states or operational systems.</li> <li>Sends business data to an external AI model or third-party platform.</li> <li>Affects customers, partners, suppliers or employees outside the original team.</li> <li>Becomes popular enough that other teams depend on it.</li> <li>Performs a critical function.</li> <li>Creates audit, compliance, privacy or security risk.</li> <li>Has no clear owner if something goes wrong.</li> </ul> <p>The point is not to stop business users from building; it is to make sure the enterprise knows when a useful local tool has become something the business has to govern, support or own.</p> </div> </div> </section> <section class="section main-article-chapter" data-menu-title="Local AI tools need an enterprise path"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Local AI tools need an enterprise path</h2> <p>The enterprise needs a path for those tools.</p> <p>Some can stay local. Some should be retired. Some should be reviewed and improved. Some should be rebuilt by IT and supported as real enterprise software.</p> <p>That is especially important because citizen-built tools can spread in ways the enterprise does not always see right away. A tool that starts in one department might get copied by another. A workflow that was supposed to support one task might become part of a larger process. A low-risk use case might become higher risk once it connects to new data, new users or new systems.</p> <p>That is why IT, security and compliance need a practical way to see what exists without turning every business-user idea into a six-month review.</p> <p>The goal is not to create a bureaucracy that kills <a href="https://www.techtarget.com/searchsoftwarequality/definition/citizen-development">citizen development</a>, but to define what kind of tool can stay local, what kind needs a review and what kind now belongs in the enterprise software portfolio.</p> <p>This is where the relationship between business users and IT matters most.</p> <p>Business users bring the problem knowledge. They know the workarounds, bottlenecks, approval delays and small tasks that central IT might never have time to prioritize. IT brings architecture, security, integration and support discipline. Governance defines the boundaries. Context keeps the tool from using data blindly.</p> <p>The business decides when a local experiment has become important enough to own.</p> </section> <section class="section main-article-chapter" data-menu-title="The sandbox is the strategy"> <h2 class="section-title"><i class="icon" data-icon="1"></i>The sandbox is the strategy</h2> <p>A citizen AI sandbox is not just a playground; it is the operating model.</p> <p>It should define which platforms are approved, which data is available, what kinds of actions are allowed, which workflows require human approval and when a tool needs IT review. It should also define what happens when a local tool succeeds.</p> <p>If business users build something useful, the enterprise needs a way to capture the value without pretending the tool is still just a small experiment. Some successful tools should be hardened, integrated, documented and supported. Others should stay local with clear limits. Some should be shut down.</p> <p>Citizen AI should not be fully open or fully locked down. It needs a middle ground.</p> <p>The promise is that more of the people closest to the work can help improve it. The risk is that they create tools no one can see, govern or support. A sandbox does not eliminate that risk, but it gives the enterprise a place to manage it.</p> <p>Give citizen developers room to build. Just make sure the enterprise can see, govern and own what matters.</p> <p><i>James Alan Miller is a veteran technology editor and writer who leads Informa TechTarget's Enterprise Software group. He oversees coverage of ERP &amp; Supply Chain, HR Software, Customer Experience, Communications &amp; Collaboration and End-User Computing topics.</i></p> </section> Citizen AI can help business users solve local problems, but enterprises need bounded contextual autonomy to govern data, actions and ownership. https://cdn.ttgtmedia.com/rms/onlineimages/container_g498396156.jpg https://www.techtarget.com/searcherp/feature/Citizen-developers-need-a-sandbox-not-a-blank-check Wed, 10 Jun 2026 15:23:00 GMT <p>The meteoric rise of GLP-1 medications in recent years has sparked a gold rush in the healthcare sector, with various entities benefiting from the windfall. Digital health companies are among the most significant benefactors, leveraging their virtual care models to meet the skyrocketing demand for the drugs.</p> <p>But with a growing number of digital health players throwing their hats into the proverbial GLP-1 ring, sustaining the initial revenue boost associated with the medications may prove challenging.</p> <p>According to Arielle Trzcinski, principal analyst at Forrester, market saturation will require digital health companies to identify what differentiates them from the competition in terms of their GLP-1 strategy. Since many companies, including Hims &amp; Hers, Ro and, more recently, Omada Health, prescribe GLP-1s virtually, providing access to the drugs themselves cannot be the differentiator.</p> <p>Rather, it comes down to whether these companies can sustain the benefits that GLP-1s provide, create an off-ramp for those who want to wean off the drugs and offer wraparound services that support care beyond weight loss, she said.</p> <section class="section main-article-chapter" data-menu-title="GLP-1s offer new revenue opportunities for digital health players"> <h2 class="section-title"><i class="icon" data-icon="1"></i>GLP-1s offer new revenue opportunities for digital health players</h2> <p>It's not hard to see why digital health companies are going all-in on the GLP-1 boom. Digital health companies are well-positioned to get GLP-1s into consumers' hands through virtual prescribing. And the move into the GLP-1 space appears to be working out for many of these companies.</p> <p>Take Omada Health, which announced that it <a href="https://www.techtarget.com/virtualhealthcare/news/366634256/Omada-Health-to-prescribe-GLP-1s">will prescribe anti-obesity medications</a>, including GLP-1s, less than six months after <a href="https://www.techtarget.com/virtualhealthcare/news/366625054/Omada-Health-launches-IPO-aims-to-raise-up-to-158M">going public in June 2025</a>. The company added the prescribing capability to its existing GLP-1 care track program, which offers patients on GLP-1s with nutrition guidance, education and access to health coaches and cardiometabolic specialists.</p> <p>According to Omada Health CEO Sean Duffy, GLP-1 care services are a vital part of the company's portfolio not only because the demand for the medications is on the rise, but because they also provide an entry point to Omada's other digital health programs focused on chronic diseases, including diabetes, hypertension and musculoskeletal issues.</p> <p>"Even if an employer opens the door for a conversation with Omada because of GLP-1s, they pretty quickly realize, well, shoot, not everybody who wants to improve health in my employee population and reduce weight wants a GLP-1 -- and I also have an issue with hypertension, with diabetes, MSK," he said. "And so it actually turns into sales for the broader Omada [portfolio]…It's a broader tailwind that's really lifting all boats there, which is really nice."</p> <p>The company recently <a href="https://www.techtarget.com/virtualhealthcare/news/366642994/Omada-Health-reports-42-revenue-boost-GLP-1-partnership">reported a 42% year-over-year revenue jump</a> in the first quarter of 2026. During the earnings call, Duffy highlighted that GLP-1 capabilities are "driving growth across the full cardiometabolic suite." The revenue impact of the company's investment in GLP-1s, he believes, will become even more apparent in 2027 and beyond.</p> <p>Duffy also views Omada's broader cardiometabolic suite, particularly its GLP-1 care track program, as a way to maximize the value of GLP-1 medications.</p> <p>"Our clients, they just started to get really worried about what they saw in the data, because if they were paying for GLP-1s for obesity, they'd see weight loss and then weight regain," he explained.</p> <p>To allay client concerns, Omada has focused on gathering clinical evidence demonstrating that its wraparound GLP-1 care services help sustain the weight loss people achieve while using the medications.</p> <p>"We put out a recent study that showed 2.1x increase in fat loss in our care track than our control, and then three times more muscle retained," Duffy said. "And then we've seen up to 12 months weight maintenance post-discontinuation. And so those are the results that we bring to our enterprise buyers."</p> <p>Omada is far from the only digital health company to be carving out a space in the GLP-1 market. Hims &amp; Hers experienced a major revenue boost from expanding its offerings beyond sexual health and hair regrowth to include weight-loss services. In <a href="https://s27.q4cdn.com/787306631/files/doc_financials/2025/q4/Hims-Hers-Fourth-Quarter-2025-Earnings-Call-Transcript.pdf">its Q4 2025 earnings call</a>, Andrew Dudum, co-founder and CEO, noted that the company's "weight loss offering reached $100 million revenue run rate in less than seven months after launch." This speed outstripped its other offerings, which took "three and sometimes even four years to (inaudible) $100 million in annual revenue."</p> <p>This revenue boost occurred despite the significant blowback Hims &amp; Hers faced when it initially announced plans to advertise and sell compounded versions of FDA-approved GLP-1 medications. After a brief partnership with Novo Nordisk to sell a compounded version of the Wegovy pill&nbsp;<a href="https://www.techtarget.com/pharmalifesciences/news/366626301/Novo-Nordisk-ends-Hims-Hers-partnership-over-GLP-1-safety-concerns">fell apart in 2025</a>, the company <a href="https://www.statnews.com/pharmalot/2026/02/09/novo-sues-hims-infringing-wegovy-patent-obesity/">faced lawsuits</a> and regulatory scrutiny, including <a href="https://www.techtarget.com/pharmalifesciences/news/366631512/FDA-cracks-down-on-online-advertising-of-compounded-GLP-1-drugs">warnings from the FDA</a>.</p> <p>The company <a href="https://investors.hims.com/news/news-details/2026/Hims--Hers-Announces-Strategic-Shift-for-US-Weight-Loss-Business/default.aspx">pivoted earlier this year</a>, announcing that it would no longer advertise compounded GLP-1 products on its platform and would prescribe them only in limited circumstances. Instead, it will provide access to FDA-approved GLP-1 medications, including Ozempic and Wegovy.</p> <p>GLP-1s continue to feature prominently on the company's website, indicating their critical position in the company's portfolio.</p> <p>During the company's <a href="https://s27.q4cdn.com/787306631/files/doc_financials/2026/q1/Hims-Hers-First-Quarter-2026-Earnings-Call-Transcript-doc.pdf">Q1 2026 earnings call</a>, Dudum noted that it fulfilled more than 125,000 shipments of Wegovy products within the first six weeks of their launch on the platform.</p> <p>"We are seeing adoption in weight loss near record levels, even beyond the demand we saw following this year's New Year's and Super Bowl campaigns," he said.</p> <p>However, as GLP-1 demand continues to grow and more digital health companies step in to close access gaps, the price of the medications is decreasing, Trzcinski pointed out. For companies already committed to the GLP-1 revenue pathway, this market saturation and price compression may present challenges.</p> </section> <section class="section main-article-chapter" data-menu-title="Sustaining the revenue bump will require a holistic approach to GLP-1 care"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Sustaining the revenue bump will require a holistic approach to GLP-1 care</h2> <p>As digital health companies establish their GLP-1 strategy going forward, Trzcinski suggests they consider gaps in the GLP-1 care journey, including the tapering process.</p> <p>"We don't yet know or have a lot of data in terms of definitively saying, this is when folks can come off of these drugs," she said. "This is when they can taper, how they taper. Whoever figures out that and does that well and thinks about how do we help folks successfully come off of these medications and offer the reference services, medications, other things that perhaps they need in conjunction with coming off of these drugs, those are the folks that people are going to gravitate to."</p> <p>Not only that, but employers and payers would also be more interested in companies that can help their employees and members taper off medications and better manage their overall health, as this will ultimately help them manage healthcare costs in the long term, she added.</p> <p>Simply offering prescriptions for the medications may not be a reliable revenue growth strategy as the GLP-1 market evolves. Rather, Trzcinski emphasized that companies that can eke out a role in the overarching weight-loss management continuum will be better positioned to navigate market pressures.</p> <p>This is the approach that Omada plans to take, and the company is excited about its position, Duffy shared.</p> <p>"You have some [companies] that are more or less GLP-1 vending machines," he said. "We're kind of a 180 of that, which is a holistic evidence-based metabolic care provider that uses GLPs as a tool in the toolkit, but equally has, from day one, emphasized lifestyle support, care within the context of your GLP-1 [journey], listening to your goals on how long you want to stay on the medicine, following obesity standard guidelines, really generating our own evidence."</p> <p>&nbsp;Omada also has relationships with three national PBMs -- Optum Rx, CVS Caremark and Express Scripts -- and plans to <a href="https://investors.omadahealth.com/news-releases/news-release-details/omada-health-joins-lilly-employer-connect-expanding-its-access">join Eli Lilly and Company's Employer Connect program</a>, offering new direct-to-employer channels for its GLP-1 Care Track.</p> <p>Though wraparound, comprehensive care can help digital health companies keep a foothold in the GLP-1 market, Trzcinski cautioned that the broader regulatory and reimbursement landscape remains uncertain. And data on outcomes and cost will be critical to shaping that landscape.</p> <p>"There's a lot of uncertainty and lack of data around these drugs," Trzcinski said. "We still need more time. And I think, ultimately, it will create some volatility for these companies in the future as we learn more. But it also presents an incredible opportunity and hopefully an opportunity for population health as well."</p> <p><em>Anuja Vaidya has covered the healthcare industry since 2012. She currently covers healthcare IT and innovation, including artificial intelligence, digital healthcare, EHRs and interoperability.</em></p> </section> Digital health companies have a new revenue pathway in virtual GLP-1 prescribing, but market saturation and potential price drops indicate a need for a strategy shift. https://cdn.ttgtmedia.com/rms/onlineimages/pharma_g1358852671.jpg https://www.techtarget.com/virtualhealthcare/feature/Digital-health-companies-seek-lasting-edge-amid-GLP-1-gold-rush Wed, 10 Jun 2026 13:30:00 GMT <p>The need for a requirements list when looking for a new ERP system cannot be overstated. The requirements help guide the whole process, including identifying vendors and applications, who to include on the evaluation team, and the budget and implementation timeline.</p> <p>Adding ERP to a company's tech stack can have far-reaching implications. For example, teams in finance, manufacturing, warehousing, human resources and other departments might need to move to the new system. The scope can play an important role in automating workflows, improving forecasts and eliminating the need for multiple standalone systems. However, choosing the wrong ERP can have a devastating impact across the company.</p> <p>The requirements list isn't only helpful at the beginning of a project. It can also be used to educate employees and project team members, assist with prioritizing requirements, and measure the project's ROI.</p> <section class="section main-article-chapter" data-menu-title="Steps to create your ERP requirements checklist"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Steps to create your ERP requirements checklist</h2> <p>To create a thorough requirements checklist, it is critical to engage the right employees and allocate sufficient time to this step. It's also import for the project leader to provide some ground rules and instructions so the process runs smoothly and achieves the desired outcome.</p> <p>To identify stakeholders, the project leader and project sponsor should build a list of teams affected by the planned <a href="https://www.techtarget.com/searcherp/feature/Solve-the-top-8-cloud-ERP-implementation-challenges">ERP project</a> and seek input to confirm no teams were missed. It's also valuable to put out a formal announcement and tell employees how they can provide input.</p> <p>Setting a realistic timeframe for collecting feedback is also important. The bigger the ERP system, the more requirements it will have. Also, consider the time of year when setting the schedule. For example, many employees take vacations in the summer months. Make sure the schedule also includes time to review and validate the requirements.</p> <p>Providing clear instructions and a template will help contributors understand what's being asked of them. This should include the level of detail required, the priority of the requirement, the business need and a description explaining why the feature is needed.</p> <p>When building the final requirements checklist, it's ideal to include a rating scale that evaluators can use to score how well the system meets a given requirement and provide space for comments. Reviewers should be expected to submit their evaluation shortly after a demo and before the next demo, because it can be hard to remember which product did what. It can also be helpful to have a meeting after each demo to review differences in the feedback provided.</p> <div class="extra-info"> <div class="extra-info-inner"> <p></p> <h3 class="splash-heading">ERP requirements checklist template</h3> <p>Download a template for your requirements checklist <a href="https://cdn.ttgtmedia.com/rms/onlineimages/erp_requirements_checklist-template.xlsx" target="_blank" rel="noopener">here</a>.</p> </div> </div> </section> <section class="section main-article-chapter" data-menu-title="Key components of an ERP requirements checklist"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Key components of an ERP requirements checklist</h2> <p>Here are the major categories to include, with examples.</p> <h3>Project overview</h3> <p>Rather than jump right into requirements, it's good to give the reader a general overview of the company and the project. It should include items such as company size, market, locations, project leaders, timeline and project goals.</p> <h3>Current system overview</h3> <p>Use this section to highlight current systems and whether the <a href="https://www.techtarget.com/searchcio/feature/how-to-migrate-to-a-new-erp-system">new ERP will replace them</a>. This section can also provide insight into how each system is used for people who aren't familiar with them.</p> <h3>Nonfunctional requirements</h3> <p>These requirements are generally applicable across the system and not specific to one team or module. For this set of requirements, you will want to get feedback from various teams across the company. Also, include representation from each country if the organization has a global footprint.</p> <p><b>Reporting and analytics</b></p> <ul class="default-list"> <li>Standard reports and dashboards that can be customized.</li> <li>Role-based permissions controlling what data is displayed.</li> <li>Ability to drill down and filter based on predefined and custom criteria.</li> <li>Scheduled reports.</li> <li>Support for standard export formats (XLSX, PDF, CSV, etc.).</li> </ul> <p><b>Globalization</b></p> <ul class="default-list"> <li>Support for required languages, currencies and date formats.</li> <li>Ability to create custom fields with labels and default text in multiple languages.</li> <li>Help and user forums provided in multiple languages.</li> </ul> <p><b>Access permissions</b></p> <ul class="default-list"> <li>Centrally controlled access permission configuration.</li> <li>Data access controlled separately from functionality access.</li> <li>Default roles provided, with the ability to create custom roles.</li> <li>Detailed reporting on access permissions granted.</li> </ul> <p><b>Automation</b></p> <ul class="default-list"> <li>Standard workflows provided by the vendor.</li> <li>Ability to create custom workflows across the platform.</li> <li>Support for simple and data-dependent approvals.</li> <li>Reports and dashboards that can be sent to users automatically on a schedule.</li> </ul> <p><b>AI</b></p> <ul class="default-list"> <li>AI functionality across the entire system.</li> <li>Employee access to AI tools and chatbots to ask questions and get help.</li> <li><a href="https://www.techtarget.com/searcherp/feature/C-suite-should-make-AI-data-management-the-2026-ERP-priority">Data analysis</a> for present and historical data, plus predictive analytics for future planning.</li> <li>AI that can draft text and recommend improvements to user-entered text.</li> <li>Data audits that can be run continuously to look for issues.</li> <li>Agentic AI to automate routine tasks.</li> </ul> <p><b>Technical and integration</b></p> <ul class="default-list"> <li>Support for <a href="https://www.techtarget.com/searchsecurity/definition/single-sign-on">single-sign-on</a> technology.</li> <li>Interoperability with office applications (Microsoft and Google).</li> <li>Capable of running in the <a href="https://www.techtarget.com/searcherp/feature/The-differences-between-on-premises-and-cloud-ERP-software">cloud or on premises</a>.</li> <li>Ability to send and receive data through interfaces, such as APIs and SFTP.</li> <li>Alignment between ERP's technology and the buyer's (operating system, database, etc.).</li> <li>System that can be extended with vendor development tools or third-party applications.</li> </ul> <h3>Functional requirements</h3> <p>Functional requirements explain the features that are needed and how the system works -- for example, a timesheet feature for hourly employees to record their start and end times.</p> <p><b>Finance and accounting</b></p> <ul class="default-list"> <li><a href="https://www.techtarget.com/searchenterpriseai/feature/How-AI-helps-Henry-Schein-Ones-accounts-payable-team">Accounts payable</a> and accounts receivable.</li> <li>Bank reconciliation.</li> <li>Budgeting and forecasting.</li> <li>Revenue management.</li> <li>Multicompany management and allocations.</li> <li>Auditing.</li> <li>Expense management.</li> <li>Cashflow planning and management.</li> <li>Financial reporting.</li> <li>Invoicing and collection.</li> <li>Data analysis.</li> <li>Exchange rate management.</li> <li>Vendor management.</li> <li>Payroll.</li> <li>Industry- and country-specific requirements.</li> </ul> <p><b>Warehouse management</b></p> <ul class="default-list"> <li><a href="https://www.techtarget.com/searcherp/tip/Best-practices-for-inventory-management">Inventory management</a>.</li> <li>Sales order fulfillment.</li> <li>Electronic data interchange (EDI).</li> <li>Real-time data analysis and dashboards.</li> <li>Shipping and receiving management.</li> <li>Workforce management.</li> <li>Shop floor automation and control.</li> </ul> <p><b>Manufacturing management</b></p> <ul class="default-list"> <li>Production planning and scheduling.</li> <li><a href="https://www.techtarget.com/searcherp/definition/order-management">Order management</a>.</li> <li>Inventory management.</li> <li>Workforce management.</li> <li>EDI.</li> <li>Quality control and compliance management.</li> <li>Bill of materials (BOM) management.</li> <li>Equipment maintenance tracking.</li> <li>Shop floor automation and control.</li> <li>Industry- and country-specific requirements.</li> </ul> <p><b>Customer relationship management (CRM)</b></p> <ul class="default-list"> <li>Central repository of customer data.</li> <li>Lead management.</li> <li>Sales tracking.</li> <li>Data cleansing.</li> <li>Contract repository.</li> <li>Task management and automation.</li> </ul> <p><b>Asset management</b></p> <ul class="default-list"> <li>Track fixed assets (buildings, vehicles, equipment, etc.).</li> <li>Maintenance planning and scheduling.</li> <li>Depreciation and expense planning.</li> <li>Data analysis.</li> </ul> <p><b>Human resources</b></p> <ul class="default-list"> <li>Core HR.</li> <li>Payroll.</li> <li>Time and attendance.</li> <li>Absence and leave management.</li> <li>Recruiting and <a href="https://www.techtarget.com/searchhrsoftware/tip/Use-cases-for-AI-in-employee-onboarding">onboarding</a>.</li> <li>Learning management.</li> <li>Performance management.</li> <li>Succession planning.</li> <li>Compliance management.</li> <li>Compensation planning.</li> <li>Workforce planning.</li> </ul> <p><i>Eric St-Jean is an independent consultant with a particular focus on HR technology, project management and Microsoft Excel training and automation. He writes about numerous business and technology areas.</i></p> </section> The requirements checklist might be the most important document in ERP planning and implementation. Here's what a good checklist should include, plus a template to start your own. https://cdn.ttgtmedia.com/rms/onlineimages/check_g1205300933.jpg https://www.techtarget.com/searcherp/tip/A-complete-ERP-requirements-checklist-with-template Wed, 10 Jun 2026 10:30:00 GMT <p>Incident response is an organized, strategic approach to detecting and managing cyberattacks in ways that minimize damage, recovery time and total costs.</p> <p><a href="https://www.techtarget.com/searchsecurity/tip/Incident-management-vs-incident-response-explained">Incident response is a subset of incident management</a>.&nbsp;<i>Incident management</i>&nbsp;is an umbrella term for an enterprise's broad handling of cyberattacks, involving diverse stakeholders from the executive, legal, HR, communications and IT teams. <i>Incident response</i> is the part of incident management that handles technical cybersecurity tasks and considerations.</p> <p>Many experts use the terms&nbsp;<i>incident response&nbsp;</i>and&nbsp;<i>incident management</i>&nbsp;interchangeably because both aim to ensure&nbsp;<a href="https://www.techtarget.com/searchdisasterrecovery/definition/business-continuity">business continuity</a>&nbsp;in the face of a security crisis, such as a data breach. Yet&nbsp;<a href="https://www.techtarget.com/searchsecurity/tip/Business-continuity-vs-disaster-recovery-vs-incident-response">incident response, business continuity and disaster recovery</a>&nbsp;measures play distinct, if complementary, roles in keeping organizations operational despite interruptions. Consider how their primary goals differ:</p> <ul type="disc" class="default-list"> <li><b>Business continuity.</b>&nbsp;Aims to maintain critical business operations in the face of any kind of expected or unexpected disruption -- e.g., a natural disaster, planned downtime or a cyberattack.</li> <li><b>Disaster recovery.</b>&nbsp;Aims to restore IT functionality after any kind of unexpected disruption -- e.g., a natural disaster, a technological outage or a cyberattack.</li> <li><b>Incident response.</b>&nbsp;Aims to identify, contain and resolve cyberattacks and any problems they cause.</li> </ul> <p>Digital forensics and incident response (<a href="https://www.techtarget.com/searchsecurity/definition/digital-forensics-and-incident-response-DFIR">DFIR</a>) is an approach to incident response that integrates digital forensics tools and processes. Digital forensics is a subset of forensic science that involves the collection and analysis of data to fully understand a cyberevent, as well as the preservation of evidence for future internal use -- such as for reconstruction of a security event -- and external use -- for example, as digital evidence in court.</p> <p>Data uncovered through DFIR practices can give incident responders a clearer, more accurate understanding of a security incident, leading to faster recovery, less disruption and a stronger security posture.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/business_continuity_plan_vs_disaster_recovery_plan_vs_incident_response_plan-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/business_continuity_plan_vs_disaster_recovery_plan_vs_incident_response_plan-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/business_continuity_plan_vs_disaster_recovery_plan_vs_incident_response_plan-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/business_continuity_plan_vs_disaster_recovery_plan_vs_incident_response_plan-f.png 1280w" alt="Graphic with text explaining the differences among business continuity, disaster recovery and incident response." height="258" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>While each is distinct, business continuity, disaster recovery and incident response all share the goal of keeping an organization running. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <section class="section main-article-chapter" data-menu-title="Why is incident response important?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Why is incident response important?</h2> <p>Today, Benjamin Franklin might say the only certainties are death, taxes and cyberattacks. Research suggests&nbsp;<a href="https://www.techtarget.com/whatis/34-Cybersecurity-Statistics-to-Lose-Sleep-Over-in-2020">critical security incidents are all but inevitable</a>, driven by both criminal ingenuity on the attacker's side and human error on the user's side. A reactive, disorganized response to an attack gives bad actors the upper hand and puts the business at greater risk. At worst, the financial, operational and reputational damage from a major security incident could put an organization out of business.</p> <p>On the other hand, a cohesive, well-vetted incident response strategy that follows&nbsp;<a href="https://www.techtarget.com/searchsecurity/tip/Incident-response-best-practices-for-your-organization">incident response best practices</a>&nbsp;limits fallout and positions the business to recover as quickly as possible.</p> <div class="youtube-iframe-container"> <iframe id="ytplayer-0" src="https://www.youtube.com/embed/EtfdkP-JDAA?autoplay=0&amp;modestbranding=1&amp;rel=0&amp;widget_referrer=null&amp;enablejsapi=1&amp;origin=https://www.techtarget.com" type="text/html" height="360" width="640" frameborder="0" loading="lazy"></iframe> </div> <h3>Types of security incidents</h3> <p>In developing incident response strategies, it's important to first understand how&nbsp;vulnerabilities, threats, incidents and data breaches relate.</p> <p>A&nbsp;<i>vulnerability</i>&nbsp;is a weakness in the IT or business environment. A&nbsp;<i>threat</i>&nbsp;is an entity -- whether a malicious hacker or a company insider -- that aims to exploit a vulnerability in an attack. To qualify as an&nbsp;<i>incident</i>, an attack must succeed in accessing enterprise resources or otherwise putting them at risk. Finally, a&nbsp;<i>data breach</i>&nbsp;is an incident in which attackers successfully compromise sensitive information, such as personally identifiable information or intellectual property.</p> <p>When it comes to cybersecurity, an ounce of prevention is worth a pound of cure. Experts say organizations should&nbsp;<a href="https://www.techtarget.com/searchsecurity/feature/How-to-fix-the-top-5-cybersecurity-vulnerabilities">fix known vulnerabilities</a>&nbsp;and proactively develop response strategies for dealing with the following&nbsp;<a href="https://www.techtarget.com/searchsecurity/feature/10-types-of-security-incidents-and-how-to-handle-them">common security incidents</a>:</p> <ul type="disc" class="default-list"> <li>Unauthorized attempts to access systems or data.</li> <li>Privilege escalation attacks.</li> <li><a href="https://www.techtarget.com/searchsecurity/definition/insider-threat">Insider threats</a>.</li> <li><a href="https://www.techtarget.com/searchsecurity/definition/phishing">Phishing</a>&nbsp;attacks.</li> <li>Malware attacks.</li> <li>Denial-of-service (<a href="https://www.techtarget.com/searchsecurity/definition/denial-of-service">DoS</a>) attacks.</li> <li><a href="https://www.techtarget.com/iotagenda/definition/man-in-the-middle-attack-MitM">Man-in-the-middle attacks</a>.</li> <li>Password attacks.</li> <li>Web application attacks.</li> <li><a href="https://www.techtarget.com/searchsecurity/definition/advanced-persistent-threat-APT">Advanced persistent threats</a>.</li> </ul> <p>Since not all security events are equally serious, and because enterprises simply do not have the resources to aggressively address each and every one, incident response requires prioritization. Weigh an incident's urgency and importance to determine if it warrants a full-fledged response. For example, an active ransomware attack is both urgent -- i.e., time-sensitive -- and important -- i.e., it can put critical IT assets and business continuity at risk. Such an attack logically warrants a major, expedited response.</p> <p><i>Learn more about the&nbsp;</i><a href="https://www.techtarget.com/searchsecurity/feature/Top-10-types-of-information-security-threats-for-IT-teams"><i>top cybersecurity threats</i></a><i>&nbsp;enterprises face today.</i></p> </section> <section class="section main-article-chapter" data-menu-title="What is an incident response plan?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What is an incident response plan?</h2> <p>An incident response plan is an organization's go-to documentation that details the following:</p> <ul type="disc" class="default-list"> <li><b>What.&nbsp;</b>Which threats, exploits and situations qualify as actionable security incidents, and what to do when they occur.</li> <li><b>Who.&nbsp;</b>In the event of a security incident, who is responsible for which tasks and how others can contact them.</li> <li><b>When.&nbsp;</b>Under what circumstances team members should perform given response tasks.</li> <li><b>How.&nbsp;</b>Specifically, how team members should complete those tasks.</li> </ul> <p>An incident response plan acts as a detailed, authoritative map that guides responders from initial detection, assessment and triage of an incident to its containment and resolution.</p> </section> <section class="section main-article-chapter" data-menu-title="How to create an incident response plan"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How to create an incident response plan</h2> <p>Successful&nbsp;<a href="https://www.techtarget.com/searchsecurity/feature/5-critical-steps-to-creating-an-effective-incident-response-plan">incident response requires proactively drafting, vetting and testing plans</a>&nbsp;<i>before</i> a crisis strikes. Best practices include the following:</p> <figure class="main-article-image half-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/security-incident_response_plan_checklist.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/security-incident_response_plan_checklist_half_column_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/security-incident_response_plan_checklist_half_column_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/security-incident_response_plan_checklist.png 1280w" alt="Graphic of an incident response plan checklist" height="234" width="279"> <figcaption> <i class="icon pictures" data-icon="z"></i>An incident response plan is a key component of any incident response program. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <ol type="1" start="1" class="default-list"> <li><b>Establish a policy.</b>&nbsp;An incident remediation and response policy should be an evergreen document describing general, high-level incident-handling priorities. A good policy empowers incident responders and guides them to make sound decisions when the proverbial excrement hits the fan.</li> <li><b>Build an incident response team.</b>&nbsp;An incident response plan is only as strong as the people involved. Establish who will handle which tasks, and ensure everyone has adequate training to fulfill their roles and responsibilities.</li> <li><b>Create playbooks.</b>&nbsp;Playbooks are the lifeblood of incident response. While an incident response policy provides a high-level view, playbooks get into the weeds, outlining standardized, step-by-step actions responders should take in specific scenarios. Playbook benefits include greater consistency, efficiency and effectiveness -- in both incident response and incident-responder training.<br><br><i>Learn&nbsp;</i><a href="https://www.techtarget.com/searchsecurity/tip/How-to-create-an-incident-response-playbook"><i>how to create playbooks</i></a><i>.</i></li> <li><b>Create a communication plan.&nbsp;</b>Incident response can't succeed without a&nbsp;<a href="https://www.techtarget.com/searchsecurity/tip/Incident-response-How-to-implement-a-communication-plan">solid communication plan</a>&nbsp;among diverse stakeholders. These could include members of the security, executive, communications, legal and HR teams, as well as customers, third-party partners, law enforcement and the public.</li> </ol> <p>An incident response plan should generally include the following components:</p> <ul type="disc" class="default-list"> <li>A plan overview.</li> <li>A list of roles and responsibilities.</li> <li>A list of incidents requiring action.</li> <li>The current state of network infrastructure and security controls.</li> <li>Detection, investigation and containment procedures.</li> <li>Eradication procedures.</li> <li>Recovery procedures.</li> <li>The breach notification process.</li> <li>A list of post-incident follow-up tasks.</li> <li>A contact list.</li> <li>Incident response plan testing.</li> <li>Ongoing revisions.</li> </ul> </section> <section class="section main-article-chapter" data-menu-title="How to manage an incident response plan"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How to manage an incident response plan</h2> <p>The worst time to discover an incident response plan has holes is during a real security crisis, which makes ongoing testing critical. Experts advise organizations to perform regular simulations featuring diverse attack vectors, such as ransomware, malicious insiders and brute-force attacks.</p> <p>Many enterprises&nbsp;<a href="https://www.techtarget.com/searchsecurity/tip/How-to-conduct-incident-response-tabletop-exercises">conduct incident response tabletop exercises</a>&nbsp;to vet their plans. A discussion-based tabletop exercise involves talking through the specifics of an attack and the team's response. An operational tabletop exercise includes hands-on tasks, with enactment of relevant processes to see how they unfold.</p> <p><i>Use templates, </i><a href="https://cdn.ttgtmedia.com/rms/editorial/Incident_Response_Tabletop_Exercise_Template.docx"><i>such as this one</i></a><i>, to plan effective simulations.</i></p> <p>After both simulated and real security incidents, response teams should do the following:</p> <ul type="disc" class="default-list"> <li>Study what happened and identify lessons learned.</li> <li>Review&nbsp;<a href="https://www.techtarget.com/searchsecurity/tip/The-best-incident-response-metrics-and-how-to-use-them">key incident response metrics</a>&nbsp;-- e.g., mean time to detect, mean time to identify, mean time to respond, mean time to contain, total cost, etc. -- and analyze how metrics from the recent incident compare.</li> <li><a href="https://www.techtarget.com/searchsecurity/feature/Top-reasons-incident-response-plans-fail">Note any security gaps that emerged</a>.</li> <li>Recommend additional controls.</li> <li>Brainstorm ways to improve processes.</li> <li>Update the incident response plan accordingly.</li> </ul> <p>Remember, an incident response plan is not a set-it-and-forget-it proposition. It should continually evolve to reflect changes in the threat landscape, IT infrastructure and business environment. Experts recommend formal, comprehensive reassessments and revisions annually, at the very least.</p> </section> <section class="section main-article-chapter" data-menu-title="Incident response frameworks: Phases of incident response"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Incident response frameworks: Phases of incident response</h2> <p>Rather than reinventing the wheel, an organization building an incident response plan can refer to&nbsp;<a href="https://www.techtarget.com/searchsecurity/tip/Incident-response-frameworks-for-enterprise-security-teams">established incident response frameworks</a>&nbsp;for high-level guidance and direction.</p> <p>Well-known frameworks from NIST, ISO and SANS Institute differ slightly in their approaches, yet they each describe similar phases of incident response:</p> <ol type="1" start="1" class="default-list"> <li><b>Preparation/planning.</b>&nbsp;Build an incident response team and create policies, processes and playbooks; deploy tools and services to support incident response.</li> <li><b>Detection/identification.&nbsp;</b>Use IT monitoring to detect, evaluate, validate and triage security incidents.</li> <li><b>Containment.&nbsp;</b>Take steps to stop an incident from worsening and regain control of IT resources.</li> <li><b>Eradication.&nbsp;</b>Eliminate threat activity, including malware and malicious user accounts; identify any vulnerabilities the attackers exploited.</li> <li><b>Recovery.&nbsp;</b>Restore normal operations and mitigate relevant vulnerabilities.</li> <li><b>Lessons learned.&nbsp;</b>Review the incident to establish what happened, when it happened and how it happened. Flag security controls, policies and procedures that failed to meet expectations and identify ways to improve them. Update the incident response plan accordingly.</li> </ol> </section> <section class="section main-article-chapter" data-menu-title="Who is responsible for incident response?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Who is responsible for incident response?</h2> <p>Behind every great incident response program is a coordinated, efficient and effective&nbsp;<a href="https://www.techtarget.com/searchsecurity/definition/incident-response-team">incident response team</a>. After all, without the right people to support them and put them into practice, security policies, processes and tools mean very little. This cross-functional group consists of people from across the organization who are responsible for completing the steps and processes involved in incident response.</p> <h3>Types of incident response teams</h3> <p>The three most common types of incident response teams are computer security incident response team (<a href="https://www.techtarget.com/whatis/definition/Computer-Security-Incident-Response-Team-CSIRT">CSIRT</a>), computer incident response team (CIRT) and computer emergency response team (<a href="https://www.techtarget.com/whatis/definition/CERT-Computer-Emergency-Readiness-Team">CERT</a>).</p> <p>These acronyms are often used interchangeably in the field, and the teams generally have the same goals and responsibilities. One important note is that the name&nbsp;<i>CERT</i>&nbsp;is a registered trademark of Carnegie Mellon University, so companies must apply for authorization to use it.</p> <p>Another term commonly used in incident response team conversations is&nbsp;<i>security operations center</i>&nbsp;(<a href="https://www.techtarget.com/searchsecurity/definition/Security-Operations-Center-SOC">SOC</a>). A SOC encompasses the people, tools and processes that manage an organization's security program. While SOC teams might be responsible for incident response, it is not their sole task within an organization. SOC teams' duties can also include conducting asset discovery and management, keeping activity logs and ensuring regulatory compliance, among others.</p> <p><i>Learn more about&nbsp;</i><a href="https://www.techtarget.com/searchsecurity/tip/CERT-vs-CSIRT-vs-SOC-Whats-the-difference"><i>CSIRTs, CIRTs, CERTs and SOCs</i></a><i>.</i></p> <h3>Incident response team members</h3> <p>The&nbsp;<a href="https://www.techtarget.com/searchsecurity/feature/How-to-build-an-incident-response-team-for-your-organization">size of an incident response team and the members included</a>&nbsp;will vary based on the individual organization's needs. Some members could even fill multiple roles and responsibilities.</p> <p>In general, an incident response team consists of the following members:</p> <ul type="disc" class="default-list"> <li><b>Technical team.</b>&nbsp;This is the core incident response team of IT and security members who have technical expertise across company systems. It often includes an incident response manager, incident response coordinator, team lead, security analysts, incident responders, threat researchers and forensic analysts.</li> <li><b>Executive sponsor.</b>&nbsp;This is an executive or board member, often the CSO or CISO.</li> <li><b>Communications team.</b>&nbsp;This includes PR representatives and others who manage internal and external communications.</li> <li><b>External stakeholders.</b>&nbsp;Members include other employees or departments within the organization, such as IT, legal or general counsel, HR, PR, business continuity and disaster recovery, physical security and facilities teams.</li> <li><b>Third parties.</b>&nbsp;These external members might include security or incident response consultants, external legal representation, MSPs, managed security service providers, cloud service providers (CSPs), vendors and partners.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineImages/pillar_incident_response_team.png"> <img data-src="https://www.techtarget.com/rms/onlineImages/pillar_incident_response_team_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineImages/pillar_incident_response_team_mobile.png 960w,https://www.techtarget.com/rms/onlineImages/pillar_incident_response_team.png 1280w" alt="Graphic with text explaining how to build an incident response team" height="324" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>A well-developed incident response team is vital to ensuring incident response activities happen as planned. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <h3>What does an incident response team do?</h3> <p>The main goals of an incident response team are to detect and respond to security events and minimize their business impact. As such, team responsibilities largely align with the phases outlined in an incident response framework and plan. Team tasks include the following:</p> <ul type="disc" class="default-list"> <li>Prepare for and prevent security incidents.</li> <li>Create the incident response plan.</li> <li>Test, update and manage the incident response plan before use.</li> <li>Perform incident response tabletop exercises.</li> <li>Develop metrics to analyze program initiatives.</li> <li>Identify security events.</li> <li>Contain security events, quarantine threats and isolate systems.</li> <li>Eradicate threats, discover root causes and remove affected systems from production environments.</li> <li>Recover from threats and get affected systems back online.</li> <li>Conduct follow-up activities, including documentation, incident analysis and identifying how to prevent similar events and improve future response efforts.</li> <li>Review and update the incident response plan regularly.</li> </ul> <div class="extra-info"> <div class="extra-info-inner"> <h3 class="splash-heading">Interested in becoming an incident responder?</h3> <p>Incident response requires professionals with security skills who can execute tasks such as monitoring for vulnerabilities and taking appropriate measures when necessary. They must be able to analyze data to identify and assess the scope and urgency of incidents, as well as perform other duties. Incident responders might also report on trends, educate internal users and work with law enforcement.</p> <p>The incident responder role can be an exciting, albeit challenging, career. Incident responder jobs are in demand and can command sizeable salaries. The tradeoff, however, is that many incident responders work long hours under constant stress.</p> <p>Learn more about the&nbsp;<a href="https://www.techtarget.com/searchsecurity/feature/How-to-become-an-incident-responder-Requirements-and-more">incident responder career path</a>.</p> <p>Read up on&nbsp;<a href="https://www.techtarget.com/searchsecurity/tip/Top-incident-response-certifications-to-consider">incident response certifications</a>.</p> <p>Headed to an interview? Check out these&nbsp;<a href="https://www.techtarget.com/searchsecurity/feature/Top-5-incident-response-interview-questions">sample interview questions</a>.</p> </div> </div> </section> <section class="section main-article-chapter" data-menu-title="Incident response in the cloud"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Incident response in the cloud</h2> <p>As enterprise cloud use proliferates, the importance of including the cloud in incident response processes increases. The goals of cloud incident response are the same as in traditional incident response but with some caveats.</p> <p>Consider the shared responsibility model, for example. With on-premises applications, platforms and infrastructure, an organization's IT and security teams are generally responsible for all management and security tasks. With&nbsp;<a href="https://www.techtarget.com/whatis/SaaS-IaaS-PaaS-Comparing-Cloud-Service-Models">SaaS, PaaS and IaaS</a>, on the other hand, some or all responsibility shifts to CSPs. This can make incident detection and investigation more difficult or even impossible, depending on the deployment.</p> <p>Cloud incident response might also require new tools and skill sets, as well as a deeper knowledge of&nbsp;<a href="https://www.techtarget.com/searchsecurity/tip/Top-11-cloud-security-challenges-and-how-to-combat-them">cloud security incidents and threats</a>. Traditional tools might not work properly -- or at all -- in cloud environments. New tools and procedures not only add to what incident response teams must learn and manage but could also require extra budget.</p> <p><i>Learn more about&nbsp;</i><a href="https://www.techtarget.com/searchsecurity/tip/Cloud-incident-response-Frameworks-and-best-practices"><i>cloud incident response</i></a><i>, including the Cloud Security Alliance's framework and best practices for including the cloud in incident response programs.</i></p> </section> <section class="section main-article-chapter" data-menu-title="Incident response tools and technologies"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Incident response tools and technologies</h2> <p>As Benjamin Franklin once said, "The best investment is in the tools of one's own trade." In incident response, teams need a mix of tools and technologies -- many of which are likely already deployed in their security programs.</p> <p>To help decide which processes and tools will best prevent, detect, analyze, contain, eradicate and recover from incidents, many organizations rely on the military-derived&nbsp;<a href="https://www.techtarget.com/searchcio/definition/OODA-loop">OODA loop</a>, short for&nbsp;<i>observe</i>,&nbsp;<i>orient</i>,&nbsp;<i>decide</i>&nbsp;and&nbsp;<i>act</i>. This decision-making approach focuses on&nbsp;<a href="https://www.techtarget.com/searchsecurity/feature/Incident-response-tools-How-when-and-why-to-use-them">choosing incident response tools</a>&nbsp;that help teams gain visibility into systems, contextualize intelligence about threats, find the best response actions and carry out response.</p> <p>Typically categorized by their detection, prevention and response functionalities, incident response tools include the following:</p> <ul type="disc" class="default-list"> <li>Antimalware.</li> <li>Backup and recovery tools.</li> <li><a href="https://www.techtarget.com/searchcloudcomputing/definition/cloud-access-security-broker-CASB">Cloud access security broker</a>.</li> <li>Data classification tools.</li> <li><a href="https://www.techtarget.com/whatis/definition/data-loss-prevention-DLP">Data loss prevention</a>.</li> <li>DoS mitigation.</li> <li>Employee security awareness training.</li> <li>Endpoint detection and response.</li> <li>Firewalls.</li> <li>Forensic analysis.</li> <li>Intrusion prevention and detection systems.</li> <li>Security information and event management (<a href="https://www.techtarget.com/searchsecurity/definition/security-information-and-event-management-SIEM">SIEM</a>).</li> <li>Security orchestration, automation and response (SOAR).</li> <li>Vulnerability management.</li> </ul> <p>Managing all these tools can be a lot for a security team to handle.&nbsp;<a href="https://www.techtarget.com/searchsecurity/tip/Incident-response-automation-What-it-is-and-how-it-works">Automation in incident response</a>&nbsp;can help reduce alert fatigue, perform alert triage, automatically investigate and respond to threats, automate ticketing and alerting, conserve human efforts for higher-value activities, respond and resolve issues faster, automate case management and reporting, and save money. Automation and AI are becoming increasingly critical to defend against the increased velocity and volume of AI-enabled attacks.</p> <p>Contemplating whether to handle incident response in-house versus outsourcing some or all incident response duties? In-house incident response requires the proper staff, tools and budget. It's also important to consider the nature and complexity of the threats the organization faces. In some scenarios, in-house incident response might be the best bet. Organizations facing more serious threats, however -- or those that have multiple locations, each facing unique threats -- could be better served by outsourcing their incident response needs.</p> <p>Service providers often offer incident response services, such as the following, on retainer or on an emergency basis:</p> <ul type="disc" class="default-list"> <li>Managing threat detection and response.</li> <li>Providing threat prevention services.</li> <li>Conducting penetration tests and threat hunting.</li> <li>Assisting with media and PR management.</li> <li>Conducting root cause analysis.</li> <li>Conducting crisis management.</li> <li>Maintaining regulatory compliance.</li> </ul> <p><i>Get help deciding between deploying incident response in-house or employing a service provider, and read up on the&nbsp;</i><a href="https://www.techtarget.com/searchsecurity/feature/Top-10-incident-response-vendors"><i>leading incident response software, vendors and service providers</i></a><i>.</i></p> </section> <section class="section main-article-chapter" data-menu-title="Incident response and SOAR"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Incident response and SOAR</h2> <p><a href="https://www.techtarget.com/searchsecurity/definition/SOAR">SOAR</a> is a collection of technologies that, when combined, help security teams aggregate, analyze, detect and respond to security events with little or no human input. The main functions of each component of SOAR are outlined below:</p> <ul type="disc" class="default-list"> <li><b>Security orchestration.&nbsp;</b>This function connects and integrates internal and external tools through built-in or custom integrations and APIs. It collects and consolidates data from various tools to trigger response functions, based on defined incident analysis parameters and processes.</li> <li><b>Security automation.</b>&nbsp;This function uses the data collected during security orchestration to trigger workflows and tasks based on defined thresholds and actions outlined in incident response playbooks. SOAR platforms can automatically remediate lower-risk vulnerabilities and complete low-level tasks historically performed by human analysts, such as vulnerability scanning. High-risk threats also can automatically escalate to security analysts for further investigation.</li> <li><b>Security response.</b>&nbsp;Delivered via a single view, this function enables security, network and systems analysts to access and share threat intelligence, collaborate and conduct post-incident response activities.</li> </ul> <p>SIEM systems' operations are <a href="https://www.techtarget.com/searchsecurity/answer/SOAR-vs-SIEM-Whats-the-difference">similar to</a> those of SOAR platforms, but SIEMs focus primarily on detection and alerting, with limited automation capabilities.</p> <p>SOAR platforms&nbsp;<a href="https://www.techtarget.com/searchsecurity/tip/Top-6-SOAR-uses-cases-to-implement-in-enterprise-SOCs">augment human analysts</a>&nbsp;with threat intelligence coordination, case management, vulnerability management, automated enrichment for remediation, threat hunting and incident response automation. In these use cases, SOAR platforms help improve productivity; automate repetitive, tedious and low-importance tasks; use existing security tools better and more contextually; and improve third-party tool integration, among other benefits. SOAR platforms aren't without challenges, however. Namely, SOARs might not be able to integrate with all security tools easily or at all, do not address security culture within an organization and could fail to live up to inflated user expectations.</p> <p><i>Learn more about the&nbsp;</i><a href="https://www.techtarget.com/searchsecurity/feature/Top-benefits-of-SOAR-tools-plus-potential-pitfalls-to-consider"><i>benefits and challenges of SOAR systems</i></a><i>.</i></p> </section> <section class="section main-article-chapter" data-menu-title="Incident response: Don't wait for an attack to occur"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Incident response: Don't wait for an attack to occur</h2> <p>Incident response is a cornerstone of any enterprise cybersecurity program; its importance cannot be overstated. Quickly responding to security incidents effectively and efficiently helps minimize damage, improve recovery time, restore business operations and avoid high costs.</p> <p>But as Benjamin Franklin would attest, "Look before or you'll find yourself behind." In other words, prevention is key. A well-thought-out incident response plan and top-notch incident response team will prepare organizations for when the inevitable happens. But the first line of defense should always be keeping networks and data safe, as well as ensuring users are empowered and security-aware.</p> <p><i>Alissa Irei is senior site editor of TechTarget Security.</i></p> <p><i>Sharon Shea is executive editor of TechTarget Security.</i></p> </section> Incident response is an organized, strategic approach to detecting and managing cyberattacks in ways that minimize damage, recovery time and total costs. https://cdn.ttgtmedia.com/visuals/digdeeper/4.jpg https://www.techtarget.com/searchsecurity/definition/incident-response Wed, 10 Jun 2026 00:00:00 GMT <p>The HPE Discover 2026 conference returns to Las Vegas from June 15 to 18. The event will focus on three programs: networking, cloud and AI.</p> <p>HPE President and CEO Antonio Neri is expected to deliver the opening keynote, focusing on how HPE plans to power the next generation of agentic enterprises. Other expected speakers include HPE executives Fidelma Russo, Neil MacDonald, Dan Prorok and many more.</p> <p>This guide to HPE Discover 2026 will have live news coverage from the conference floor. Check out the latest HPE news below to prepare for the 2026 conference.</p> Use this guide to stay up to date on the latest from HPE. Stay tuned for live news updates from the HPE Discover 2026 conference, taking place in Las Vegas from June 15 to 18. https://www.techtarget.com/searchstorage/conference/HPE-Discover-news-and-conference-guide Tue, 09 Jun 2026 16:30:00 GMT <p>Long live the citizen developer -- just don't confuse empowerment with anarchy.</p> <p><a href="https://www.techtarget.com/searchsoftwarequality/definition/citizen-development">Citizen development</a> is not new. Low-code and no-code tools have long enabled employees outside IT to contribute to the cause by building small apps, dashboards and workflow automations.</p> <p>But those tools still required some level of technical comfort. A business user needed to understand the platform, the workflow, the components and the limits of what the tool could reasonably do.</p> <p>What has changed is the arrival of <a href="https://www.techtarget.com/searchenterpriseai/tip/Citizen-developers-are-redefining-enterprise-AI-development">generative AI inside the citizen development model</a>.</p> <p>Business users in HR, ERP, CX, finance, operations and other areas can now use natural language prompts to help create applications, tools, automations, agents and workflows. They use their words, and AI helps handle more of the underlying logic or code structure.</p> <p>Simple, right?</p> <p>Yes and no.</p> <section class="section main-article-chapter" data-menu-title="GenAI changes the citizen developer equation"> <h2 class="section-title"><i class="icon" data-icon="1"></i>GenAI changes the citizen developer equation</h2> <p>The barrier has shifted from "Who can code?" or "Who knows how to use the low-code tool?" to "Who understands the problem well enough to describe what should be built?"</p> <p>That is a real change. It gives business users of all kinds and technical abilities more room to take ideas and put them into action.</p> <p>On one hand, that strengthens one of the chief promises of citizen development: moving problem-solving closer to the work.</p> <p>A team can automate a local bottleneck, build a simple tool, test an idea or support a routine decision without forcing every request through a central IT backlog. That matters because business users often know the annoying handoff, spreadsheet workaround, reporting gap or approval delay better than anyone else.</p> <p>But the same shift also raises the stakes.</p> <p>AI-powered citizen development is not just about shortcuts. The tools and outputs citizen developers create can touch important organizational information, including customer data, employee data, financial workflows, operational decisions and business-critical systems.</p> <p>That makes it essential for the enterprise to know what a tool can access, what it can change, who owns it and when it needs review. Otherwise, business-user innovation can turn into a new layer of shadow AI.</p> <p>The goal should not be to shut citizen developers down. It should be to give them room to build without letting useful local tools drift outside the governance, security and compliance boundaries of the enterprise itself.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/cloudcomputing-all_hail_and_beware_citizen_developers-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/cloudcomputing-all_hail_and_beware_citizen_developers-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/cloudcomputing-all_hail_and_beware_citizen_developers-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/cloudcomputing-all_hail_and_beware_citizen_developers-f.png 1280w" alt="Illustration showing the pros and cons of citizen developers, including speed, less IT investment, governance challenges, risk of IT sprawl and security concerns." height="358" width="559"> <figcaption> <i class="icon pictures" data-icon="z"></i>Generative AI expands what citizen developers can build, but it also raises the stakes around governance, security, data access and ownership. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> </section> <section class="section main-article-chapter" data-menu-title="Shadow AI is the reason for a real program"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Shadow AI is the reason for a real program</h2> <p>That is why shadow AI matters here.</p> <p>Business users are not going to stop experimenting just because IT has not built a formal program around citizen AI. If the tools are easy enough to use, the business pressure is strong enough and the backlog is long enough, people will find ways to solve their own problems.</p> <p>Sometimes that is exactly where useful innovation starts.</p> <p>But it can also create a mess.</p> <p>A team might build an AI tool that solves a local problem but connects to sensitive data. Another team might build something similar in a different platform. A workflow might start as a personal productivity shortcut and quietly become part of how a department does real work. No one may know who owns it, what data it uses, whether it is secure or what happens if it breaks.</p> <p>That is the shadow IT problem in a new form. Only now, it is shadow AI.</p> <p>An official citizen development program is one way to bring that work into the open. The point is not to smother business-user creativity. It is to make sure useful local experimentation happens inside a model the enterprise can see, govern and support.</p> <p>In that sense, a citizen AI program is not just an innovation program. It is also a visibility program.</p> <div class="extra-info"> <div class="extra-info-inner"> <p></p> <h3 class="splash-heading">Mind the gap between AI demos and real use</h3> <p><a href="https://www.techtarget.com/searchenterpriseai/definition/agentic-AI">Agentic AI</a> is still moving through the awkward space between demo, pilot and everyday production use.</p> <p>The market is full of big promises. Some vendor demos show AI agents handling customer, service or operational tasks that look almost finished. In practice, some of those capabilities are still being tested, limited to narrow use cases or waiting on technical, compliance or organizational approvals.</p> <p>That does not mean agentic AI is fake. It means <a href="https://gizmodo.com/salesforce-has-an-ai-vaporware-problem-2000762993" target="_blank" rel="noopener">adoption is uneven</a>.</p> <p>Some companies are still trying to move from marketing story to production workflow. Others are seeing useful results in narrower areas where the task is well defined, the data is available and the risk is manageable.</p> <p>That gap matters for citizen development programs. Business users should not be encouraged to build around the most ambitious AI demo. They should be encouraged to start with specific work that can be tested, governed, supported and improved.</p> <p>The lesson is simple: Build for actual use, not the stage presentation.</p> </div> </div> </section> <section class="section main-article-chapter" data-menu-title="Citizen AI needs a program, not a free-for-all"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Citizen AI needs a program, not a free-for-all</h2> <p>In practical terms, citizen development programs should borrow from what enterprises have learned -- often the hard way -- about AI adoption over the last few years.</p> <p>That means a common data foundation, appropriate governance, security and compliance practices, narrow use cases, interoperability and, increasingly, orchestration. Otherwise, AI tools, agents, workflows and automations can start to conflict with one another or drift outside the boundaries of the business.</p> <p>Human oversight matters too.</p> <p>That does not make citizen development any less useful. In many organizations, data science, AI and IT teams are already overwhelmed with requests. They cannot build every useful AI application, agent or workflow that a business team wants. Citizen development programs can help relieve that pressure, as long as the company is clear about what business users can build, what data they can touch and when IT needs to step in.</p> <p>Critical functions -- even those first identified or prototyped by business users -- should still fall under IT's domain. That is how a useful local tool becomes an asset for the company instead of a liability.</p> <p><a href="https://www.techtarget.com/searcherp/podcast/Using-a-citizen-developer-program-to-boost-AI-deployments">Ducker Carlisle offers a useful example</a>. The consulting firm started a citizen developer program after its data science and AI specialists were overwhelmed with requests for AI applications. About 80 of its 200 employees volunteered to take part, with participants spread across research, sales, HR, finance and other departments. The resulting AI apps automated dozens of tasks, cut operating costs by 3% and freed IT staff for other projects, according to the company.</p> <p>That shows the benefit of a citizen development program when it is implemented with forethought and guardrails. Business users are not enterprise software engineers, and they should not be asked to act like they are.</p> <p>The goal is more modest and more realistic: Let business users build useful AI agents and workflows that automate specific tasks and support the human workforce.</p> <p>This is not a free-for-all. Business users are not being asked to create full enterprise software with service-level agreements, production infrastructure and all the engineering discipline that comes with that.</p> <p>Citizen AI should not turn employees into software vendors. It should give business users room to solve problems close to the work, while IT keeps a path for successful or critical tools to become real enterprise assets.</p> </section> <section class="section main-article-chapter" data-menu-title="Citizen AI works best as a pressure-release valve"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Citizen AI works best as a pressure-release valve</h2> <p>That staged model matters.</p> <p>Business users can build useful local AI tools. Then the company can decide which ones should stay local, which ones need review and which ones are important enough for IT to adopt, rebuild or support as company assets.</p> <p>A local AI tool might address a narrow workflow, a repeated task or a small automation need. Enterprise software has a much larger purview. It needs stronger ownership, support, security, infrastructure, integration, documentation and accountability.</p> <p>That is where IT should step in: when a tool gets popular, touches sensitive data, changes a workflow, affects customers, performs a critical function or starts to look like something the business now depends on.</p> <p>Citizen AI works best as a pressure-release valve for business demand, not as a substitute for enterprise software discipline.</p> <blockquote class="main-article-pullquote"> <div class="main-article-pullquote-inner"> <figure> Citizen AI works best as a pressure-release valve for business demand, not as a substitute for enterprise software discipline. </figure> <i class="icon" data-icon="z"></i> </div> </blockquote> <p>That is the practical middle ground.</p> <p>The enterprise should not pretend citizen developers are not going to use AI. It also should not pretend every business-built tool belongs in production. The point is to give business users a sanctioned way to solve real problems, while making sure useful local tools can be seen, reviewed and supported when they become important.</p> <p>That is a healthier model than waiting for shadow AI to spread and then trying to clean it up later.</p> <p>The promise of citizen AI is not that every employee becomes a developer. The promise is that more of the people closest to the work can help improve it.</p> <p>That is worth encouraging. Just not as a free-for-all.</p> <p><i>James Alan Miller is a veteran technology editor and writer who leads Informa TechTarget's Enterprise Software group. He oversees coverage of ERP &amp; Supply Chain, HR Software, Customer Experience, Communications &amp; Collaboration and End-User Computing topics.</i></p> </section> Generative AI expands what citizen developers can build, making formal programs more important as business users create tools closer to real work. https://cdn.ttgtmedia.com/rms/onlineimages/code_g684641103.jpg https://www.techtarget.com/searcherp/feature/Citizen-developers-move-AI-closer-to-the-work Tue, 09 Jun 2026 16:06:00 GMT <p>Enterprise-class organizations have long acknowledged that modern IT environments are far too dynamic and distributed to manage and maintain manually. However, traditional automation also has its limits. Automation was initially used to eliminate repetitive tasks while also <a href="https://www.techtarget.com/searchitoperations/feature/Benefits-and-challenges-of-IT-automation">reducing the potential for human error</a>. However, this type of automation is largely compliance-agnostic.</p> <p>This is where policy-based automation comes into play. Policy-based automation is an approach in which a predetermined set of policies and rules ultimately determines the automation engine's behavior. To put it another way, traditional automation centers on <a href="https://www.techtarget.com/searchitoperations/tip/Tasks-to-automate-today-to-streamline-IT-operations">automating tasks</a>; policy-based automation automates decision-making processes based on the rules that have been established.</p> <section class="section main-article-chapter" data-menu-title="Policy-based automation and its core components"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Policy-based automation and its core components</h2> <p>Although each vendor has its own approach to policy-based automation, the available tools tend to be based around the same basic, high-level components.</p> <p><b>Rules.</b> These define the system's behavior and acceptable outcomes. Rules might be based around security policies, <a href="https://www.techtarget.com/searchitoperations/definition/compliance-automation">compliance mandates</a>, resource allocation goals or desired state configurations.</p> <p><b>Automation engine.</b> Sometimes called an <i>orchestrator</i>, this is the component that actually performs the automated tasks.</p> <p><b>Monitoring and telemetry.</b> These tools <a href="https://www.techtarget.com/searchitoperations/feature/Compare-8-tools-for-IT-monitoring">monitor the organization's IT infrastructure</a> in real time and detect situations that would warrant invoking automation. If the monitoring mechanism detected configuration drift, for example, it would likely invoke a rule to bring the system back into compliance.</p> <p><b>Enforcement mechanism.</b> The enforcement mechanism's job is to make sure that systems remain compliant with the policies that have been established. Think of it as a <a href="https://www.techtarget.com/searchitoperations/definition/What-is-an-automated-script">script</a>, a workflow or a set of instructions that can be used to achieve a desired outcome.</p> <p>For example, if the tool's monitoring engine detects <a target="_blank" href="https://www.solarwinds.com/resources/it-glossary/configuration-drift" rel="noopener">configuration drift</a>, and a rule indicates that the affected system must be configured in a specific way, the automation engine ultimately will reconfigure it. But it can't do it by itself; the enforcement mechanism must tell the automation engine how to fix the problem.</p> <p><b>Auditing and reporting engine.</b> Even though a policy-based automation system is designed to help with compliance, the tool itself must also be compliant with any applicable regulations. As such, auditing and reporting capabilities ensure transparency and provide the information that is required during compliance audits.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/comparing_automation_and_orchestration_how_they_work-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/comparing_automation_and_orchestration_how_they_work-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/comparing_automation_and_orchestration_how_they_work-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/comparing_automation_and_orchestration_how_they_work-f.png 1280w" alt="Table comparing automation and orchestration goals, scope, intervention, compatibility, customization and human factor." height="380" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Traditional IT automation focuses on task automation, but policy-based automation orchestrates workflows based on established rules. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> </section> <section class="section main-article-chapter" data-menu-title="What makes policy-based automation different?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What makes policy-based automation different?</h2> <p>Traditional automation typically focuses on automating individual tasks. These types of tools generally revolve around a collection of scripts, which can be somewhat static and often lack any sort of transparency.</p> <p>The big thing that makes policy-based automation different from traditional automation is that it is designed to automate decisions, not just tasks -- although it can perform task automation, too. It does this by using a collection of rules to determine intent and continuously enforces governance based on those rules.</p> <p>Another factor that makes policy-based automation different from more general-purpose automation tools is that it <a href="https://www.techtarget.com/searchitoperations/tip/Apply-policy-as-code-best-practices-to-reap-benefits">incorporates policy as code</a>. PaC is similar to infrastructure as code (<a href="https://www.techtarget.com/searchitoperations/definition/Infrastructure-as-Code-IAC">IaC</a>) but focuses on using machine-readable code to define policies. In many products, PaC is used to define the rules, while the tool as a whole operationalizes and enforces the rules.</p> <div class="extra-info"> <div class="extra-info-inner"> <h3 class="splash-heading">Why policy-based automation matters</h3> <p>Modern IT environments experience constant configuration changes and generate <a href="https://www.techtarget.com/searchitoperations/video/The-observability-tax-AI-and-the-SaaSpocalypse">massive amounts of telemetry data</a>. Without automated policy enforcement, configuration drift and security holes would become inevitable. More importantly, compliance would be enforced inconsistently across the organization, potentially leading to costly regulatory fines.</p> </div> </div> </section> <section class="section main-article-chapter" data-menu-title="Benefits of policy-based automation"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Benefits of policy-based automation</h2> <p>When properly implemented, policy-based automation can provide enterprises with several benefits, including the following:</p> <ul class="default-list"> <li>Improved operational consistency.</li> <li><a href="https://www.techtarget.com/searchitoperations/tip/Ways-to-achieve-rapid-IT-incident-resolution">Faster incident response</a>.</li> <li>Enhanced security and compliance.</li> <li><a href="https://www.techtarget.com/searchitoperations/tip/Top-IT-governance-best-practices">Better governance</a> and auditability.</li> <li>Lower operational costs.</li> </ul> </section> <section class="section main-article-chapter" data-menu-title="Implementation challenges"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Implementation challenges</h2> <p>There can be any number of challenges associated with implementing policy-based automation. Some might stem <a href="https://www.techtarget.com/searchitoperations/tip/IT-automation-challenges-and-how-to-overcome-them">from the automations themselves</a>, though others might revolve around the organization as a whole.</p> <p>Consider these potential challenges:</p> <ul class="default-list"> <li><b>Automation errors.</b> If created incorrectly, automations could cause bottlenecks, generate false positives or prove to be incompatible with legacy infrastructure.</li> <li><b>Policy sprawl.</b> Over time, an organization might accumulate redundant or overlapping policies. Worse yet, it might create contradictory policies that lead to inconsistent enforcement.</li> <li><b>Skills gaps.</b> IT teams seeking to implement policy-based automation will need expertise in IaC, policy engines, cloud governance and automation frameworks. As such, providing the <a href="https://www.techtarget.com/searchitoperations/feature/IT-skills-development-strategies-to-close-gaps-in-IT-ops">IT staff with the necessary training</a> is critical.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/it_automations_benefits_and_challenges-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/it_automations_benefits_and_challenges-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/it_automations_benefits_and_challenges-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/it_automations_benefits_and_challenges-f.png 1280w" alt="Table comparing IT automation's benefits and challenges." height="336" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Though IT automation can improve areas such as operational efficiency and compliance, be wary of its pitfalls and challenges. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> </section> <section class="section main-article-chapter" data-menu-title="Getting started with policy-based automation"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Getting started with policy-based automation</h2> <p>For those just getting started with policy-based automation, it is unrealistic to expect to automate the entire organization all at once. Instead, begin by implementing policy-based automation in areas where it will deliver the highest impact, such as patch management, <a href="https://www.techtarget.com/searchcloudcomputing/feature/Cloud-cost-management-strategies-for-upcoming-volatile-decade">cloud cost controls</a> or configuration drift remediation.</p> <p>As the organization <a href="https://www.techtarget.com/searchitoperations/tip/Steps-to-develop-your-IT-automation-strategy">works toward full implementation</a>, it is important to define clear objectives and establish a way of measuring outcomes. This might involve looking at metrics such as mean time to resolution, compliance adherence rates or operational cost savings. The important thing to remember is that the metrics the organization chooses to monitor should align with its stated goals and objectives.</p> <p><em>Brien Posey is a former 22-time Microsoft MVP and a commercial astronaut candidate. In his more than 30 years in IT, he has served as a lead network engineer for the U.S. Department of Defense and a network administrator for some of the largest insurance companies in America.</em></p> </section> IT environments are more complex than ever, and traditional automation might not be enough. IT leaders should consider policy-based automation for operational consistency, governance and incident response. https://cdn.ttgtmedia.com/rms/onlineimages/container_g1294273513.jpg https://www.techtarget.com/searchitoperations/tip/Why-policy-based-automation-matters-for-todays-IT-operations Tue, 09 Jun 2026 14:13:00 GMT <p>Bitcoin and the cryptocurrency market has always been speculative and volatile. But a recent crypto collapse is cause for concern for CIOs.</p> <p>Cryptocurrency value fluctuations are an all-too-common occurrence, happening at various points for any number of different reasons. The concept of a <a href="https://www.techtarget.com/whatis/feature/Crypto-winter-explained-Everything-you-need-to-know">crypto winter</a>, a downturn for the cryptocurrency market first emerged in 2022 when popular cryptocurrencies declined steeply in value.</p> <p>In 2025 another crypto winter season emerged. BitCoin's value rose sharply in 2025, reaching an <a href="https://www.techtarget.com/whatis/feature/Why-is-cryptocurrency-rising-and-bitcoin-at-an-all-time-high">all-time high of $126,000</a> in October. By late November, it had crashed to around $84,000. The decline wiped out nearly $800 billion in value from Bitcoin alone, with the total crypto market cap falling from approximately $4.2 trillion to $3.2 trillion.</p> <p>Early June 2026 saw another crash, with Bitcoin falling <a href="https://www.bloomberg.com/news/articles/2026-06-03/bitcoin-s-break-with-tech-widens-as-strategy-s-sale-feeds-rout">as much as 4%</a> to $64,692. The token has now lost more than 25% of its value this year. The recent slide was prompted by Strategy Inc., which sold off about $2.5 million worth -- a drop in the financial ocean -- but which kickstarted a slide that wiped $160 billion wiped off Bitcoin’s market value.&nbsp;&nbsp;</p> <p>The Bitcoin price drop affects more than investment portfolios. It has the potential to affect enterprise balance sheets, <a href="https://www.techtarget.com/searcherp/feature/Enterprise-software-at-scale-risk-governance-stability">vendor stability</a> and blockchain initiatives that may have looked viable prior to the price decline.</p> <p>For CIOs, the crypto collapse is cause for concern and <a href="https://www.techtarget.com/searchcio/feature/it-leadership-tips-for-cios">strategic reflection</a>. Organizations need to assess exposure, stress-test strategies and determine which blockchain initiatives still make sense under new market realities.</p> <section class="section main-article-chapter" data-menu-title="Crypto collapse causes"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Crypto collapse causes</h2> <p>The recent crypto crashes stem from multiple converging factors that led to an overall decline in value.</p> <p>The most obvious reason for the value drop is the decline in price for many cryptocurrencies including, but not limited, to Bitcoin. There are several factors at play in the price decline.</p> <h3>Fundamental weaknesses</h3> <p>There are fundamental weaknesses that made crypto vulnerable, according to Matt Green, associate professor at Johns Hopkins University.</p> <p>"I think crypto became very frothy after the 2024 election when it seemed like regulatory headwinds would be eased," Green said.</p> <p>Regulations in the U.S. have eased somewhat since the election. The U.S. enacted the Guiding and Establishing National Innovation for U.S. Stablecoins Act (<a target="_blank" href="https://www.congress.gov/bill/119th-congress/senate-bill/1582/text" rel="noopener">GENIUS Act</a>) that brought a <a href="https://www.techtarget.com/whatis/feature/GENIUS-Act-explained-How-it-will-affect-the-crypto-industry">new regulatory framework</a> for the use of stablecoins in the U.S. However, the problem for crypto isn't regulatory, it's that the technology needs real-world use cases, Green said.</p> <p>"Since those [use cases] haven't been found yet, that makes it very vulnerable to short term crashes like the one happening now," he said. "With that said, I've watched this happen half a dozen times and so I just don't worry about it too much."</p> <h3>Macroeconomic concerns</h3> <p>Many broad macroeconomic concerns have also affected crypto. Stubbornly static interest rates that haven't fallen at expected rates is one concern.</p> <p>Tensions emerging from the U.S.-Iran war also affect the overall economy. Finally, inflation uncertainty affects market sectors and could divert capital from speculative assets.</p> <h3>Unwinding amplified losses</h3> <p>Technical failures in <a href="https://www.techtarget.com/searchcio/feature/Sell-America-Why-CIOs-should-examine-the-recent-market-selloff">volatile markets</a> create cascading effects, according to David Brill, managing director at FTI Consulting.</p> <p>&nbsp;"In the past, during highly volatile markets, performance issues with price oracles have led to cascades of forced selling and rapid unwinding of leveraged derivative positions," Brill said.</p> </section> <section class="section main-article-chapter" data-menu-title="Why CIOs should care"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Why CIOs should care</h2> <p>While many consider crypto currencies to be a financial instrument, the 2025 and 2026 crashes could affect IT organizations in ways that go beyond treasury holdings or speculative investments. Enterprise <a href="https://www.techtarget.com/searchcio/feature/What-are-the-4-different-types-of-blockchain-technology">blockchain initiatives</a>, vendor relationships and technology dependencies all face new scrutiny as token values decline.</p> <p>This means that there are several reasons why CIOs should care about the crypto decline.</p> <ul class="default-list"> <li><i>Business models tied to token economics become fragile. </i>The collapse is an obvious concern if a business initiative is tightly tethered to the price of a cryptocurrency, according to Green. A business's long-term goals should not rely on the value of speculative assets.</li> <li><i>Digital-asset exposure affects balance sheets.</i> Companies holding crypto in treasury or partnering with crypto firms face unrealized losses or mark-to-market volatility. Volatile markets cause portfolios to be temporarily mispriced due to pricing errors, according to Brill.</li> <li><i>Vendor and partner risk increases. </i>Service providers in fintech, payments or blockchain may face financial stress, workforce cuts or reduced product support. Organizations &nbsp;should conduct <a href="https://www.techtarget.com/searchcio/feature/What-the-Global-Risks-Report-means-for-CIOs">third-party risk assessments</a> of blockchain vendors and obtain proof of reserves or insurance, Brill said.</li> <li><i>Not all blockchain initiatives are at risk. </i>CIOs shouldn’t be the ones deciding on an organization’s <a href="https://www.computerweekly.com/news/366632063/Global-payments-network-Swift-builds-blockchain-capability">digital asset strategy</a>, said Martha Bennett, VP and principal analyst at Forrester. However, they need to be at the table in order to ensure that organizations make the appropriate technology choices, but digital asset strategies must come from the business.</li> </ul> </section> <section class="section main-article-chapter" data-menu-title="Key strategic questions for CIOs"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Key strategic questions for CIOs</h2> <p>In light of the downturn, technology leaders need to ask some strategic questions about their organization's <a href="https://www.techtarget.com/searchcio/definition/blockchain">blockchain</a> and digital asset posture. Key questions fall into a series of areas including:</p> <p><b>What are the technical dependencies? </b>Identifying critical infrastructure is essential, Brill said.</p> <p>"CIOs should ask what technology dependencies the company has concerning custodians, oracles, nodes, stablecoin issuers and layer-2 protocols," Brill said. "It's good practice to check with custodians, node operators and other blockchain vendors to determine whether and how they are affected by such events."</p> <p><b>What is the state of operational preparedness?</b><i> </i>Scenario planning is vital and CIOs should ask if the IT team has tested the organization's <a href="https://www.techtarget.com/searchcio/feature/If-technology-breaks-can-you-keep-your-business-running">private key and incident response</a> in scenarios that involve bridge exploits or exchange insolvencies, Brill said.</p> <p>"Can the CIO and team migrate each production or pilot project to a permissioned or hybrid environment within 30 to 60 days if public chains become too volatile or costly?" he said.</p> <p><b>What are the business case assumptions?</b> CIOs should determine if existing blockchain strategies still hold under new market assumptions or were they dependent on continued asset appreciation, Bennett said. &nbsp;</p> <p>The most serious and advanced initiatives around using blockchain for capital markets infrastructure or <a href="https://www.techtarget.com/searchsecurity/feature/CISO-role-in-ASM-could-add-runtime-security-tokenization">asset tokenization</a> aren't tied with what's happening with cryptocurrencies, he said.</p> <p><b>How was due diligence done on technology choices?</b><i> </i>It's critical to review architecture and governance decisions and CIOs should consider remedial due diligence, Bennett said.</p> <p>&nbsp;"If there's any doubt that appropriate due diligence took place at the time a particular public blockchain was chosen, now's the time to do the remedial work," she said. "Review the technology architecture, the governance and the token economics."</p> </section> <section class="section main-article-chapter" data-menu-title="What to monitor going forward"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What to monitor going forward</h2> <p>CIOs should expect market volatility with any type of speculative asset. It's critical to track these indicators to anticipate further instability or identify stabilization. For example, CIOs should not view crypto in isolation and track market correlation, not just crypto prices, Green said.</p> <p>"Many people view crypto as a countercyclical asset that can be used to ward off volatility in the regular stock market," he said. "But in practice it just seems to mirror regular stocks, just with added volatility. So if the markets or the economy aren't looking so hot, crypto seems like a risky bet."</p> <p>It's important to watch for operational stress signals, Brill said, including these identifies a series of specific indicators:</p> <ul class="default-list"> <li><i>Stablecoin movements</i>. Net outflows of stablecoins from crypto exchanges can&nbsp; indicate institutions derisking.</li> <li><i>System failures</i>. A spike in crypto-related exploits, exchange outages or pauses and bridge exploits can indicate heightened operational risks.</li> <li><i>Leverage indicators</i>. Increased daily liquidation volumes may indicate systemic leverage risk.</li> <li><i>Regulatory actions</i>. CIOs should watch for regulatory actions taken against infrastructure providers, stablecoin issuers or blockchain protocols that the organization interacts with.</li> </ul> </section> <section class="section main-article-chapter" data-menu-title="Practical actions for CIOs"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Practical actions for CIOs</h2> <p>Technology leaders should move beyond assessment to concrete action and take the following steps:</p> <ul class="default-list"> <li><i>Build governance infrastructure</i>. Organizations should build formal governance and compliance programs, according to Steve McNew, senior managing director at FTI Consulting. CIO's should work closely with counsel and digital assets experts to establish a framework.</li> <li><i>Test incident response capabilities.</i> Brill recommends operational drills for private key management and <a href="https://www.techtarget.com/searchsecurity/feature/5-critical-steps-to-creating-an-effective-incident-response-plan">incident response playbooks</a>, particularly for scenarios involving bridge exploits or exchange insolvencies. Organizations should validate their ability to respond before a crisis hits.</li> <li><i>Secure vendor commitments</i>. IT leaders get concrete assurances from vendors, Brill said. They should conduct third-party risk assessments of blockchain vendors and get proof of reserves or insurance if there are concerns about the viability of vendors.</li> <li><i>Review existing blockchain choices</i>. Remedial due diligence is important if there's any doubt that appropriate due diligence took place at the time a particular public blockchain was chosen, Bennett said. CIOs should review the technology architecture, the governance and the <a href="https://www.techtarget.com/searchcio/feature/Tokenmaxxing-How-CIOs-extract-maximum-value-AI-tokens">token economics</a>.</li> </ul> <p><i>Sean Michael Kerner is an IT consultant, technology enthusiast and tinkerer. He has pulled Token Ring, configured NetWare and been known to compile his own Linux kernel. He consults with industry and media organizations on technology issues.</i></p> </section> In the wake of the 2026 crypto collapse, CIOs must reassess blockchain initiatives, vendor stability, technical dependencies, preparedness and governance priorities. https://cdn.ttgtmedia.com/rms/onlineimages/money_g972609480.jpg https://www.techtarget.com/searchcio/feature/What-CIOs-Need-to-Know-About-the-2025-Crypto-Collapse Tue, 09 Jun 2026 11:00:00 GMT <p>The popularity of cryptocurrency exchange platform FTX rose rapidly after it was launched in 2019. However, FTX came crashing down in November 2022.</p> <p><a href="https://www.techtarget.com/whatis/definition/cryptocurrency">Cryptocurrency</a> has become popular for investments and sending payments to other people and merchants. Cryptocurrencies differ from <a href="https://www.techtarget.com/whatis/feature/Compare-NFTs-vs-cryptocurrency-vs-digital-currency">other digital currencies</a> because they are encrypted and use <a href="https://www.techtarget.com/searchcio/definition/blockchain">blockchain</a> technology to track transactions.</p> <p>Cryptocurrency coins quickly increased in value, such as the Shiba Inu coin's <a href="https://www.fool.com/investing/2022/06/14/shiba-inu-turned-3-to-1-million-2021-do-it-again/" target="_blank" rel="noopener">45 million percent increase</a> in 2021.</p> <p>One way to get cryptocurrency is to open an account on a digital trading platform, which lets people buy one coin and trade for another. Through the trading platform, people can also convert cryptocurrency into cash or fiat currency.</p> <p>Until late 2022, FTX was one of these trading platforms. Sam Bankman-Fried started FTX in 2019. Customers began opening accounts on FTX to trade and buy cryptocurrency, and top venture capital investors started pouring in. By January 2022, the company was worth $32 billion.</p> <p>However, that came to an end in November 2022. What first appeared to be an accounting oversight turned out to be major fraud, and billions of dollars were lost by customers and investors. It was discovered that customer funds went to accounts controlled by Alameda Research -- a cryptocurrency trading firm headquartered in Hong Kong -- instead of FTX. After this revelation, FTX began to unravel.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/2022_ftx_collapse_timeline-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/2022_ftx_collapse_timeline-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/2022_ftx_collapse_timeline-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/2022_ftx_collapse_timeline-f.png 1280w" alt="Timeline image showing the important dates of the FTX collapse." height="336" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>The timeline of the FTX collapse. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <section class="section main-article-chapter" data-menu-title="What is FTX?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What is FTX?</h2> <p>FTX was one of the largest digital currency exchange platforms for buying and selling cryptocurrencies. As more people invested in cryptocurrencies, they turned to these platforms because they provided a digital wallet to store cryptocurrencies directly in a personal account. Customers could also store cryptocurrencies on their own by creating a crypto wallet either using software or hardware, which is not part of the platform.</p> </section> <section class="section main-article-chapter" data-menu-title="The growth of FTX"> <h2 class="section-title"><i class="icon" data-icon="1"></i>The growth of FTX</h2> <p>Soon after its inception, FTX quickly rose to dominate its market through high-profile acquisitions of struggling competitors, such as Liquid Global, LedgerX and Blockfolio. FTX used aggressive marketing campaigns, such as Super Bowl ads, celebrity endorsements and naming rights to the Miami Heat's arena. These marketing campaigns promised that people could put their money in these accounts and earn higher yields than the average bank.</p> <p>Cryptocurrency began to boom in early 2021 and the price of <a href="https://www.techtarget.com/whatis/definition/Bitcoin">Bitcoin</a> peaked at $64,000, up from $10,000. Customers began to take notice and venture capital groups invested <a href="https://www.forbes.com/sites/jonathanponciano/2022/01/14/billionaire-bankman-frieds-ftx-launches-2-billion-crypto-fund-amid-ventures-massive-deal-boom/" target="_blank" rel="noopener">nearly $2 billion</a> in FTX.</p> </section> <section class="section main-article-chapter" data-menu-title="What is FTT?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What is FTT?</h2> <p>Cryptocurrency platforms often create their own tokens to attract new customers. As more people invest and demand a digital token, <a href="https://www.techtarget.com/whatis/feature/How-is-cryptocurrency-valued">its value increases</a>, so platforms may offer perks. FTX created its own digital token called <a href="https://www.cnbc.com/quotes/FTT.CM=/" target="_blank" rel="noopener">FTT</a> in May 2019. FTX also offered other perks for staking FTT, such as discounts and <a href="https://www.techtarget.com/whatis/definition/nonfungible-token-NFT">NFT</a> rewards.</p> </section> <section class="section main-article-chapter" data-menu-title="The downfall of FTX"> <h2 class="section-title"><i class="icon" data-icon="1"></i>The downfall of FTX</h2> <p>In late 2021 and early 2022, the price of Bitcoin started to decline drastically from its high in the beginning of 2021, and other cryptocurrencies started to follow. Many major platforms started shutting down, except for FTX, which continued acquiring competitors.</p> <p>However, the rise of FTX came to an end in November 2022 when CoinDesk <a href="https://www.coindesk.com/business/2022/11/02/divisions-in-sam-bankman-frieds-crypto-empire-blur-on-his-trading-titan-alamedas-balance-sheet/" target="_blank" rel="noopener">published an article</a> stating that Alameda Research -- also founded by Bankman-Fried -- was heavily dependent on FTX's digital token FTT, with assets valued at $5 billion. FTX's balance sheet was leaked and showed there was a lack of diversification and the two companies were tied too closely together. The balance sheet listed $9 billion in liabilities and $900 million in assets, with poorly labeled entries showing a negative $8 billion balance.</p> <p>Alameda borrowed as much capital as it needed from FTX. It was later found that this funding was mostly from customer deposits, and the trading firm would borrow money routinely from FTX customer assets.</p> <p>FTX and its sister companies did not produce balance sheets showing assets and liabilities, which is standard financial reporting procedures. FTX's balance sheets were never audited because it was a private company. Without these audits, there was no record of cash flow or assets to show the company could cover liabilities or customer assets. FTX balance sheets showed assets were less than Bankman-Fried had stated.&nbsp;</p> <p>Binance, a cryptocurrency exchange platform and FTX competitor, agreed to buy out FTX on Nov. 8 before the full extent of its problems went public. Changpeng Zhao, CEO of Binance, was one of FTX's first investors. However, the deal fell through, and <a href="https://twitter.com/binance/status/1590449161069268992?t=vm7KxwNRbwAvAiOWefJrRw&amp;s=19" target="_blank" rel="noopener">Binance cited</a> the mishandling of customer funds and the U.S. investigations as the reason for backing out of the acquisition.</p> </section> <section class="section main-article-chapter" data-menu-title="The collapse of FTX"> <h2 class="section-title"><i class="icon" data-icon="1"></i>The collapse of FTX</h2> <p>In November 2022, FTX's collapse lasted 10 days, starting on Nov. 2 and ending on Nov. 12. It began with the CoinDesk article and the leaked balance sheet. Binance initially announced it would sell all its FTT tokens because of the mishandled and blurred funds.</p> <p>The value of FTT dropped significantly, prompting FTX customers to withdraw money from their accounts. However, other cryptocurrency platform collapses, such as Celsius Network and Voyager Digital, had people worried about their investments.</p> <p>During this mass withdrawal, FTX lost billions of dollars. Bankman-Fried ordered Alameda Research to sell assets to cover the needed capital from the withdrawals and he also looked for financing to cover the gap of about <a href="https://www.bloomberg.com/news/articles/2022-11-10/sam-bankman-fried-s-ftx-faces-8-billion-shortfall-possible-bankruptcy" target="_blank" rel="noopener">$8 billion</a> between what was owed and what could be paid.</p> <p>On Nov. 8, FTX blocked customers from taking money out of the platform by removing that option online, which meant hundreds of thousands of customers did not have access to their money. When FTX could not pay the $8 billion gap, the company filed for bankruptcy. FTX crashed due to mismanagement of funds, lack of liquidity and the large volume of withdrawals. Binance announced it would buy FTX to prevent a larger market crash, but quickly bailed out of the deal as more news reports of mishandled customer funds surfaced.</p> <p>Bankman-Fried used FTX funds to buy personal luxury items, finance elaborate advertising campaigns and make political donations.</p> </section> <section class="section main-article-chapter" data-menu-title="Criminal charges and lawsuits"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Criminal charges and lawsuits</h2> <p>Authorities arrested Bankman-Fried on Dec. 12, 2022, for multiple fraud charges with FTX. Bankman-Fried was <a href="https://www.sec.gov/litigation/complaints/2022/comp-pr2022-219.pdf" target="_blank" rel="noopener">indicted by the U.S. District Court</a> on eight criminal charges, including money laundering, wire fraud, campaign finance violations and securities fraud.</p> <p>Bankman-Fried was released from custody with a $250 million bond, which is the largest in history.</p> <p>As of January 2023, <a href="https://www.cnn.com/2023/01/11/business/ftx-assets-recovered/index.html" target="_blank" rel="noopener">$5 billion</a> in assets has been recovered in cash and liquid assets. The total assets missing was estimated at $8 billion.</p> <p>FTX investors filed a class action lawsuit against FTX and its celebrity endorsers on Nov. 15, 2022. The <a href="https://docs-cdn-prod.news-engineering.aws.wapo.pub/publish_document/12afdf1a-a614-48a8-88e5-aa0e9e581c6f/published/12afdf1a-a614-48a8-88e5-aa0e9e581c6f.pdf" target="_blank" rel="noopener">civil suit claimed</a> FTX used "false representation and deceptive conduct." The lawsuit also accused FTX of using a Ponzi scheme to misuse funds and move customer money between entities.</p> </section> <section class="section main-article-chapter" data-menu-title="How the FTX crash affects other digital currencies"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How the FTX crash affects other digital currencies</h2> <p>While the overall demand for cryptocurrency fell after the FTX scandal, Bitcoin has made a comeback as of January 2023 with <a href="https://www.nytimes.com/2023/01/18/business/bitcoin-price.html" target="_blank" rel="noopener">values above $21,000</a>. Values had gone below $16,000 in November 2022 as the FTX news was breaking.</p> <p>After the arrest of Bankman-Fried, the Securities and Exchange Commission, along with the U.S. Congress, planned to <a href="https://www.techtarget.com/searchcio/news/252528376/SEC-charges-FTX-founder-while-Congress-talks-crypto-rules">discuss regulations of the cryptocurrency industry</a>. If a cryptocurrency exchange files bankruptcy, there is no backup -- unlike U.S. banks, where the government insures the funds up to certain limits.</p> <p>More cryptocurrency companies have fallen on hard times. Genesis, a cryptocurrency lender, <a href="https://www.reuters.com/technology/crypto-lending-unit-genesis-files-us-bankruptcy-2023-01-20/" target="_blank" rel="noopener">filed bankruptcy</a> on Jan. 20, 2023. Genesis owed creditors nearly $3.4 billion after the downturn of the cryptocurrency market with the FTX news.</p> <p>People are already skeptical because of the stability of cryptocurrency, its security and <a href="https://www.techtarget.com/whatis/feature/Common-cryptocurrency-scams">increased scams</a>. The broader consequences on the cryptocurrency market are unknown, but this large collapse in cryptocurrency's short history may deter a lot of investors.</p> </section> <section class="section main-article-chapter" data-menu-title="FTX debtors’ report"> <h2 class="section-title"><i class="icon" data-icon="1"></i>FTX debtors’ report</h2> <p>On April 9, 2023, FTX debtors released their <a href="https://storage.courtlistener.com/recap/gov.uscourts.deb.188450/gov.uscourts.deb.188450.1242.1.pdf">first report</a> outlining the failures of FTX Group’s management team before bankruptcy. “The FTX Group lacked appropriate management, governance and organizational structure,” the report stated.</p> <p>The findings included security failures, such as private keys to move crypto assets often left in unencrypted files and crypto assets left unsecured in hot wallets connected to the internet. It also named failures to use multifactor authentication in critical areas and several people with access to the billions of dollars in the crypto wallets.</p> <p>In addition, FTX lacked accounting and financial controls. FTX did not have experienced personnel to handle financial reporting, risk management, audits or accounting procedures. Most financial policies were generic or did not exist for a firm handling significant financial assets, according to the report. There were also no formalities for intercompany transactions, allowing liabilities and assets to transfer between insiders and FTX Group entities without any documentation or checks and balances.</p> </section> <section class="section main-article-chapter" data-menu-title="FTX sues Bankman-Fried’s parents"> <h2 class="section-title"><i class="icon" data-icon="1"></i>FTX sues Bankman-Fried’s parents</h2> <p>FTX is suing Bankman-Fried’s parents on suspicion of embezzling millions of dollars from the business for personal gain and "pet causes." The suit was filed Sept. 18, 2023.</p> <p>The corporation is suing to recoup money that Bankman-Fried's parents allegedly fraudulently transferred and misappropriated.</p> <p><a href="https://assets.bwbx.io/documents/users/iqjWHBFdfxIU/rrbKOpIjrKN4/v0">The lawsuit</a> alleges Joe Bankman and Barbara Fried either knew of or ignored the red flags of fraud at the hands of their son and his associates at FTX. Both Bankman and Fried are tenured Stanford law professors.</p> <p>The lawsuit also alleges that Barbara Fried encouraged her son to avoid federal campaign finance disclosure rules and discussed the transfer of Bankman-Fried’s home in the Bahamas along with a $10 million cash gift; and that Joe Bankman tried covering up the whistleblower complaint in 2019.</p> </section> <section class="section main-article-chapter" data-menu-title="Bankman-Fried found guilty of all charges"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Bankman-Fried found guilty of all charges</h2> <p>On Nov. 2, 2023, Bankman-Fried was found guilty on seven federal counts. He was convicted of the following fraud and money laundering charges:</p> <ul class="default-list"> <li>Two counts of wire fraud conspiracy.</li> <li>Two counts of wire fraud.</li> <li>One count of conspiracy to commit money laundering.</li> <li>One count of conspiracy to commit commodities fraud.</li> <li>One count of conspiracy to commit securities fraud.</li> </ul> <p>On March 28, 2024, Bankman-Fried was sentenced to 25 years in federal prison -- shorter than the 40-50 year sentence that prosecutors were pushing for. In addition to the prison sentence, Bankman-Fried was ordered to pay a more than $11 billion forfeiture.</p> </section> <section class="section main-article-chapter" data-menu-title="FTX to repay customers and will not relaunch"> <h2 class="section-title"><i class="icon" data-icon="1"></i>FTX to repay customers and will not relaunch</h2> <p>On Jan. 31, 2024, FTX announced it would not restart its cryptocurrency exchange. Instead, it would liquidate all assets and return the money to customers.</p> <p>The exchange was in negotiations for months with investors and bidders but could not get enough money to rebuild.</p> <p>On Oct. 7, 2024, a Delaware bankruptcy judge approved FTX’s reorganization plan. This plan will give 98% of FTX’s creditors 119% of their allowed claims as of November 2022 -- when the platform received bankruptcy protection.</p> <p>Since filing bankruptcy, FTX has recovered nearly $16 billion to repay its customers.</p> </section> <section class="section main-article-chapter" data-menu-title="FTX executives' prison sentences reduced"> <h2 class="section-title"><i class="icon" data-icon="1"></i>FTX executives' prison sentences reduced</h2> <p>Two convicted FTX executives are expected to get out of jail ahead of schedule. Ryan Salame was originally sentenced to 7.5 years for his role in the FTX scandal. The Federal Bureau of Prisons lists his release date as more than a year earlier than his original sentencing. His new release date is March 1, 2031, compared to his initial release date in April 2032.</p> <p>Caroline Ellison was originally sentenced to two years after pleading guilty to seven federal counts of fraud and conspiracy. Ellison was a key witness against Bankman-Fried. Her release date is now three months earlier.</p> </section> <section class="section main-article-chapter" data-menu-title="Bankman-Fried requests presidential pardon"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Bankman-Fried requests presidential pardon</h2> <p>At some point in the first half of 2026, Bankman-Fried asked President Donald Trump for a pardon, according to online records from the Office of the Pardon Attorney, a division of the U.S. Justice Department.</p> <p>According to the record, the request was for a "pardon after completion of sentence." As of this writing, the status is pending.</p> <p>According to the Office of the Pardon Attorney, a pardon does not signify innocence, but it does restore certain civil liberties -- such as the right to vote, hold public office or sit on a jury.</p> </section> Cryptocurrency values rose in 2021 but started to decline in 2022, causing some exchange platforms to fold. FTX appeared to stay strong -- until news broke of an elaborate scam. https://cdn.ttgtmedia.com/rms/onlineimages/money_g1250581414.jpg https://www.techtarget.com/whatis/feature/FTX-scam-explained-Everything-you-need-to-know Tue, 09 Jun 2026 08:30:00 GMT <p><a href="https://www.techtarget.com/searchsecurity/definition/identity-access-management-IAM-system">Identity and access management</a> has evolved from a supporting IT function into the foundation of enterprise security. In modern organizations, identity governs access not only for employees, but also for contractors, cloud workloads, SaaS platforms, APIs, automation pipelines and, increasingly, AI-driven systems and agents. It's common to hear identity described as the <a href="https://www.techtarget.com/searchsecurity/feature/identity-new-perimeter-enterprise-security">new perimeter</a>.</p> <p>Attackers no longer need to break in through traditional technical exploits if they can simply log in with stolen credentials, hijacked sessions, abused API tokens or compromised nonhuman identities (NHIs). At the same time, organizations struggle to manage sprawling SaaS ecosystems, cloud-native infrastructure, decentralized identity stores and autonomous AI systems.</p> <p>All this means security teams face a mix of traditional IAM risks and newer identity challenges.</p> <section class="section main-article-chapter" data-menu-title="Overprivileged access remains one of the biggest risks"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Overprivileged access remains one of the biggest risks</h2> <p>Users, administrators, service accounts and cloud roles often accumulate permissions over time that far exceed what they require. Organizations frequently grant broad access in the name of productivity; they rarely <a href="https://www.techtarget.com/searchsecurity/tip/User-provisioning-and-deprovisioning-Why-it-matters-for-IAM">revisit or remove those privileges later</a>.</p> <p>In cloud environments, this problem is especially dangerous. A single overprivileged IAM role in AWS or Azure could provide access to sensitive data stores, administrative APIs, infrastructure provisioning or continuous delivery systems. Similarly, excessive permissions in SaaS platforms such as Microsoft 365, Salesforce, ServiceNow, GitHub or Slack can expose sensitive business data and operational workflows.</p> <p>The risk is amplified because attackers increasingly target identities instead of infrastructure. Once an attacker compromises a privileged identity, they can often operate within the environment using legitimate APIs and trusted workflows, making detection significantly more difficult.</p> <p>Organizations should <a href="https://www.techtarget.com/searchsecurity/definition/principle-of-least-privilege-POLP">prioritize least-privilege access</a>, role reviews, entitlement governance and periodic access recertification processes. Modern IAM programs must extend these controls beyond traditional directory systems to include cloud-native and SaaS environments as well.</p> </section> <section class="section main-article-chapter" data-menu-title="NHIs have become a major attack surface"> <h2 class="section-title"><i class="icon" data-icon="1"></i>NHIs have become a major attack surface</h2> <p>A significant IAM development in recent years is the substantial rise in the number of NHIs. These include service accounts, API keys, OAuth tokens, cloud workload identities, containers, serverless functions, certificates, robotic process automation accounts and AI agents. In many organizations, NHIs dramatically outnumber human identities.</p> <p>The challenge is that most IAM programs were originally designed around employees and contractors, not <a href="https://www.techtarget.com/searchsecurity/tip/Cybersecuritys-agentic-AI-identity-crisis-and-how-to-fix-it">autonomous workloads operating continuously</a> across <a href="https://www.techtarget.com/searchsecurity/tip/Multi-cloud-identity-management-tips-and-best-practices">cloud and SaaS environments</a>. As a result, many NHIs are poorly governed, overprivileged, unmonitored or use long-lived credentials that are rarely rotated.</p> <p>This creates significant risk. A compromised API token or cloud service role might provide direct access to production systems, sensitive data or deployment pipelines. Attackers increasingly target these identities because they often bypass traditional MFA and user-focused monitoring controls.</p> <p>To <a href="https://www.techtarget.com/searchsecurity/tip/CISOs-guide-to-nonhuman-identity-security">secure NHIs</a>, modern IAM programs should include:</p> <ul class="default-list"> <li>Full inventory and ownership tracking of NHIs.</li> <li>Automated credential rotation and short-lived tokens.</li> <li>Workload identity federation where possible.</li> <li>Least privilege access for service accounts and APIs.</li> <li>Monitoring for anomalous workload identity behavior.</li> <li>Separate governance models for human and machine identities.</li> </ul> <p>NHI security is rapidly becoming one of the most important areas of IAM, particularly as organizations expand their use of cloud and AI services.</p> </section> <section class="section main-article-chapter" data-menu-title="SaaS identity sprawl creates governance challenges"> <h2 class="section-title"><i class="icon" data-icon="1"></i>SaaS identity sprawl creates governance challenges</h2> <p>Most enterprises now operate hundreds or even thousands of SaaS applications. Many of these platforms maintain their own identity stores, roles, permissions and authentication methods.</p> <p>Over time, organizations lose visibility into who has access to what, especially when individual business units adopt applications without centralized oversight.</p> <p>This SaaS identity sprawl creates several risks:</p> <ul class="default-list"> <li>Former employees retaining access to applications.</li> <li>Excessive third-party OAuth integrations.</li> <li><a href="https://www.techtarget.com/searchcio/tip/6-dangers-of-shadow-IT-and-how-to-avoid-them">Shadow IT</a> and unmanaged SaaS usage.</li> <li>Weak MFA enforcement across platforms.</li> <li>Inconsistent logging and monitoring.</li> <li>Excessive administrative privileges in SaaS tools.</li> </ul> <p>Attackers understand that SaaS applications often contain valuable business data, including intellectual property, financial information, customer records, collaboration data and source code. AI-powered attacks increasingly target SaaS platforms because identities and sessions are now easier to exploit at scale.</p> <p>To address this, organizations should prioritize SaaS security posture management, centralized identity federation, conditional access enforcement, and continuous monitoring of SaaS privilege changes and OAuth grants.</p> </section> <section class="section main-article-chapter" data-menu-title="AI-driven deepfakes and identity impersonation are rising threats"> <h2 class="section-title"><i class="icon" data-icon="1"></i>AI-driven deepfakes and identity impersonation are rising threats</h2> <p>One of the newest IAM risks is the use of GenAI and deepfake technologies to impersonate employees, executives, help desk admins or business partners. With relatively little effort, attackers can generate convincing voice, video and text-based impersonations to:</p> <ul class="default-list"> <li>Trick the help desk into resetting a password for a privileged employee or executive account.</li> <li>Illegitimately request MFA resets by impersonating employees who claim to have lost or replaced devices.</li> <li>Impersonate executives in urgent financial, legal or operational communications.</li> <li>Bypass voice-authentication systems used in banking, customer service or internal verification workflows.</li> <li>Conduct <a href="https://www.techtarget.com/searchsecurity/tip/CISOs-guide-How-to-prevent-business-email-compromise">business email compromise campaigns</a> using synthetic voice or video to reinforce legitimacy.</li> <li>Infiltrate vendor-payment workflows involving fraudulent invoice approvals or wire-transfer requests.</li> </ul> <p><a href="https://www.techtarget.com/searchsecurity/tip/Prepare-for-deepfake-phishing-attacks-in-the-enterprise">Deepfake-enabled social engineering and phishing</a> are particularly dangerous because it targets the human trust layer of IAM processes rather than technical systems. Organizations that rely heavily on voice recognition or weak verification procedures could find these attacks increasingly difficult to detect.</p> <p>Security teams should revisit all high-risk identity recovery and reset workflows. Stronger identity proofing, <a href="https://www.techtarget.com/searchsecurity/tip/Traditional-MFA-isnt-enough-phishing-resistant-MFA-is-key">phishing-resistant MFA</a>, callback verification procedures, privileged-access approvals and risk-based authentication controls are becoming essential.</p> <p>The help desk itself is increasingly becoming a security-sensitive function and should be treated as part of the organization's identity attack surface.</p> </section> <section class="section main-article-chapter" data-menu-title="Identity-centric attacks provide efficient entry points"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Identity-centric attacks provide efficient entry points</h2> <p>Identity-based attacks remain one of the most common initial access vectors for breaches. <a href="https://www.techtarget.com/searchsecurity/definition/credential-theft">Stolen credentials</a>, session hijacking, token theft, MFA bypassing and compromised federated identities continue to drive major incidents across industries.</p> <p>Attackers prefer these methods because they are efficient and often bypass traditional perimeter defenses. In cloud environments especially, valid credentials could provide direct access to sensitive resources without requiring malware or exploit chains.</p> <p>This trend reinforces the need for phishing-resistant MFA, conditional access policies, continuous session validation, <a href="https://www.techtarget.com/searchsecurity/definition/What-is-identity-threat-detection-and-response-ITDR">identity threat detection and response</a>, device trust validation, impossible travel and anomalous behavior monitoring, and session-token protection.</p> <p>Modern IAM increasingly requires continuous evaluation of identity risk throughout a session, not just at login, in line with <a href="https://www.techtarget.com/searchsecurity/definition/zero-trust-model-zero-trust-network">zero-trust practices</a>.</p> </section> <section class="section main-article-chapter" data-menu-title="Weak identity governance still causes major problems"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Weak identity governance still causes major problems</h2> <p>Despite advances in <a href="https://www.techtarget.com/searchsecurity/feature/8-leading-identity-and-access-management-products-for-2020">IAM technology</a>, organizations still struggle with governance fundamentals, such as orphaned accounts, delayed <a href="https://www.techtarget.com/searchsecurity/tip/User-provisioning-and-deprovisioning-Why-it-matters-for-IAM">deprovisioning</a>, role explosion, excessive administrative access, inconsistent approval workflows and lack of ownership for identities and entitlements.</p> <p>These issues become even more difficult in hybrid environments, where identities span on-premises systems, cloud infrastructure, SaaS platforms, contractors and machine identities. AI and automation can improve governance processes, but they increase complexity if organizations deploy them without strong oversight. Autonomous systems and AI agents might request or inherit permissions dynamically, creating new governance challenges around delegation, accountability and auditability.</p> <p>CISOs and their organizations should focus on building <a href="https://www.techtarget.com/searchsecurity/definition/identity-governance-and-administration-IGA">identity governance</a> programs that emphasize more progressive controls, such as just-in-time privileged access, continuous access reviews and automated deprovisioning. Even with these controls, many modern IAM programs will fail without strong lifecycle management and policies, enterprise-wide identity ownership and accountability, and a commitment to risk-based entitlement governance across all platforms and systems.</p> <p>While least privilege, strong authentication, lifecycle management, governance and monitoring still matter, those fundamentals are not enough. IAM programs must evolve from static authentication systems into continuous trust and verification platforms. Organizations that continue to treat IAM as a directory management problem will struggle to keep pace with modern threats.</p> <p><em>Dave Shackleford is founder and principal consultant at Voodoo Security, as well as a SANS analyst, instructor and course author, and GIAC technical director.</em></p> </section> Identity is long past the days of logging into systems. Security teams must now manage SaaS apps, AI agents and machine-to-machine interactions across distributed environments. https://cdn.ttgtmedia.com/visuals/searchSOA/testing_governance_management/soa_article_020.jpg https://www.techtarget.com/searchsecurity/answer/What-are-some-of-the-top-identity-and-access-management-risks Tue, 09 Jun 2026 00:00:00 GMT <p>Days before CMS <a href="https://www.techtarget.com/revcyclemanagement/news/366643599/No-Surprises-Act-IDR-gets-major-overhaul-from-CMS">announced</a> sweeping reforms to the federal Independent Dispute Resolution process, Radiology Associates of North Texas issued a stark warning: the broken system could cost them <a href="https://www.globenewswire.com/news-release/2026/05/19/3297893/0/en/radiology-associates-of-north-texas-announces-analysis-projecting-more-than-51-million-in-no-surprises-act-administrative-costs.html">$51 million in arbitration fees</a> alone.</p> <p>For Dave Walker, who leads the independent, Texas-based practice as chief revenue officer, the announcement represented both vindication and frustration.</p> <p>CMS had finally acknowledged what independent physician groups had been criticizing for three years: The federal IDR process is financially unsustainable, particularly for specialties like radiology, where individual service charges are relatively small but volume is high. The agency's decision to slash its administrative fee from $115 to $15 per dispute was welcome news.</p> <p>But it doesn't address the core dysfunction that had driven RANT to go public with its internal analysis of administrative costs related to the IDR process.</p> <p>"The big positive I saw out of the new rules was the decrease in the CMS fee," Walker acknowledged in an interview. "I don't want to downplay that, and I applaud CMS for that. But the rest of the batching rules, at least from a radiology perspective, really have no impact."</p> <p>The real problem, Walker argues, isn't the administrative fees. The issue boils down to a federal system that lacks an enforcement mechanism to compel payers to participate in the dispute resolution process that the No Surprises Act created.</p> <section class="section main-article-chapter" data-menu-title="No waking from the batching nightmare"> <h2 class="section-title"><i class="icon" data-icon="1"></i>No waking from the batching nightmare</h2> <p>The federal IDR batching framework operates under a patchwork of interim regulations, sub-regulatory guidance and varying interpretations by IDR entities, or IDREs. This is largely due to federal court rulings that struck down parts of the government's initial strict batching definitions.</p> <p>However, three foundational statutory rules for a batch have remained intact: claims must be billed under the same National Provider Identifier or Tax Identification Number, be made by the same health plan or issuer, and include services furnished within the same 30-business-day period.</p> <p>According to RANT, this framework forces providers to split similar claims into thousands of smaller arbitration filings, each with its own fees.</p> <p>"When we batch claims together the way the federal batching rules work, our batch sizes are very small," Walker explained. "And oftentimes they don't even match the amount that's going to get charged by the IDRE."</p> <p>On top of administrative fees, disputing parties must also pay the IDRE. The average administrative fee is $595 for a single determination and $695 for a batched determination with up to 25-line items, based on <a href="https://www.cms.gov/nosurprises/help-resolve-payment-disputes/certified-idre-list">CMS data</a>. IDREs then have a fixed tiered fee for larger batches.</p> <p>In RANT's case, this often means that the average charges for the services in dispute are lower than the administrative fees under the federal process. This especially impacts a specialty like radiology, where patients undergo very few services per hospital visit, limiting the number of line items practices can batch.</p> <p>"You're talking about $30 and $40 million extra cost above and beyond the charge and, frankly, well above and beyond what I've asked Blue Cross for by multiples," Walker stated.</p> <p>CMS has sought to address the batching problem by capping batches at 50 qualified items or services, based on revised circumstances, including patient encounter, the same service code and whether the items and services are for certain specialties, such as radiology.</p> <p><a href="https://www.healthcaredive.com/news/surprise-billing-idr-final-rule-insurers-lash-out/821407/">Payers have criticized the new rules</a>, claiming they favor providers. However, Walker says the changes won't make much of a difference for RANT unless the batch sizes are larger or the time period is extended.</p> <p>"It was a reasonable thing for [CMS] to do, but it does not fix the heart of the issue, which is if payers aren't forced to actually meaningfully participate in the process, they don't," he explained.</p> </section> <section class="section main-article-chapter" data-menu-title="A rulebook with no referee"> <h2 class="section-title"><i class="icon" data-icon="1"></i>A rulebook with no referee</h2> <p>Blue Cross Blue Shield of Texas owes RANT more than $3.5 million in balances awarded under the federal IDR process. Of that, nearly $1.64 million has been unpaid for more than 120 days, according to RANT's internal analysis.</p> <p>Without penalties for non-payment or refusal to negotiate, payers like Blue Cross Blue Shield of Texas can simply ignore the process, forcing providers into costly arbitration battles where the fees often exceed the disputed charges themselves, Walker argued.</p> <p>But when RANT filed similar disputes under Texas's state-level IDR process -- which requires open negotiation and includes enforcement penalties -- Walker said Blue Cross Blue Shield of Texas settled within two weeks at the exact rate he had been requesting on the federal side and without the official arbitration process.</p> <blockquote class="main-article-pullquote"> <div class="main-article-pullquote-inner"> <figure> It all boils down to there being no teeth in the federal process that forces them to actually pay the awards and participate in the process. </figure> <figcaption> <strong>Dave Walker, chief revenue officer, RANT</strong> </figcaption> <i class="icon" data-icon="z"></i> </div> </blockquote> <p>"They knew they would have to pay the awards. They knew they would have to participate in the process," Walker said of the state system. "So, within two weeks, no additional fees, we came to a reasonable rate."</p> <p>However, the same disputes on the federal side resulted in years of silence, despite tens of thousands of claims filed and repeated attempts at communication.</p> <p>"Why? It all boils down to there being no teeth in the federal process that forces them to actually pay the awards and participate in the process," Walker said.</p> <p>That isn’t necessarily true for providers, though. The original No Surprises Act gave CMS the authority to fine providers $10,000 per violation and to award triple damages for inappropriate behavior.</p> <p>Payers advocated for provider penalties during the legislative process. The final law included $10,000 fines for provider violations but did not include equivalent penalties for payers -- a gap that a new bill seeks to address.</p> <p>The "No Surprises Act Enforcement Act" (<a href="https://www.congress.gov/bill/119th-congress/house-bill/4710">H.R. 4710</a>) was introduced to require payers and providers to pay awards within 30 days of a binding IDR determination, with a fine of up to $10,000 per failure over their heads.</p> <p>However, the legislation remains up for debate by House committees, with some dragging their feet as they grapple with payers' claims that providers have abused the IDR process.</p> <p>But the longer enforcement takes, the more employers -- and ultimately, patients -- will end up paying for the federal IDR process' misgivings, Walker insisted.</p> </section> <section class="section main-article-chapter" data-menu-title="A contracting crisis behind the billing battle"> <h2 class="section-title"><i class="icon" data-icon="1"></i>A contracting crisis behind the billing battle</h2> <p>This isn't just a billing dispute between one radiology group and one payer, though. It's a window into a widening gap between payers and providers that the No Surprises Act has failed to bridge.</p> <p>Payers have worried that the federal IDR process would drive providers to stay out of networks to get higher payment rates -- rates that one <a href="https://chir.georgetown.edu/the-substantial-costs-of-the-no-surprises-act-arbitration-process/">analysis</a> found were a median of 459% of the qualifying payment amount, or the median in-network contracted rate for a service within a region.</p> <p>Payer industry groups have argued that the IDR process, intended as a last resort, has become a primary revenue strategy, with some providers weaponizing it by flooding the system with disputes. <a href="https://www.healthcaredive.com/news/bcbs-texas-halomd-surprise-billing-lawsuit-dismissed/821290/">Blue Cross Blue Shield of Texas has even sued over this issue</a>, alleging medical billing intermediary HaloMD submitted tens of thousands of ineligible claims and yielded tens of millions of dollars in improper rewards.</p> <p>More recently, the payer <a href="https://www.bcbs.com/about-us/association-news/bcbsa-statement-on-no-surprises-act-idr-rule">called for</a> a "more balanced IDR process" through modifications, such as an upfront eligibility fee and a process for challenging arbitration outcomes, to "better align incentives and stop bad actors from gaming the system."</p> <p>In a comment on RANT's claims, a spokesperson from Blue Cross Blue Shield of Texas said the organization supports the intent of the No Surprises Act, which is to take "patients out of payment disputes, while preventing unnecessary administrative burdens that drive up costs for American businesses and families."</p> <p>"We will continue to advocate for meaningful reforms that address the root causes of rising health care costs," they stated.</p> <p>However, in some cases, the IDR is the only pathway to revenue collection for providers.</p> <p>Walker explained that RANT has not been in-network with Blue Cross Blue Shield of Texas for almost a year, despite providing services to about a million of their beneficiaries each year. This has led the practice to use state and federal IDR processes to collect revenue for the services.*</p> <p>"Our goal is to be in a network," Walker explained. "We think that is the right thing; as a matter of fact, we think that all sides need to be reasonable and think about the future of healthcare together."</p> <p>Using the IDR process has led to excessive fees for both payers and providers, which could trickle down to patients as overall healthcare costs increase. Researchers say these <a href="https://www.healthcaredive.com/news/no-surprises-dispute-resolution-driving-health-costs/758713/">costs could affect network contract negotiations</a> in the future and premium costs.</p> <p>However, stagnant reimbursement rates that have failed to keep up with inflation have stalled many negotiations. The American Medical Association recently <a href="https://www.ama-assn.org/health-care-advocacy/advocacy-update/jan-30-2026-medicare-payment-reform-advocacy-update">reported</a> that Medicare physician payments have increased by just 10% from 2001 to 2026, while the cost of running a medical practice has risen by 63%.</p> <p>This has left providers like RANT little choice but to remain out of a payer's network. But this decision also strains independent practices, which have fallen by the wayside in favor of hospital and corporate employment lately.</p> <p>Hospitals, health systems and other larger provider organizations tend to have the ear of payers, considering their market power. And this means they are getting paid, and usually much more than what a practice like RANT gets, Walker insisted. That's a large reason why providers flock to the IDR process, he explained.</p> <p>"We didn't take the decision to go out of network lightly," he concluded. "If they would agree to the cost-of-living increases, we would be back in network tomorrow."</p> <p><i>*<strong>CORRECTION 06/09/2025: A previous version of this article stated RANT has been out of network for three years. The article has been updated to reflect that the practice has been out-of-network since July 1, 2025, after three years of negotiation.</strong></i></p> <p><em>Jacqueline LaPointe is an Executive Editor at Xtelligent Healthcare Media, covering revenue cycle management, healthcare payers, health policy, and health IT since 2016.</em></p> </section> Radiology Associates of North Texas expects to pay millions to participate in the No Surprises Act's IDR process even as CMS tries to alleviate major pain points for providers. https://cdn.ttgtmedia.com/rms/onlineimages/medical%20revenue_a53814245.jpeg https://www.techtarget.com/revcyclemanagement/feature/New-No-Surprises-Act-rules-wont-fix-51M-crisis-TX-group-says Mon, 08 Jun 2026 09:38:00 GMT 60 webmaster@techtarget.com