Text of this article
June 6, 2022
PRESS RELEASE
iPadOS 16 takes the versatility of iPad even further with powerful new productivity and collaboration features
Introducing an entirely new multitasking experience with Stage Manager and full external display support, new ways to collaborate via Messages, big updates to Mail and Safari, iCloud Shared Photo Library, pro features including Reference Mode and Display Zoom, and more
CUPERTINO, CALIFORNIA Apple today previewed iPadOS 16, a major update that makes the iPad experience even more versatile. Taking advantage of the power of the M1 chip, Stage Manager brings a new way to multitask with multiple overlapping windows and full external display support. Collaboration is easier than ever with new ways to start working with others in apps across the system using Messages, and the new Freeform app provides a flexible canvas to brainstorm on together. New tools in Mail help users be more productive, Safari adds shared Tab Groups to browse the web with others, and the browsing experience gets even more secure with passkeys. The new Weather app takes full advantage of the stunning iPad display, and Live Text now interacts with text in video. New pro features — including Reference Mode and Display Zoom — make iPad an even more powerful mobile studio. Combined with the power of Apple silicon, iPadOS 16 makes it faster and easier to get more done on iPad.
“iPad is our most versatile device, and we’re excited to take what it can do even further with iPadOS 16,” said Craig Federighi, Apple’s senior vice president of Software Engineering. “With Stage Manager, which takes multitasking on iPad to a whole new level, plus new ways to share and collaborate via Messages, Safari, and the new Freeform app, and new pro features like Reference Mode and Display Zoom, users can get even more done on iPad.”
New Ways to Share and Connect in Messages
New features in Messages make it easy to start collaborating and manage shared content across Files, Keynote, Numbers, Pages, Notes, Reminders, and Safari, as well as third-party apps. When users send an invitation to collaborate via Messages, everyone on the thread is automatically added to the document, spreadsheet, or project. When someone makes a change to a shared file, everyone can see updates right at the top of the Messages thread. And when a user is working on a collaborative project, they can easily jump into the associated Messages conversation or just tap to start a FaceTime call with their collaborators.
iPadOS 16 makes everyday messaging even better. Users can now edit or recall recently sent messages, recover recently deleted messages, and mark conversations as unread so they can come back to them later.¹ Additionally, users can now begin a SharePlay session via Messages, so they can choose a shared activity — like a movie, TV show, workout, or game — and enjoy it together in sync while chatting via Messages.
A Real-Time Collaboration Space Using Freeform
Freeform, a powerful new collaboration app with a flexible canvas, gives users the ability to see, share, and collaborate all in one place without worrying about layouts and page sizes, and with full support for Apple Pencil. Users can view others’ contributions as they add content or make edits, all while enjoying a real-time collaboration space. Coming to iPadOS 16 later this year, Freeform allows collaborators to start a session from FaceTime and see the updates from others right in the Messages thread.
Mail Introduces New Smart Tools
Being more productive is easier than ever with new tools introduced in Mail. Users are given a moment to cancel delivery of a message before it reaches a recipient’s inbox,² schedule emails to be sent at the perfect moment, and move sent emails to the top of their inbox to quickly send a follow-up. Messages can also be resurfaced at any date and time with Remind Later, and users can get notified if they forget to include an important part of the message, like an attachment or recipient. Additionally, an all-new search experience delivers more complete and accurate results by correcting typos and using synonyms for the search terms, and allows users to see a richer view of contacts, shared content, and more.
Relive Memories with the New iCloud Shared Photo Library
iCloud Shared Photo Library is the easiest way to share photos seamlessly and automatically among up to six family members, so everyone can collaborate and enjoy the collection in Memories, Featured Photos, and the Photos widget. Users can share all their past photos, or use setup tools to contribute specific photos based on a start date or people in the photos. Photos can be added to the collection manually, or through Bluetooth proximity or sharing suggestions in For You. When anyone in the Shared Library adds, edits, or deletes photos, the library is updated for everyone.
New Collaboration and Security Features Come to Safari
Safari gets big updates, making it even more collaborative, customizable, and secure. Shared Tab Groups allow users to collaborate on a set of tabs with friends and see updates instantly while they work together, share tabs and bookmarks, and start a conversation right from Safari. Tab Groups get dedicated start pages that can be customized with a background image, bookmarks, and unique sections everyone can see and edit.
Browsing in Safari is even more secure with passkeys, an easier and safer sign-in method designed to replace passwords on the web and in apps. Passkeys are kept on iPad and are specific to the sites users create them for. And since passkeys are unique digital keys that stay on device and are never stored on a web server, hackers can’t leak them or trick users into sharing them. Users can sign in to websites or apps on Apple and non-Apple devices with their saved passkey by scanning the QR code with iPad, and using Face ID or Touch ID to authenticate.
The Weather App Comes to iPad
Designed to take full advantage of the stunning display, Weather comes to iPad with beautiful animations. With just a tap, users can see the most important weather information, or explore maps to check precipitation, air quality, and temperature. Users can also be notified when a severe weather alert is issued in their area, or check the air quality using a color-coded scale.
Live Text and Visual Look Up Get Powerful Updates
Using on-device intelligence, Live Text recognizes text in images across the system, and the feature now comes to video, making text completely interactive in paused video frames. With a single tap on a video, users can quickly translate languages or convert currencies. And Visual Look Up now allows users to lift the subject from an image or isolate a subject by removing the background with just a tap, and expands its recognition capabilities to birds, insects, statues, and more.
Pro Features Take Demanding Workflows Even Further
iPadOS 16 brings new powerful features that make iPad Pro an indispensable tool for creative professionals. Reference Mode enables the 12.9-inch iPad Pro with Liquid Retina XDR display to match the color requirements in workflows like review and approve, color grading, and compositing, where accurate colors and consistent image quality are critical.
Powered by the performance of the Apple-designed M1 chip, Display Zoom now allows users to increase the pixel density of the display so they can view more in their apps, which is especially useful when using Split View. With Virtual Memory Swap, iPad storage can be used to expand the available memory for all apps, and delivers up to 16 gigabytes of memory for the most demanding apps, helping to make multitasking absolutely seamless.
Powerful Multitasking with Stage Manager and Full External Display Support
Stage Manager is an entirely new multitasking experience that automatically organizes apps and windows, making it quick and easy to switch between tasks. For the first time on iPad, users can create overlapping windows of different sizes in a single view, drag and drop windows from the side, or open apps from the Dock to create groups of apps for faster, more flexible multitasking. The window of the app users are working on is displayed prominently in the center, and other open apps and windows are arranged on the left-hand side in order of recency.
Available on iPad Pro and iPad Air with the M1 chip, Stage Manager also unlocks full external display support with resolutions of up to 6K, so users can arrange the ideal workspace, and work with up to four apps on iPad and four apps on the external display.
Additional iPadOS 16 Features
Availability
The developer preview of iPadOS 16 is available to Apple Developer Program members at developer.apple.com starting today, and a public beta will be available to iPadOS users next month at beta.apple.com. New software features will be available this fall as a free software update for iPad (5th generation and later), iPad mini (5th generation and later), iPad Air (3rd generation and later), and all iPad Pro models. For more information, visit apple.com/ipados/ipados-preview. Features are subject to change. Some features may not be available in all regions or all languages.
About Apple
Apple revolutionized personal technology with the introduction of the Macintosh in 1984. Today, Apple leads the world in innovation with iPhone, iPad, Mac, Apple Watch, and Apple TV. Apple’s five software platforms — iOS, iPadOS, macOS, watchOS, and tvOS — provide seamless experiences across all Apple devices and empower people with breakthrough services including the App Store, Apple Music, Apple Pay, and iCloud. Apple’s more than 100,000 employees are dedicated to making the best products on earth, and to leaving the world better than we found it.
Press Contacts
Apple Media Helpline
media.help@apple.com
(408) 974-2042
Images in this article
Apple revolutionized personal technology with the introduction of the Macintosh in 1984. Today, Apple leads the world in innovation with iPhone, iPad, Mac, Apple Watch, and Apple TV. Apple’s five software platforms — iOS, iPadOS, macOS, watchOS, and tvOS — provide seamless experiences across all Apple devices and empower people with breakthrough services including the App Store, Apple Music, Apple Pay, and iCloud. Apple’s more than 100,000 employees are dedicated to making the best products on earth, and to leaving the world better than we found it.
Apple Media Helpline

media.help@apple.com
(408) 974-2042
The latest news and updates, direct from Apple.
Read more

source

If you’re on a Galaxy Fold, consider unfolding your phone or viewing it in full screen to best optimize your experience.
Credit Cards
Banks
Brokers
Crypto
Mortgages
Insurances
Loans
Small Business
Knowledge
Taking content and document management from the physical world to the digital is a necessity. This may sound like an enormous undertaking, but document management systems make this transfer much more efficient. Choose the right solution, and your organization can make the digital leap quickly and easily.
Cluttered file cabinets are so yesterday. To keep your organization secure and operating efficiently, you must migrate data and digitalize your documents. The right document management system makes all the difference for easy and intuitive document storing, sharing, and editing.
But like a Cinderella slipper, there is no one-size-fits-all system. You can choose from many excellent document management solutions, each fulfilling different specialties. What will work best for you depends on your business needs, budget, and the features you want. Keep those in mind as your browse our top picks below!
DocSend is known for its ease of use and integration capabilities. There’s no confusing back end architecture, as DocSend syncs easily into your existing framework. It syncs with other common platforms such as Microsoft Office or Google, so you can use DocSend to share files internally and store data directly from your desktop.
It keeps information secure with customizable permissions. For example, you can require email verification or set visibility access to expire after a certain amount of time.
DocSend has a small learning curve. Plans start at $10/month per user, placing DocSend in a mid-range price point compared to other systems.

Customized share permissions protects your data. Image source: Author
Bloomerang is a donor management system with extensive options for record-keeping and an array of supporting features that can help nonprofits who don’t want to build a stack of different tools. This platform is great for tracking all the important information you need to know about donors, volunteers, and other supporters.
Besides creating in-depth constituent records, Bloomerang empowers you with reporting features that help you make sense of the data. You can choose from tons of report templates or use their step-by-step process to build your own report. Because Bloomerang is cloud-based, you can always pull the most up-to-date entries or specify specific date ranges.
When it comes to donor communications and engagement, you can create and manage both email and direct mail letters. Bloomerang comes with a variety of letter and email templates to cover all the most common nonprofit needs. Their Twitter Listening Hub is a clever bonus feature, allowing you to dip your toes into social media monitoring.
For startups or small nonprofits, Bloomerang’s website integration features can empower you to collect important details (and donations). You can create forms in Bloomerang and embed them on your own website. Then all the information collected goes right into your database. More mature organizations, however, might need greater flexibility or more advanced functionalities from their donation pages.
With many pricing tiers (all of which include unlimited users), Bloomerang software can work with any budget. But the many tiers, based on number of records and file storage, could be a hassle for rapidly growing organizations. Bloomerang’s free tier and special small shop pricing might be just what a budding nonprofit founder needs.
Box excels at the basics: uploading and sharing documents and editing files online. It sets up basic workflows, much like task managers available in organization apps, so you can track document edits, progress, views, etc.
You can create multiple logins for internal use or share files with external guests. You can extend editing permissions to select guests.
Speaking of sharing, Box makes it easy. Click the dots beside a document’s name to access tools to download a document or create a direct link for sharing.
Each link can have customized access, ranging from basic viewing to editing abilities.

Box options make sharing simple. Image source: Author
If you want free document management software, Box offers a $0 plan for solo users. From there, the first paid option is still affordable, starting at $5/month per user, for 3-10 users.
M-Files follows a unique, straightforward principle and classifies information by the “what” of its content rather than the “where” of its folder storage, resulting in more intuitive document storage and searching. You are likely to find the document you want much more quickly.
It also uses autosave to ensure that content is not lost as you are updating and editing, and background updates keep everything current.
M-Files centralized storage offers a dynamic view of your entire organization. Content is automatically organized by type and associations, so you can search for what you need with a high-level view into storage.

Find what you’re looking for when you can search by content by type without rummaging through folders. Image source: Author
eFileCabinet keys on efficiency, with a streamlined system, focused around a central solution. It is a one-stop-shop for digital document management, providing easy document archiving, data migrations, and ongoing maintenance.
eFileCabinet is an excellent choice for small and medium businesses because of its easy setup and straightforward interface.
eFileCabinet uses an open API (application programming interface), which means you can connect with your current office system, alleviating a lot of integration headaches.
Just drag and drop files from your desktop into the app, and they are automatically uploaded to eFileCabinet’s library.

Save time and desktop space by uploading simply with Sidekick. Image source: Author
You can also audit a file’s history with an open admin view, or create custom links for doc tracking to keep tabs on who has accessed which files and when.
Ademero Content Central is a highly customizable platform with many useful features and an easy-to-use interface. Besides handling storing and file sharing basics, Ademero Content Central is known for its zonal recognition capabilities.
It uses optical character recognition (OCR) to scan and populate predetermined areas of documents, saving you a lot of time.
It also developed QCards. QCards are like document cover pages produced internally in Ademero Content Central with barcodes. They are used to quickly identify the document type being created (or uploaded), and the crucial fields a user has added.

QCards store information in barcodes to manage data more efficiently. Image source: Author
If your system needs to do more than simply store and send out documents, Ademero Content Central has premade templates you can use.
Its centralized storage system searches for documents, both stored (master copies) and edited (revised as a team or by individuals). Pricing starts at $35/month per user.
Microsoft SharePoint file management software integrates seamlessly with your Microsoft software. You can customize its look and incorporate your company’s branding.
SharePoint works well for co-authors, allowing many people to work in a document at once, and you can extend guest access.
Most external links are “view only” shares, but some plans let you offer other abilities to people outside your organization.

Set up customizable guest accesses and permissions from the settings dashboard. Image source: Author
Pricing is reasonable, starting at just $5/month per user and going up to $20/month per user. The base option gives you an ample 1 TB of storage, so you shouldn’t run out of space.

Each software option must meet a few basic criteria to be considered a top choice.
Sensitive information and confidential documents are par for the course with data storage, so every option must be secure. Each software option should be encrypted and have other security options such as assigned permissions, password-protected links, two-factor authentication, etc.
Collaboration is one of main reasons for using document management software. Since files are shared among teams and companies, they must have editing abilities to match.
A document management system is unsuitable if it can’t be integrated with your existing software. A good system fits into the day-to-day of your workforce and makes your life easier, not harder.
Going digital comes with plenty of benefits that staying offline simply can’t provide.
History reporting shows you who accessed files, when they opened them, and what was changed. Looking at revision history protects original data while logs provide user accountability.
With paper files, you risk something being misplaced, stolen, mishandled. Digital files have encrypted security and are much easier to access by those with the right credentials while being hidden from other users.
Whether it is a proposal, a contract, or a flyer, if multiple people need to touch a file at some point, it’s going to be faster via digital workflows than any other method. With all necessary authors having access in one place, tasks can be completed efficiently.
Rose Wheeler is a seasoned writer and content manager with more than 15 years of experience. She specializes in content related to digital marketing, small business, personal finance, and CMS. Her work has appeared on sites such as Selz, The Cheat Sheet, and Swaay. When she’s not working with her awesome clients, Rose enjoys cooking, playing games and curling up with a good book.
We’re firm believers in the Golden Rule, which is why editorial opinions are ours alone and have not been previously reviewed, approved, or endorsed by included advertisers. The Ascent does not cover all offers on the market. Editorial content from The Ascent is separate from The Motley Fool editorial content and is created by a different analyst team. The Motley Fool has a Disclosure Policy. The Author and/or The Motley Fool may have an interest in companies mentioned.
The Ascent is a Motley Fool service that rates and reviews essential products for your everyday money matters.
Copyright © 2018 – 2022 The Ascent. All rights reserved.

source

Documents are the bread and butter of business. In an increasingly digital world, it is easy for companies to get lost in the huge volumes of invoices, PDFs or other types of documents.
To help businesses address this challenge, document management expert Formpipe has created DM for Dynamics, a specialised new interface that connects a user’s Formpipe Autoform DM digital repository with Microsoft Dynamics 365.
Autoform DM is an electronic document management system which provides users with secure storage, configurability and easy access to all their documents. “With DM, you can store any file type, including data, documents, video files and audio files,” says Ben Saxton, head of customer success at Formpipe. “Everything is safe and secure. It’s stored following International Organization for Standardization (ISO) best practices and the object’s metadata is stored alongside it. It’s also very easy for employees to view or access the content if they need to do so.”
According to Saxton, the new interface will pull the DM product into Dynamics, bringing it closer to the core platforms already familiar to Dynamics customers. He cites the example of a finance operative that relies heavily on Dynamics in its day-to-day operations. “Users will now be able to easily store, search for and retrieve documents generated by both Dynamics and all other systems within their standard finance and operations (F&O) interface, without switching systems or screens,” he says. “This saves them time and removes the hassle of using multiple platforms.
“It is all about usability. We will provide those using the Dynamics platform – whether they be in customer experience or F&O – with a complete 360-degree view of that one particular query without having to change displays or adapt to a new system.”
The new solution will also provide customers with multiple other benefits, including an overview of all data in one place, a reduction of the technical debt often associated with ungoverned repositories, and the ability for administrators to control governance requirements around document management.
“Essentially, DM for Dynamics will offer users three key things,” says Saxton. “These are: ease of access to all files and documents, lifetime configurability with the tools needed to continually construct new uses for the product, and secure storage providing users with peace of mind.”
In addition to these capabilities, Saxton highlights the ability to build new applications that provide document search and retrieval based on a business’s metadata. “That’s absolutely paramount and that’s what we focus on,” he says.
Another key feature allows users to quickly and easily import documents from their local machine into a controlled repository. “This will automatically sort that document to a particular content type and then wrap all of the functions that we require around that content type,” Saxton explains.
With compliance an important factor in document management, DM for Dynamics adheres to ISO 27001 retention policies, which informs what happens at the end of a retention period and how that content is treated.
The concept behind the new interface was driven by market requirements and builds on the success of Formpipe’s Lasernet output within the Dynamics market. According to Saxton, the project has been significantly requested by partners and end users, and, as such, has been in the works for some time.
“We've been in the Dynamics market right since the days of AX2009,” he says. “So, we’ve been talking about this for a long time, but we’ve really accelerated our efforts over the last couple of years to pull our products closer to those core platforms, whether that be core banking, enterprise resource planning or customer relationship management. As document management specialists, we knew that we needed to bring that functionality into Dynamics to make it easier for the end user. That’s why we’re so excited about what we’ve been able to produce.” 
This article was originally published in the Autumn 2022 issue of Technology Record. To get future issues delivered directly to your inbox, sign up for a free subscription.
Number of views (1163)/Comments (–)

source

May 3, 2022 | Microsoft Corporate Blogs
Editor’s note: On May 3 Eric Horvitz, Chief Scientific Officer, testified before the U.S. Senate Armed Services Committee Subcommittee on Cybersecurity for a hearing on the use of AI in Department of Defense cyber missions. Read Eric Horvitz’s written testimony below and watch the hearing here.
 
Chairman Manchin, Ranking Member Rounds, and Members of the Subcommittee, thank you for the opportunity to share insights about the impact of artificial intelligence (AI) on cybersecurity. I applaud the Subcommittee for its foresight and leadership in holding a hearing on this critically important topic. Microsoft is committed to working collaboratively with you to help ensure new advances in AI and cybersecurity benefit our country and society more broadly.
My perspective is grounded in my experiences working across industry, academia, scientific agencies, and government. As Microsoft’s Chief Scientific Officer, I provide leadership and perspectives on scientific advances and trends at the frontiers of our understandings, and on issues and opportunities rising at the intersection of technology, people, and society. I have been pursuing and managing research on principles and applications of AI technologies for several decades, starting with my doctoral work at Stanford University. I served as a Commissioner on the National Security Commission on AI (NSCAI), was president of the Association for the Advancement of Artificial Intelligence (AAAI), chaired the Section on Computing, Information, and Communication of the American Association for the Advancement of Science (AAAS). I am a member of the National Academy of Engineering (NAE) and the American Academy of Arts and Sciences. I currently serve on the President’s Council of Advisors on Science and Technology (PCAST) and on the Computer Science and Telecommunications Board (CSTB) of the National Academies of Sciences.
I will cover in my testimony four key areas of attention at the intersection of AI and cybersecurity that warrant deeper understanding and thoughtful action:
Before covering these topics, I will provide brief updates on the cybersecurity landscape and on recent progress in AI. I’ll conclude my testimony with reflections about directions.
1. Cybersecurity’s changing landscape
Attacks on computing systems and infrastructure continue to grow in complexity, speed, frequency, and scale. We have seen new attack techniques and the exploitation of new attack surfaces aimed at disrupting critical infrastructure and accessing confidential data.[1] In 2021 alone, the Microsoft 365 Defender suite, supported by AI techniques, blocked more than 9.6 billion malware threats, 35.7 billion phishing and malicious emails, and 25.6 billion attempts to hijack customer accounts targeting both enterprise and consumer devices.[2],[3] Multiple independent reports have characterized the nature and status of different forms of cyberattack.[4] As detailed in Microsoft’s recent Digital Defense Report,[5] cyber criminals and nation-state actors continue to adapt their techniques to exploit new vulnerabilities and counter cyber defenses.
To help mitigate these concerning trends, the U.S. government has taken significant steps forward to secure our cyber ecosystem. Congress enacted several recommendations that came out of the Cyberspace Solarium Commission, such as creating the Office of the National Cyber Director and enacting cyber incident reporting legislation. Almost a year ago, the Administration issued Executive Order (E.O.) 14028, Improving the Nation’s Cybersecurity, which directs agencies to develop and implement a variety of initiatives to raise the bar on cybersecurity across areas, such as supply chain security, and requiring agencies to adopt a zero-trust model. Microsoft has worked diligently to meet deadlines specified in the E.O. on cybersecurity and we support these efforts to encourage a cohesive response to evolving cyber threats.
We expect to face continuing efforts by creative and tireless state and non-state actors who will attempt to attack computing systems with the latest available technologies. We need to continue to work proactively and reactively to address threats and to note changes in systems, technologies, and patterns of usage. On the latter, cybersecurity challenges have been exacerbated by the increasing fluidity between online work and personal activities as daily routines have become more intertwined.[6] The large-scale shift to a paradigm of hybrid work coming with the COVID-19 pandemic has moved workers further away from traditional, controlled environments. Cybersecurity solutions must enable people to work productively and securely across various devices from a variety of non-traditional locations.
2. Advancements in Artificial Intelligence
Artificial intelligence is an area of computer science focused on developing principles and mechanisms to solve tasks that are typically associated with human cognition, such as perception, reasoning, language, and learning. Numerous milestones have been achieved in AI theory and applications over the 67 years since the phrase “artificial intelligence” was first used in a funding proposal that laid out a surprisingly modern vision for the field.[7]
Particularly stunning progress has been made over the last decade, spanning advances in machine vision (e.g., object recognition), natural language understanding, speech recognition, automated diagnosis, reasoning, robotics, and machine learning—procedures for learning from data. Many impressive gains across subdisciplines of AI are attributed to a machine learning methodology named deep neural networks (DNNs). DNNs have delivered unprecedented accuracy when fueled by large amounts of data and computational resources.
Breakthroughs in accuracy include performances that exceed human baselines for a number of specific benchmarks, including sets of skills across vision and language subtasks. While AI scientists remain mystified by the powers of human intellect, the rate of progress has surprised even seasoned experts.
Jumps in core AI capabilities have led to impressive demonstrations and real-world applications, including systems designed to advise decision makers, generate textual and visual content, and to provide new forms of automation, such as the control of autonomous and semi-autonomous vehicles.
AI technologies can be harnessed to inject new efficiencies and efficacies into existing workflows and processes. The methods also can be used to introduce fundamentally new approaches to standing challenges.  When deployed in a responsible and insightful manner, AI technologies can enhance the quality of the lives of our citizenry and add to the vibrancy of our nation and world.  For example, AI technologies show great promise in enhancing healthcare via providing physicians with assistance on diagnostic challenges, guidance on optimizing therapies, and inferences about the structure and interaction of proteins that lead to new medications.
AI advances have important implications for the Department of Defense, our intelligence community, and our national security more broadly. Like any technology, the rising capabilities of AI are available to friends and foes alike. Thus, in addition to harnessing AI for making valuable contributions to people and society, we must continue to work to understand and address the possibilities that the technologies can be used by malevolent actors and adversaries to disrupt, interfere, and destroy. AI has important implications for cybersecurity as the technologies can provide both new powers for defending against cyberattacks and new capabilities to adversaries.
3. Advancing Cybersecurity with AI
The value of harnessing AI in cybersecurity applications is becoming increasingly clear. Amongst many capabilities, AI technologies can provide automated interpretation of signals generated during attacks, effective threat incident prioritization, and adaptive responses to address the speed and scale of adversarial actions. The methods show great promise for swiftly analyzing and correlating patterns across billions of data points to track down a wide variety of cyber threats of the order of seconds. Additionally, AI can continually learn and adapt to new attack patterns—drawing insights from past observations to detect similar attacks that occur in the future.
3.1 Assisting and Complementing Workforce
 The power of automation and large-scale detection, prioritization, and response made possible by AI technologies can not only relieve the burden on cybersecurity professionals but also help with the growing workforce gap. On the challenges to current cyber workforce: the U.S. Bureau of Labor Statistics estimates cybersecurity job opportunities will grow 33% from 2020 to 2030—more than six times the national average.[8] However, the number of people entering the field is not keeping pace. There is a global shortage of 2.72 million cybersecurity professionals, according to the 2021 (ISC)2 Cybersecurity Workforce Study released in October 2021.[9]
 Organizations that prioritize cybersecurity run security operations teams 24/7. Still, there are often far more alerts to analyze than there are analysts to triage them, resulting in missed alerts that evolve into breaches. Trend Micro released a survey in May 2021 of security operations center decision makers that showed that 51% feel their team is overwhelmed with the overall volume of alerts, 55% are not confident in their ability to efficiently prioritize and respond to alerts, and that 27% of their time is spent dealing with false positives.[10]
AI technologies enable defenders to effectively scale their protection capabilities, orchestrate and automate time-consuming, repetitive, and complicated response actions. These methods can enable cybersecurity teams to handle large volumes of classical threats in more relevant time frames with less human intervention and better results. Such support with scaling on the essentials can free cybersecurity professionals to focus and prioritize on those attacks that require specialized expertise, critical thinking, and creative problem solving. However, additional attention should also be given to general cybersecurity training, security awareness, secure development lifecycle practices, and simulated training modules, including using AI to run intelligent and personalized simulations.
3.2 AI at Multiple Stages of Security
Today, AI methods are being harnessed across all stages of security including prevention, detection, investigation and remediation, discovery and classification, threat intelligence, and security training and simulations. I will discuss each of these applications in turn.
Prevention. Prevention encompasses efforts to reduce the vulnerability of software to attack, including user identities and data, computing system endpoints, and cloud applications. AI methods are currently used in commercially available technologies to detect and block both known and previously unknown threats before they can cause harm. In 2021, AV-Test Institute observed over 125 million new malware threats.[11] The ability of machine learning techniques to generalize from past patterns to catch new malware variants is key to being able to protect users at scale.
As an example, last year Microsoft 365 Defender successfully blocked a file that would later be confirmed as a variant of the GoldMax malware. Defender had never seen the new variant of GoldMax. The malware was caught and blocked leveraging the power of an AI pattern recognizer working together with a technology known as “fuzzy hashing”—a means for taking a fingerprint of malware.[12] It is important to note that GoldMax is malware that persists on networks, feigning to be a “scheduled task” by impersonating the activities of systems management software. Such hiding out as a scheduled task is part of the tools, tactics, and procedures of NOBELIUM, the Russian state actor behind the attacks against SolarWinds in December 2020 and which the U.S. government and others have identified as being part of Russia’s foreign intelligence service known as the SVR.
In other work, we have found that AI methods can improve our ability to detect sophisticated phishing attacks. Phishing attacks center on social engineering, where an attacker creates a fake webpage or sends a fraudulent message designed to trick a person into revealing sensitive data to the attacker or to deploy malicious software on the victim’s device, such as ransomware. To help protect people from harmful URLs, AI pattern recognizers have been deployed in browsers and other applications as part of their security services. AI methods can improve detection while lowering false positive rates, which can frustrate end users.[13]
Detection. Detection involves identifying and alerting suspicious behaviors as they happen. The goal is to quickly respond to attacks, including identifying the scale and scope of an attack, closing the attacker’s entry, and remediating footholds that the attacker may have established. The key challenge with detecting suspicious activity is to find the right balance between providing enough coverage via seeking high rates of accurate security alerts versus false alarms. AI methods are being leveraged in detection to (1) triage attention to alerts about potential attacks, (2) identify multiple attempts at breaches over time that are part of larger and lengthier attack campaigns, (3) detecting fingerprints of the activities of malware as it operates within a computer or on a network, (4) identifying the flow of malware through an organization,[14] and (5) guiding automated approaches to mitigation when a response needs to be fast to stop an attack from propagating. For example, an automated system can shut down network connectivity and contain a device if a sequence of alerts is detected that is known to be associated with ransomware activity like the way a bank might decline a credit card transaction that appears fraudulent.
There are several technologies available today to help detect attacks. I will use Microsoft 365 Defender capabilities as an example. A set of neural network models are used to detect a potential attack underway by fusing multiple signals about activities within a computing system, including processes being started and stopped, files being changed and renamed, and suspicious network communication.[15], [16] In addition, probabilistic algorithms are used to detect high likelihoods of “lateral movement” on a network.[17] Lateral movement refers to malware, such as ransomware, moving from machine to machine as it infects an organization. The goal is to detect signals of concerning patterns of spread and to shut down the infection by isolating potentially infected machines and alerting security experts to investigate. As numerous legitimate operations can appear like lateral movement of malware, simplistic approaches can have high false-positive rates. AI systems can help to raise the rate of capture and block these spreading infections, while reducing false positives.[18]
As a recent example, in March 2022, Microsoft leveraged its AI models to identify an attack attributed to a Russian actor that Microsoft tracks as Iridium, also referred to as Sandworm.  The US government has attributed Iridium activity to a group allegedly based at GRU Unit 74455 of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation. The actor deployed wiper malware at a Ukrainian shipping company based in Lviv. Wiper malware erases data and programs on the computers that it infects. The first documented encounter of this malware was on a system running Microsoft Defender with Cloud Protection enabled. The ensemble of machine learning models in Defender, combined with signals across client and cloud, allowed Microsoft to block this malware at first sight.
Investigation and remediation. Investigation and remediation are methods used following a breach to provide customers with a holistic understanding of the security incident, including the extent of the breach, which devices and data were impacted, how the attack propagated through the customer environment, and to seek attribution for the threat.[19] Gathering and doing synthesis from telemetry sources is tedious. Efforts to date include multiple tools to collect telemetry from within and across organizations. The use of AI for investigation and remediation is a promising and open area of research.[20],[21]
Threat intelligence. Threat intelligence enables security researchers to stay on top of the current threat landscape by tracking active malicious actors, at times deliberately engaging with them and studying their behavior. Today, Microsoft actively tracks 40+ active nation-state actors and 140+ threat groups across 20 countries.[22],[23] AI methods help to identify and tag entities from multiple feeds and intelligence sharing across agencies. AI models show promise with their ability to learn and make inferences about high-level relationships and interactions by identifying similarities across different campaigns for enhancing threat attribution.[24],[25]
Recommendations: Advance development and application of AI methods to defend against cyberattacks
4. AI-powered cyberattacks
While AI is improving our ability to detect cybersecurity threats, organizations and consumers will face new challenges as cybersecurity attacks increase in sophistication. To date, adversaries have commonly employed software tools in a manual manner to reach their objectives. They have been successful in exfiltrating sensitive data about American citizens, interfering with elections, and distributing propaganda on social media without the sophisticated use of AI technologies. [26],[27],[28] While there is scarce information to date on the active use of AI in cyberattacks, it is widely accepted that AI technologies can be used to scale cyberattacks via various forms of probing and automation. Multiple research and gaming efforts within cybersecurity communities have demonstrated the power using AI methods to attack computing systems. This area of work is referred to as offensive AI.[29],[30]
4.1 Approaches to offensive AI
Offensive AI methods will likely be taken up as tools of the trade for powering and scaling cyberattacks.  We must prepare ourselves for adversaries who will exploit AI methods to increase the coverage of attacks, the speed of attacks, and the likelihood of successful outcomes. We expect that uses of AI in cyberattacks will start with sophisticated actors but will rapidly expand to the broader ecosystem via increasing levels of cooperation and commercialization of their tools.[31]
Basic automation. Just as defenders use AI to automate their processes, so too can adversaries introduce efficiencies and efficacies for their own benefit. Automating attacks using basic pre-programmed logic is not new in cybersecurity. Many malware and ransomware variants over the last five years have used relatively simple sets of logical rules to recognize and adapt to operating environments. For example, it appears that attacking software has checked time zones to adapt to local working hours and customized behavior in a variety of ways to avoid detection or take tailored actions to adapt to the target computing environment.[32],[33] On another front, automated bots have begun to proliferate on social media platforms.[34] These are all rudimentary forms of AI that encode and harness an attacker’s expert knowledge. However, substantial improvements in AI technology make plausible malicious software that is much more adaptive, stealthy, and intrusive.[35]
Authentication-based attacks. AI methods can be employed in authentication-based attacks, where, for example, recently developed AI methods can be used to generate synthetic voiceprints to gain access through an authentication system. Compelling demonstrations of voice impersonations to fool an authentication system were presented during the Capture the Flag (CTF) cybersecurity competition at the 2018 DEF CON meeting.[36]
AI-powered social engineering. Human perception and psychology are weak links in cyber-defense. AI can be used to exploit this persistent vulnerability. We have seen the rise of uses of AI for social engineering, aiming the power of machine learning at influencing the actions of people to perform tasks that are not in their interest. As an example, AI methods can be used to generate ultra-personalized phishing attacks capable of fooling even the most security conscious users. A striking 2018 study demonstrated how AI methods could be used to significantly raise the probability that end users would click on malevolent links in social media posts. The AI system learned from publicly available data including online profiles, connections, content of posts, and online activity of targeted individuals. Machine-learning was used to optimize the timing and content of messages with a goal of maximizing clickthrough rates—with significant results.[37] A 2021 study demonstrated that the language of emails could be crafted automatically with large-scale neural language models and that the AI-generated messages were more successful than the human-written messages by a significant margin.[38] In a related direction, Microsoft has tracked groups that use AI to craft convincing but fake social media profiles as lures.
4.2 AI-powered cyberattacks on the frontier
The need to prepare for more sophisticated offensive AI was highlighted in presentations at a National Academies of Sciences workshop on offensive AI that I co-organized in 2019. The workshop, sponsored by the Office of the Director of National Intelligence, led to a report available from the Academies.[39] The report includes discussion of the applications of AI methods across the cyber kill-chain, including the use of AI methods in social engineering, discovery of vulnerabilities, exploiting development and targeting, and malware adaptation, as well as in methods and tools that can be used to target vulnerabilities in Al-enabled systems, such as autonomous systems and controls used in civilian and military applications.
The cybersecurity research community has demonstrated the power of AI and other sophisticated computational methods in cyberattacks. Adversaries can harness AI to efficiently guess passwords, to attack industrial control systems without raising suspicions, and to create malware that evades detection or prevents inspection[40],[41],[42],[43],[44],[45] AI-enabled bots can also automate network attacks and make it difficult to extinguish the attacker’s command and control channels.[46] In another direction, a competitor demonstrated at a DARPA Cyber Grand Challenge exercise in 2016 [47] how machine learning could be used to learn how to generate “chaff” traffic, decoy patterns of online activity that resemble the distribution of events seen in real attacks for distraction and cover-up of actual attack strategies.[48]
It is safe to assume that AI will improve the success, impact, and scope of the full breadth of threats present today. AI will also introduce new challenges, including special cyber vulnerabilities introduced with general uses of AI components and applications, which create new apertures for adversaries to exploit.
Recommendations: Prepare for malicious uses of AI to perform cyberattacks
5. Special vulnerabilities of AI systems
The power and growing reliance on AI generates a perfect storm for a new type of cyber-vulnerability: attacks targeted directly at AI systems and components. With attention focused on developing and integrating AI capabilities into applications and workflows, the security of AI systems themselves is often overlooked. However, adversaries see the rise of new AI attack surfaces growing in diversity and ubiquity and will no doubt be pursuing vulnerabilities. Attacks on AI systems can come in the form of traditional vulnerabilities, via basic manipulations and probes, and via a new, troubling category: adversarial AI.
5.1 Attacks on AI Supply Chains
AI systems can be attacked via targeting traditional security weaknesses and software flaws, including attacks on the supply chain of AI systems, where malevolent actors gain access and manipulate insecure AI code and data. As an example, in 2021, a popular software platform used to build neural networks was found to have 201 traditional security vulnerabilities, such as memory corruption and code execution.[50] Researchers have demonstrated how adversaries could use existing cyberattack toolkits to attack core infrastructure of the software running AI systems.[51] Multiple components of AI systems in the supply chain of AI systems can be modified or corrupted via traditional cyberattacks. As an example, data sets used to train AI systems are rarely under version control in the same way that source code is. Researchers from NYU found that most AI frameworks downloaded from a popular algorithm repository do not check the integrity of AI models, in contrast to the standards of practice with traditional software, where cryptographic verification of executables/libraries has been standard practice for well over a decade.[52]
5.2 Adversarial AI
Adversarial AI or adversarial machine learning methods harness more sophisticated AI techniques to attack AI systems. Several classes of adversarial AI have been identified, including adversarial examples, the use of basic policies or more sophisticated machine learning methods to fool AI systems with inputs that cause the systems to fail to function properly. A second type of attack is called data poisoning, where data used to train AI systems are “poisoned” with streams of data that inject erroneous or biased training data into data sets, changing the behavior or degrading the performance of AI systems.[53] A third type of attack, called model stealing, seeks to learn details about the underlying AI model used in an AI system.[54] A fourth category of attack, called model inversion, seeks to reconstruct the underlying private data that is used to train the target system.[55]
With adversarial examples, basic manipulations or more sophisticated application of AI methods are used to generate inputs that are custom-tailored to cause failures in targeted AI systems. Goals of these attacks include disruptive failures of automated message classifiers, perceptions of machine vision systems, and recognitions of the words in utterances by speech recognition systems.
As an example of basic manipulations of inputs, a group, alleged to be within the Chinese government, attempted to amplify propaganda on Uyghurs by bypassing Twitter’s anti-spam algorithm via appending random characters at the end of tweets.[56] The approach was viewed as an attempt to mislead the algorithm into thinking each tweet was unique and legitimate. In another example, researchers from Skylight appended benign code from a gaming database to Wannacry ransomware to cause the machine-learning-based antivirus filter to classify the modified ransomware as benign.[57] In related work on the fragility of AI systems, researchers showed that simply rotating a scan of a skin lesion confuses a computer recognition system to classify the image as malignant.[58]
In uses of AI to generate adversarial examples, researchers have demonstrated stunning examples of failures. In one approach, adversarial methods are used to inject patterns of pixels into images to change what an AI system sees. While the changes with AI inferences are dramatic, the changes to the original images are not detectable by humans. Sample demonstrations include the modification of a photo of a panda leading an AI system to misclassify the panda as a gibbon and changes to a stop sign to misclassify it as a yield sign.[59],[60] Similar demonstrations have been done in the realm of speech recognition, with the injection of hidden acoustical patterns in speech that changes what a listening system hears.[61] Attacks leading to such misclassifications and malfunctions can be extremely costly, particularly in high-stakes domains like defense, transportation, healthcare, and industrial processes.
Challenges of adversarial AI and a set of recommendations are called out in the final report of the National Security Commission on AI (NSCAI).[62] I chaired the lines of effort on directions with developing and fielding trustworthy, responsible, and ethical AI applications, leading to chapters 7 and 8 of the report and the appendix on NSCAI’s recommendations on key considerations for fielding AI systems that align with democratic values, civil liberties, and human rights.[63],[64],[65] Chapter 7 of the report covers rising concerns with adversarial AI, including the assessment that, “The threat is not hypothetical: adversarial attacks are happening and already impacting commercial ML systems.” In support of this statement, over the last five years, the Microsoft cybersecurity team has seen an uptick in adversarial AI attacks.[66] I believe the trend will continue.
5.3 Efforts to Mitigate Adversarial AI
Pursuit of resistant systems. Computer science R&D has been underway on methods for making AI systems more resistant to adversarial machine learning attacks. One area of work centers on raising the level of robustness of systems to attacks with adversarial inputs as described above.[67],[68] Approaches include special training procedures to include adversarial examples, validation of inputs to identify specific properties that can reveal signs of an attack and making changes to the overall approach to building models, and modifying the objective functions used in optimization procedures used to create the models so that more robust models are created. While the latter techniques and research directions behind them are promising, the challenges of adversarial examples persist, per the large space of inputs to machine learning procedures. Thus, it is important to continue to invest in R&D on adversarial AI, to perform ongoing studies with red-teaming exercises, and to remain vigilant.
5.4 Tracking, Awareness, and Resources
Front-line awareness. Despite the opportunities that adversarial AI methods will provide to state and non-state actors for manipulating and disrupting critical AI systems and rising evidence of real-world attacks with adversarial AI, the idea of protecting AI systems from these attacks has been largely an afterthought. There is an urgency to be aware and to be ready to respond to adversarial AI threats, especially those used in critical areas such as defense. A Microsoft survey of 28 organizations in 2020 showed, despite the rise in attacks on AI systems, companies are still unaware of these kinds of intentional failures to AI systems and are massively underinvested in tools and processes to secure AI systems. Ryan Fedasiuk, a noted researcher at Georgetown’s Center for Security of Emerging Technology specializing in China’s AI operations, notes that Chinese military officers have explicitly called out that the U.S. defenses are susceptible to data poisoning, and even so far as calling data integrity as “the Achilles’ heel” of the U.S. joint all-domain command and control strategy.[69]
Resources and Engagement. Microsoft, along with MITRE and 16 other organizations created the Adversarial ML Threat Matrix to catalog threats to AI systems.[70] The content includes documentation of case studies where attacks have been made on commercial AI systems. For engineers and policymakers, Microsoft, in collaboration with Berkman Klein Center at Harvard University, released a taxonomy of machine learning failure modes.[71] For security professionals, Microsoft has open-sourced Counterfit, its own tool for assessing the posture of AI systems.[72] For the broader community of cybersecurity practitioners interested in AI and security, Microsoft hosts the annual Machine Learning Evasion Competition as a venue to exercise their muscle in attacking and securing AI systems.[73] Within the Federal government, the DoD has listed safety and security of AI systems in its core AI principles.[74] And there is encouraging activity by NIST on an AI Risk Assessment Framework to address multiple dimensions of AI systems, including robustness and security.[75]
Recommendations: Raise awareness and address vulnerabilities of AI systems
6. AI in Malign Information Operations
Advances in machine learning and graphics have boosted the abilities of state and non-state actors to fabricate and distribute high-fidelity audiovisual content, referred to as synthetic media and deepfakes. AI technologies for generating deepfakes can now fabricate content that is indistinguishable from real-world people, scenes, and events, threatening national security. Advances that could only be found with the walls of computer science laboratories or in demonstrations that surprised attendees at academic AI conferences several years ago are now widely available in tools that create audio and audiovisual content that can be used to drive disinformation campaigns.
6.1 Challenges of Synthetic Media
Advances in the capabilities of generative AI methods to synthesize a variety of signals, including high-fidelity audiovisual imagery, have significance for cybersecurity. When personalized, the use of AI to generate deepfakes can raise the effectiveness of social-engineering operations (discussed above) in persuading end-users to provide adversaries with access to systems and information.
On a larger scale, the generative power of AI methods and synthetic media have important implications for defense and national security. The methods can be used by adversaries to generate believable statements from world leaders and commanders, to fabricate persuasive false-flag operations, and to generate fake news events. A recent demonstration includes the multiple examples of manipulated and more sophisticated deepfakes that have come to the fore over the course of the Russian attack on Ukraine. This includes a video of President Volodymyr Zelenskyy appearing to call for surrender.[76]
The proliferation of synthetic media has had another concerning effect: malevolent actors have labeled real events as “fake,” taking advantage of new forms of deniability coming with the loss of credibility in the deepfake era. Video and photo evidence, such as imagery of atrocities, are being called fake. Known as the “liar’s dividend”, the proliferation of synthetic media emboldens people to claim real media as “fake,” and creates plausible deniability for their actions.[77]
We can expect synthetic media and its deployment to continue grow in sophistication over time, including the persuasive interleaving of deepfakes with unfolding events in the world and real-time synthesis of deepfakes. Real-time generations could be employed to create compelling, interactive imposters (e.g., appearing in teleconferences and guided by a human controller) that appear to have natural head pose, facial expressions, and utterances. Looking further out, we may have to face the challenge of synthetic fabrications of people that can engage autonomously in persuasive real-time conversations over audio and visual channels.
6.2 Direction: Digital Content Provenance
A promising approach to countering the threat of synthetic media can be found in a recent advance, named digital content provenance technology. Digital content provenance leverages cryptography and database technologies to certify the source and history of edits (the provenance) of any digital media. This can provide “glass-to-glass” certification of content, from the photons hitting the light-sensitive surfaces of cameras to the light emitted from the pixels of displays, for secure workloads. We pursued an early vision and technical methods for enabling end-to-end tamper-proof certification of media provenance in a cross-team effort at Microsoft.[78],[79] The aspirational project was motivated by our assessment that, in the long-term, neither humans nor AI methods would be able to reliably distinguish fact from AI-generated fictions—and that we must prepare with urgency for the expected trajectory of increasingly realistic and persuasive deepfakes.
After taking the vision to reality with technical details and the implementation of prototype technologies for certifying the provenance of audiovisual content, we worked to build and contribute to cross-industry partnerships, including Project Origin, the Content Authenticity Initiative (CAI), and the Coalition for Content Provenance and Authenticity (C2PA), a multistakeholder coalition of industry and civil society organizations. [80],[81],[82],[83] In January 2022, C2PA released a specification of a standard that enables the interoperability of digital content provenance systems.[84],[85] Commercial production tools are now becoming available in accordance with the C2PA standard that enable authors and broadcasters to assure viewers about the originating source and history of edits to photo and audiovisual media.
The final report of the NSCAI recommends that digital content provenance technologies should be pursued to mitigate the rising challenge of synthetic media. In Congress, the bipartisan Deepfake Task Force Act (S. 2559) proposes the establishment of the National Deepfake and Digital Provenance Task Force.[86] Microsoft and its media provenance collaborators encourage Congress to move forward with standing-up a task force to help identify and address the challenges of synthetic media and we would welcome the opportunity to provide assistance and input into the work.
 Recommendations: Defend against malign information operations
Summary
I have covered in my testimony status, trends, examples, and directions ahead with rising opportunities and challenges at the intersection of AI and cybersecurity. AI technologies will continue to be critically important for enhancing cybersecurity in military and civilian applications. AI methods are already qualitatively changing the game in cyber defense. Technical advances in AI have helped in numerous ways, spanning our core abilities to prevent, detect, and respond to attacks—including attacks that have never been seen before. AI innovations are amplifying and extending the capabilities of security teams across the country.
On the other side, state and non-state actors are beginning to leverage AI in numerous ways. They will draw new powers from fast-paced advances in AI and will continue to add new tools to their armamentarium. We need to double down with our attention and investments on threats and opportunities at the convergence of AI and cybersecurity. Significant investments in workforce training, monitoring, engineering, and core R&D will be needed to understand, develop, and operationalize defenses for the breadth of risks we can expect with AI-powered cyberattacks. The threats include new kinds of attacks, including those aimed squarely at AI systems. The DoD, federal and state agencies, and the nation need to stay vigilant and stay ahead of malevolent adversaries. This will take more investment and commitment to fundamental research and engineering on AI and cybersecurity, and in building and nurturing our cybersecurity workforce so our teams can be more effective today—and well-prepared for the future.
Thank you for the opportunity to testify. I look forward to answering your questions.
[1] https://www.microsoft.com/security/blog/2021/12/15/the-final-report-on-nobeliums-unprecedented-nation-state-attack/
[2] https://news.microsoft.com/wp-content/uploads/prod/sites/626/2022/02/Cyber-Signals-E-1-218.pdf, page 3
[3] https://www.microsoft.com/en-us/research/group/m365-defender-research/
[4] 2018-Webroot-Threat-Report_US-ONLINE.pdf
[5] Microsoft Digital Defense Report, October 2021
[6] https://www.microsoft.com/security/blog/2021/05/12/securing-a-new-world-of-hybrid-work-what-to-know-and-what-to-do/
[7] J. McCarthy, J., M.L. Minsky, N.  Rochester, N., C.E. Shannon, C.E. A Proposal for the Dartmouth Summer Project on Artificial Intelligence, Dartmouth University, May 1955. http://www-formal.stanford.edu/jmc/history/dartmouth/dartmouth.html
[8] https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm
[9] https://www.isc2.org/News-and-Events/Press-Room/Posts/2021/10/26/ISC2-Cybersecurity-Workforce-Study-Sheds-New-Light-on-Global-Talent-Demand
[10] https://newsroom.trendmicro.com/2021-05-25-70-Of-SOC-Teams-Emotionally-Overwhelmed-By-Security-Alert-Volume
[11] https://www.av-test.org/en/statistics/malware/
[12] https://www.microsoft.com/security/blog/2021/07/27/combing-through-the-fuzz-using-fuzzy-hashing-and-deep-learning-to-counter-malware-detection-evasion-techniques
[13] https://www.microsoft.com/en-us/research/publication/urltran-improving-phishing-url-detection-using-transformers/
[14] https://dl.acm.org/doi/10.1145/3471621.3471858
[15] https://www.microsoft.com/security/blog/2020/07/23/seeing-the-big-picture-deep-learning-based-fusion-of-behavior-signals-for-threat-detection/
[16] https://www.microsoft.com/security/blog/2020/08/27/stopping-active-directory-attacks-and-other-post-exploitation-behavior-with-amsi-and-machine-learning/
[17] https://www.microsoft.com/security/blog/2019/12/18/data-science-for-cybersecurity-a-probabilistic-time-series-model-for-detecting-rdp-inbound-brute-force-attacks/
[18] https://www.microsoft.com/security/blog/2020/06/10/the-science-behind-microsoft-threat-protection-attack-modeling-for-finding-and-stopping-evasive-ransomware/
[19] https://www.microsoft.com/security/blog/2021/12/02/structured-threat-hunting-one-way-microsoft-threat-experts-prioritizes-customer-defense/
[20] https://www.microsoft.com/security/blog/2020/07/09/inside-microsoft-threat-protection-correlating-and-consolidating-attacks-into-incidents/
[21] https://www.microsoft.com/security/blog/2020/07/29/inside-microsoft-threat-protection-solving-cross-domain-security-incidents-through-the-power-of-correlation-analytics/
[22] https://www.microsoft.com/security/blog/2022/02/03/cyber-signals-defending-against-cyber-threats-with-the-latest-research-insights-and-trends/
[23] https://www.microsoft.com/security/blog/2021/05/12/securing-a-new-world-of-hybrid-work-what-to-know-and-what-to-do/
[24] https://www.microsoft.com/security/blog/2021/04/01/automating-threat-actor-tracking-understanding-attacker-behavior-for-intelligence-and-contextual-alerting/
[25] https://dl.acm.org/doi/pdf/10.1145/3448016.3452745
[26] Cybersecurity Incidents (opm.gov)
[27] Russian Interference in 2016 U.S. Elections – FBI
[28] Characterizing networks of propaganda on twitter: a case study
[29] https://arxiv.org/pdf/2106.15764.pdf
[30] B. Buchanan, J. Bansemer, D. Cary, et al., Automating Cyber Attacks: Hype and Reality, Center for Security and Emerging Technology, November 2020.  https://cset.georgetown.edu/wp-content/uploads/CSET-Automating-Cyber-Attacks.pdf
[31] How cyberattacks are changing according to new Microsoft Digital Defense Report
[32] Intelligence, FireEye Threat. “HAMMERTOSS: Stealthy tactics define a Russian cyber threat group.” FireEye, Milpitas, CA (2015).
[33] Virtualization/Sandbox Evasion, Technique T1497 – Enterprise | MITRE ATT&CK®
[34] https://www.jmir.org/2021/5/e26933/
[35] See for example, see documentation of Deep Exploit, tools and demonstration showing the use of reinforcement learning to drive cyberattacks: https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/DeepExploit
[36] https://www.defcon.org/
[37] J. Seymour and P. Tully, Generative Models for Spear Phishing Posts on Social Media, 31st Conference on Neural Information Processing Systems, Long Beach, CA, USA, 2017. https://arxiv.org/abs/1802.05196
[38] https://www.wired.com/story/ai-phishing-emails/amp
[39] Implications of Artificial Intelligence for Cybersecurity: A Workshop, National Academy of Sciences, 2019. https://www.nationalacademies.org/our-work/implications-of-artificial-intelligence-for-cybersecurity-a-workshop
[40] Hey, My Malware Knows Physics! Attacking PLCs with Physical Model Aware Rootkit – NDSS Symposium (ndss-symposium.org)
^[41] B. Hitaj, P. Gasti, G. Ateniese, F. Perez-Cruz, PassGAN: A Deep Learning Approach for Password Guessing, NeurIPS 2018 Workshop on Security in Machine Learning (SecML’18), December 2018. https://github.com/secml2018/secml2018.github.io/raw/master/PASSGAN_SECML2018.pdf
[42] S. Datta, DeepObfusCode: Source Code Obfuscation through Sequence-to-Sequence Networks In: Arai, K. (eds) Intelligent Computing. Lecture Notes in Networks and Systems, vol 284. Springer, Cham. https://doi.org/10.1007/978-3-030-80126-7_45, July 2021.
[43] J. Li, L. Zhou, H. Li, L. Yan and H. Zhu, “Dynamic Traffic Feature Camouflaging via Generative Adversarial Networks,” 2019 IEEE Conference on Communications and Network Security (CNS), 2019, pp. 268-276, doi: 10.1109/CNS.2019.8802772.  https://ieeexplore.ieee.org/abstract/document/8802772
[44] C. Novo, R. Morla, Flow-Based Detection and Proxy-Based Evasion of Encrypted Malware C2 Traffic, Proceedings of the 13th ACM Workshop on Artificial Intelligence and Security 2020, https://doi.org/10.1145/3411508.3421379.
[45] D. Han et al., “Evaluating and Improving Adversarial Robustness of Machine Learning-Based Network Intrusion Detectors,” in IEEE Journal on Selected Areas in Communications, vol. 39, no. 8, pp. 2632-2647, Aug. 2021, https://ieeexplore.ieee.org/abstract/document/9448103
[46] A botnet-based command and control approach relying on swarm intelligence – ScienceDirect
[47] https://www.darpa.mil/program/cyber-grand-challenge
[48] R. Rivest, Chaffing and Winnowing: Confidentiality Without Encryption,” CryptoBytes, 4(1):12-17, https://pdfs.semanticscholar.org/aaf3/7e0afa43f5b6168074dae 2bc0e695a9d1d1b.pdf
[49] https://www.nscai.gov/wp-content/uploads/2021/03/Full-Report-Digital-1.pdf. page 279.
[50] https://www.cvedetails.com/product/53738/Google-Tensorflow.html
[51] Xiao, Qixue, et al. “Security risks in deep learning implementations.” 2018 IEEE Security and privacy workshops (SPW). IEEE, 2018.
[52] Gu, Tianyu, Brendan Dolan-Gavitt, and Siddharth Garg. “Badnets: Identifying vulnerabilities in the machine learning model supply chain.” arXiv preprint arXiv:1708.06733 (2017).
[53] Jagielski, Matthew, et al. “Manipulating machine learning: Poisoning attacks and countermeasures for regression learning.” 2018 IEEE Symposium on Security and Privacy (SP). IEEE, 2018.
[54] Yu, Honggang, et al. “CloudLeak: Large-Scale Deep Learning Models Stealing Through Adversarial Examples.” NDSS. 2020.
[55] Ziqi Yang, Ee-Chien Chang, Zhenkai Liang, Adversarial Neural Network Inversion via Auxiliary Knowledge Alignment, 2019
[56] https://www.nytimes.com/interactive/2021/06/22/technology/xinjiang-uyghurs-china-propaganda.html
[57] https://skylightcyber.com/2019/07/18/cylance-i-kill-you/
[58] Finlayson, Samuel G., et al. “Adversarial attacks on medical machine learning.” Science 363.6433 (2019): 1287-1289.
[59] I.J. Goodfellow, J. Shlens, C. Szegedy, Explaining and Harnessing Adversarial Examples, ICLR 2015. https://arxiv.org/pdf/1412.6572.pdf
[60]N. Papernot, P. McDaniel, I. Goodfellow, et al., Practical Black-Box Attacks against Machine Learning, ASIA CCS ’17, April 2017. https://dl.acm.org/doi/pdf/10.1145/3052973.3053009
[61] M. Alzantot, B. Balaji, M. Srivastava, Did you hear that? Adversarial Examples Against Automatic Speech Recognition, Conference on Neural Information Processing Systems, December 2017. https://arxiv.org/pdf/1801.00554.pdf
[62] https://www.nscai.gov/
[63] “Upholding Democratic Values: Privacy, Civil Liberties, and Civil Rights in Uses of AI for National Security,” Chapter 8, Report of the National Security Commission on AI, March 2021. https://reports.nscai.gov/final-report/chapter-8/
[64] “Establishing Justified Confidence in AI Systems,” Chapter 8, Report of the National Security Commission on AI, March 2021. https://reports.nscai.gov/final-report/chapter-7/
[65] E. Horvitz J. Young, R.G. Elluru, C. Howell, Key Considerations for the Responsible Development and Fielding of Artificial Intelligence, National Security Commission on AI, April 2021. https://arxiv.org/ftp/arxiv/papers/2108/2108.12289.pdf
[66]Kumar, Ram Shankar Siva, et al. Adversarial machine learning-industry perspectives. 2020 IEEE Security and Privacy Workshops (SPW). IEEE, 2020.
[67] https://cacm.acm.org/magazines/2018/7/229030-making-machine-learning-robust-against-adversarial-inputs/fulltext
[68] A. Madry, A. Makelov, L. Schmidt, et al. Towards deep learning models resistant to adversarial attacks, ICLR 2018. https://arxiv.org/pdf/1706.06083.pdf
[69] https://breakingdefense.com/2021/11/china-invests-in-artificial-intelligence-to-counter-us-joint-warfighting-concept-records/
[70] https://atlas.mitre.org/
[71] https://docs.microsoft.com/en-us/security/engineering/failure-modes-in-machine-learning
[72] https://github.com/Azure/counterfit/
[73] https://mlsec.io/
[74] https://www.defense.gov/News/Releases/Release/Article/2091996/dod-adopts-ethical-principles-for-artificial-intelligence/
[75] https://www.nist.gov/itl/ai-risk-management-framework
[76] See: https://www.youtube.com/watch?v=X17yrEV5sl4
[77] The Liar’s Dividend: The Impact of Deepfakes and Fake News on Politician Support and Trust in Media | GVU Center (gatech.edu)
[78] P. England, H.S. Malvar, E. Horvitz, et al. AMP: Authentication of Media via Provenance, ACM Multimedia Systems 2021. https://dl.acm.org/doi/abs/10.1145/3458305.3459599
[79]E. Horvitz, A promising step forward on disinformation, Microsoft on the Issues, February 2021. https://blogs.microsoft.com/on-the-issues/2021/02/22/deepfakes-disinformation-c2pa-origin-cai/
[80] Project Origin, https://www.originproject.info/about
[81] J. Aythora, et al. Multi-stakeholder Media Provenance Management to Counter Synthetic Media Risks in News Publishing, International Broadcasting Convention 2020 (IBC 2020), Amsterdam, NL 2020 https://www.ibc.org/download?ac=14528
[82] Content Authenticity Initiative, https://contentauthenticity.org/
[83] Coalition for Content Provenance and Authenticity (C2PA), https://c2pa.org/
[84]C2PA Releases Specification of World’s First Industry Standard for Content Provenance, Coalition for Content Provenance and Authenticity, January 26, 2022,  https://c2pa.org/post/release_1_pr/
[85] https://erichorvitz.com/A_Milestone_Reached_Content_Provenance.htm
[86] Deepfake Task Force Act, S. 2559, 117^th Congress, https://www.congress.gov/bill/117th-congress/senate-bill/2559/text
Tags: artificial intelligence, cyberattacks, department of defence, US government
Have the latest posts sent right to your inbox. Enter your email below.
By providing your email address, you will receive email updates from the Microsoft on the Issues blog.
Email Address
Subscribe
Follow us:

source

When the going gets tough, inspirational thinking comes to the fore. Small wonder that the past couple of years have spawned an exciting amount of tech-related reform in China’s courts and arbitration institutions. Kevin Cheng reports
In October, the US government enacted sweeping restrictions over the export of technology, software and equipment used for producing advanced computing chips and supercomputers to China’s semiconductor and hardware industry, which has seen a streak of encouraging growth over the years but still relies considerably on imported know-how.
This is perceived as a drastic escalation from the ongoing trade war between the world’s two largest economies, which began in 2018, as well as a hefty roadblock to the global trade network, already plagued by geopolitical and macroeconomic impediments that seem to be popping up faster than they can be resolved.
Upon hearing the news, China-based entrepreneurs, overseas investors and legal professionals jotted down this unfortunate development onto their list of concerns, and promptly set out to schedule a top-down risk assessment of all existing and planned operations.
On that list, the new entry closely follows the recurring pandemic and potential lockdowns, the war in Ukraine and the Western world’s sanctions against Russia, deteriorating geopolitical stability, interest rate hikes and the looming recession, and shortages across the global supply chain.
Tested during these trying times is not only the business acumen of corporate executives determined to sail beyond the national border, but also the expertise of their law practising convoys and the wisdom of China’s evolving judicial system, dedicated to help maintain trade vitality when disputes are constantly one factor – beyond either party’s reach – away.
“These adverse macroeconomic factors, along with a growing phenomenon of generalising ‘national security’, manifested as wanton decoupling and other acts of reverse globalisation, are making it difficult for the world economy to recuperate and grow,” says David Jia, a Shenzhen-based senior partner at Long An Law Firm.
Referring to the “chip 4 alliance” advocated by the US to form a global semiconductor supply and co-ordination network comprising Japan, South Korea and Taiwan, Jia adds: “It not only concerns the interests of Chinese and American companies, but also how the chip industry chain will reform and develop on a global scale, which obviously will lead to more cross-border disputes.”
Jia is not alone in his observation that a volatile and unpredictable international business environment begets a growing number of cross-border disputes and challenges long-held precedents in international trade.

According to Zhang Lixia, a founding partner of Huamao & Guigu Law Firm, more companies looking to consult or engage their services are claiming that due to the pandemic or the Sino-US trade breakdown, their contracts can no longer move ahead, or have met major obstacles, leaving lawsuits or arbitration their only recourse.
Likewise, Chen Xiaoshan, head of international arbitration at the Shanghai office of DLA Piper, sees an uptick in the frequency of cross-border disputes. “In the past year, due to covid-19, we have handled a large number of international trade disputes relating to the cross-border sale and purchase of personal protective equipment (PPE) and force majeure clause,” he says. “In the meantime, disputes directly or indirectly relating to the Russia-Ukraine war, especially those arising out of international trade and transportation, have also significantly increased.”
The trend is also reflected in the published statistics of leading arbitration venues, as with the 2021 work report of the China International Economic and Trade Arbitration Commission (CIETAC). According to the report, CIETAC handled a record high of 4,071 cases in 2021, a year-on-year increase of 12.6%, of which 636 were foreign-related (including those related to Hong Kong, Macau and Taiwan), representing a significant increase.
According to Cao Lijun, a partner at Zhong Lun Law Firm in Beijing, we have yet to see the peak of international disputes related to the Ukraine-Russia war or the pandemic. “Considering the hysteretic nature of disputes, the numbers are likely to continue climbing for some time,” he predicts.
Chris Zhang, the senior partner of Jincheng Tongda & Neal based in the firm’s Shanghai office, looks at macroeconomic factors from a dialectical perspective. “On one hand, as foreign trade is riddled with uncertainties during the pandemic, China’s seen a decline in its total amount of cross-border business activities,” she says, but on the other hand, also as a result of the pandemic, what foreign trade there is has become more likely to produce disputes.
“Due to the war in Ukraine, and the numerous Western sanctions against Russia’s major exporters and their executives, Chinese businesses must sometimes breach their contracts with original partners to avoid being sanctioned by the EU and US,” says Zhang. “This adds to the likelihood of cross-border disputes.”
Even more damaging, the stagnation of the global supply chain has not only increased the volume of international disputes but also added to their complexity and difficulty.

During Shanghai’s two-month lockdown earlier in the year, Shanghai Port suffered from labour shortages, overpacked warehouses and logistics chain paralysis, which halted the circulation of domestic and international goods in their tracks, leading to a series of discords.
Zhang says that while the Civil Code and other laws and judicial interpretations have made force majeure a viable defence for pandemic-induced defaults, these cross-border contracts may not be governed by Chinese law.
“In addition, exports of masks, medical gloves, antigen testing and other anti-pandemic supplies were restricted, as they were required to be first distributed to covid-affected regions in China,” she observes. “Consequently, domestic vendors faced lawsuits and arbitrations from overseas buyers, and had to deal with a compromised reputation.”
Zhang Guanglei, a partner at the Beijing head office of Jingtian & Gongcheng, believes that macro headwinds have made contract performance a challenge, and whether that is enough to trigger force majeure, or constitute a “change of situation”, may become the focal point of cross-border disputes. “Furthermore, these adverse factors have made it difficult to obtain evidence in cross-border proceedings,” he adds.
Ray Liu, a global partner at Dorsey and head of its Beijing office, believes the surge in disputes reflects, to a degree, China’s rapid development in both traditional and new-tech sectors, contributing to their stronger presence on the international stage that has now fallen victim to macroeconomic uncertainty.
“Covid-19 cut down the opportunities for courts, clients and other parties to meet face to face, which makes it hard to regulate the procedure and for parties to negotiate in the same room,” says Liu. “With uncertainties seeping into the global economy, many enterprises have seen a sharp decline in their revenue, leading to a series of contractual, labour and financing-related disputes.”
Chris Zhang, of Jincheng Tongda & Neal, holds incompatibility between foreign and Chinese laws as one of the chief catalysts for cross-border strife, citing Cadence Design Systems v Syntronic (2022) as one such case.
The California Northern District Court ordered the defendant to send 24 computers from China to the US for inspection, to which the defensive lawyer argued that, as these computers contained the protected personal information of the employees, according to article 39 of the Personal Information Protection Law (PIPL), they can only be moved out of China with employees’ individual consent.
However, the judge deemed that the exception under the clause – permission to transfer personal information “where necessary to fulfil statutory duties and responsibilities or statutory obligations” – should apply to foreign legal obligations, and persisted with his decision.
Cross-border transfer of data and personal information has in recent years quickly ascended to the highest tier of corporate legal concerns. The Cyberspace Administration of China promulgated the Measures for Security Assessment for Outbound Data Transfer in July 2022, and is currently seeking public comment on the amendment to China’s five-year-old Cybersecurity Law. The rise of the compliance threshold is matched by the challenge in transferring evidence to overseas courts.
“With the strict discovery rules in the US, Chinese companies may be required to collect and provide relevant evidence as a party to the case, or a third party, and failure to follow such rules may incur adverse consequences” says Ray Liu at Dorsey. “On the other hand, with China building up its own data security governance and privacy protection systems, transfer of data overseas is subject to an unprecedented level of requirements and restrictions.”
Similarly, Cao at Zhong Lun cautions that compliance matters related to cross-border transfer of data may significantly affect document disclosure in international arbitration. “Lawyers in international arbitration must take data compliance into prudent consideration when disclosing documents,” he says.
While it seems more likely than ever that engaging in foreign-related dealings will end in unpleasant lawsuits, legal risks can usually be avoided, or at least abated, with shrewd safety mechanisms and meticulous planning.
“Most mature enterprises in China have gained sufficient understanding of the risks in overseas investments and how to address them,” notes Xiao Jin, a Beijing-based partner at King & Wood Mallesons. “But in view of the complicated international situation, outbound assets further face multiple levels of regulatory and political risks, for which enterprises must remain vigilant.
“Bilateral investment treaties [BITs] may be the last valid defence for protecting investors’ overseas interests,” says Xiao. “Outbound investors should make good use of these treaties to ward off regulatory and political pitfalls.”

Regarding BITs as a protective shield for outbound investors, as well as an important basis for relief, Cao adds: “If China has not entered into a BIT with the investment home country, or the BIT is insufficient, companies may consider setting up a special purpose vehicle [SPV] in a third country with whom China has a valid BIT, which in turn would grant investment protection.”
Zou Wen, who recently joined the Shenzhen office of Fangda Partners as a partner, advises outbound enterprises to not only engage a local law firm that provides high-quality legal services, but also to choose an experienced Chinese law firm as a long-term ally and consultant. “This is a tried and true practice among foreign enterprises,” says Zou. “When multiple overseas lawsuits are happening across many jurisdictions, foreign enterprises often engage a single legal adviser to oversee litigations across the globe, and help select local law firms. This helps the companies manage litigation costs and better co-ordinate with services provided by overseas lawyers.”
Chen Xiaoshan, of DLA Piper, cautions against potential political pitfalls. “Given the cross-border nature of these disputes, we would recommend that, instead of looking at the whole case solely from the PRC law perspective, clients should have an in-depth understanding about how one legal issue works under different rules in different jurisdictions,” he says. “In the meantime, given the sensitivity, some disputes are no longer relating to pure legal issues only.”
Chen says that Chinese companies should pay more attention to internal document management. “It is my experience that when it comes to the stage of discovery in foreign legal proceedings, Chinese companies always face a lot of difficulties due to a lack of internal policies on the management and retention of internal documents, which may lead the courts and arbitral tribunals to draw an adverse inference.”

Mishandling of documents appears to be a widespread but understated pain point among Chinese companies, one liable to cause disproportionate legal hardships down the line.
“When handling disputes related to funds, investments, insurance and construction, I have encountered many enterprises that had trouble producing evidence, simply because they improperly managed internal personnel transfer, evidence preservation and filing,” says Zhang Lixia, of Huamao & Guigu. “It is my belief that standardisation of file management in terms of contracts, transaction logs and performance records is vital for companies to address potential disputes.”
Fortune favours the prepared. For Chinese enterprises operating at an international level, or planning to do so, it is vital that they remain up to date about legal, political and economic situations, as well as business practices, most pertinent to the other side of the negotiation table.
David Jia, of Long An, urges Chinese companies to closely follow global developments, especially legal and policy updates, as well as trends in jurisdictions relevant to the industry in which they operate. “Diligently develop compliance of the company, and remember to put ‘compliance interests’ above general commercial interests,” he advises.
In times of uncertainties, Ray Liu at Dorsey cautions outbound enterprises in China to take great care with risk prevention, explicitly distinguish contractual parties’ rights, obligations and sharing of risks, and to the greatest extent possible avoid disputes arising from unclear contractual stipulations, or different understandings of contract terms. “In times of dispute, it is vital to comprehend the rules of the game, and to make full use of pre-action negotiation and mediation, so as to save unnecessary costs,” he says.
“Lastly, outbound enterprises should be more proactive in resorting to legal means to protect their rights and interests when they are violated,” he concludes.

On a positive note, Xiao Jin, of King & Wood Mallesons, observes that with restrictive foreign investment policies sprouting up around the world, Chinese companies have visibly raised their awareness of rights protection, and quickly learned to defend their overseas legal rights.
“With the global situation being ever unpredictable and trade protectionism on the rise, more disputes are going beyond simple commercial disagreements between companies, but have instead become hybrid conflicts mixed with the actions of local governments,” says Xiao, stressing the importance to accurately judge the nature of a cross-border dispute and identify legal remedies beyond litigation and arbitration, while cautioning that such remedies may be mutually exclusive.
With the world changing at an almost dazzling pace, laws and rule books are under increasingly intense scrutiny for their continuing suitability. In China, court and arbitration practices are becoming more internationally aligned, industry-specific and tech savvy.
Amendments to the Civil Procedure Law (CPL), which came into effect on 1 January 2022, reflect these directions. They have broadened the application of the sole-judge panel to include ordinary and second-instance hearings, improving judicial efficiency, and have optimised the standards of small claim procedure.
“With the amendment, cases involving small claims are more specific, their applicable standards more reasonable, and the procedures further expedited,” says Chris Zhang, of Jincheng Tongda & Neal. “Besides further reducing litigation costs, these measures promote the separation of complex and simple cases, which represents another step towards the true democratisation of the justice system.”
Furthermore, for the first time in China, the amended CPL officially recognised online proceedings as equally valid as the offline version. It also allowed for electronic delivery of judicial documents, and shortened the term for service of process by public announcement from 60 to 30 days.
Zhang Lixia points out that content related to judicial reviews in foreign-related business dealings and arbitration, in the Minutes of the Symposium on the Trial of Foreign-related Commercial Cases by Courts Nationwide issued by the Supreme People’s Court (SPC) in January 2022, have a great impact on commercial arbitration, while demonstrating a comprehensive support to develop arbitration as a means of dispute resolution. “The minutes represent a swift attitude change toward ‘arbitration before litigation’ clauses,” she says.
“Courts used to make independent decisions on whether contracts containing such a clause should go through arbitration or litigation, but now the SPC treats the ‘arbitration before litigation’ arrangements as valid arbitration agreements, as in only the agreement on litigation is deemed invalid, without affecting the validity of arbitration agreement.”
Judicial bodies and adjudicators have innovated by opening other fronts to make dispute resolution overall more pragmatic and cost-efficient. Ray Liu, of Dorsey, is especially impressed with the SPC’s “one stop” diversified resolution platform for international commercial disputes.
“The platform allows for information sharing and connection between the litigation, mediation and arbitration mechanisms of the China International Commercial Court,” he says. “Since its inception, it has included numerous prominent international commercial arbitration and mediation institutions, and this year it connected with the Hong Kong International Arbitration Centre [HKIAC] for the first time.
“As a distinctive mechanism that organically connects litigation, mediation and arbitration with one another, it provides effective judicial support throughout international commercial disputes for Chinese and foreign parties alike, demonstrating the labours of China’s ‘smart court’ development and its competitive edge in international dispute resolution.”
Smart court, as mentioned by Liu, refers to the modernisation of China’s court system and capacity with big data, cloud computing, artificial intelligence and other cutting-edge technologies. “By allowing online filing of cases and online court hearings, smart courts offer a lot of convenience to both lawyers and their clients,” says Zhang Guanglei.
Similarly, China’s burgeoning sector of arbitration is trail blazing on the digital front. Zhang Guanglei, of Jingtian & Gongcheng, cites the 2022 edition of arbitration rules of Shanghai Arbitration Commission (SHAC), enacted on 1 July, and the arbitration rules of the Shenzhen Court of International Arbitration (SCIA), amended in February 2022, as prime examples.

The SHAC rules provide that “unless the parties agreed to the contrary, arbitral tribunals may elect to conduct hearings on online video or video-conferencing platforms according to the needs of the case,” while the SCIA rules provide that the arbitral institution or tribunal may require parties to submit documents, and arrange the case filing, service, hearing and cross-examination through the online arbitration service platform, unless they agreed to the contrary.
Besides developments towards “smart arbitration”, SHIAC’s new arbitration rules made other strides to match the international pace, including requiring the disclosure of third-party funding (TPF) and including international investment disputes into the jurisdiction of arbitration.
Forming a clear pattern, the new arbitration rules of the Beijing Arbitration Commission (BAC), effective from 1 February 2022, recognised the validity of online hearings and electronic services. It further revamped rules on the composition of an arbitral tribunal by allowing two arbitrators to jointly elect a presiding arbitrator, in the event that the parties failed to do so first.
“Diversification of how presiding arbitrators are produced has positive effects on the arbitral tribunal’s independence and credibility of the institution,” says Zhang Lixia.
Chen Xiaoshan, of DLA Piper, reserves particular praise for the HKIAC’s Case Digest system launched at the end of 2021. “This database includes anonymised and summarised procedural decisions made by the HKIAC under various procedural rules,” he says. “It offers parties and their representatives insight into the procedural decision-making of the HKIAC’s proceeding committee and the appointments committee. It also helps parties and their representatives better understand the relevant HKIAC rules.”
Starting from 1 June 2022, CIETAC enacted its Special Relief Arrangements on Arbitration Fees Responding to the Covid-19 Pandemic, which set out scenarios where arbitration fees may be reduced or returned if the parties are affected by the pandemic. “By alleviating the cost concerns of parties, especially for SMEs, it is undoubtedly a welcome policy for those seeking legal relief to defend their lawful rights,” says Cao.
Furthermore, the China Marine Law Association (CMLA) and China Maritime Arbitration Commission (CMAC) jointly published the CMLA Ad Hoc Arbitration Rules and CMAC Rules as Appointing Authority in Arbitration on 18 March 2022.
Ad hoc arbitration, conducted without recourse to institutional arbitration rules and without the oversight of an arbitral institution, is often seen as a less costly, more flexible option. Previously, it had been elusive in China’s relevant legislations, although overseas ad hoc arbitral awards may be recognised and enforced, according to the SPC’s interpretations to the CPL.
“These are the first ad hoc arbitration rules formulated and promulgated in China, as an important step to match with international practice,” says Zhang Lixia. “The debut of domestic ad hoc arbitration rules is a bold, innovative move that will set valuable precedents to the amendments of the Arbitration Law.” The addition of “ad hoc arbitral tribunal” in last year’s draft of the amended Arbitration Law was perceived as the first sign of importing the practice at long last.
Between the amended CPL affirming the validity of online litigation, and its top arbitration venues revising their rules to facilitate online hearings, it is safe to conclude that online dispute resolution (ODR) continues to thrive in China. But where does it go from here?

Since the outbreak of covid-19, online alternatives to in-person events, formerly considered to be relatively niche, quickly entered mainstream and in many cases became pillars that supported their forms of activity through the toughest times.
However, some would argue that the toughest times are behind us. Offline events have made a resounding comeback in 2022, especially in countries and regions where gathering and travel restrictions have been eased. According to a recent Bloomberg analysis, many billionaires who found their fortunes exponentially increase due to covid-induced market restructurings have now watched the same numbers plummet by as much as 80% as the needs for their products recede.
These include the chairman and CEO of Zoom, operator of the popular video-conferencing software; the co-founder of Carvana, an e-commerce platform for used cars; and the founder of Coupang, often referred to as the “Amazon of South Korea”.
These trends seem to indicate that, while the value and popularity of virtual events cannot be denied, they may have been somewhat expanded by the extraordinary circumstances of the past few years. But is that the case for ODR?
“Personally, I believe the need for ODR will decline after the pandemic, but not necessarily to the pre-covid level,” says Cao, who proposes to base the form of hearings on the specific type of dispute. “For certain complicated disputes, especially tech-related ones, offline hearings allow arbitration attorneys to better state the case, and for the tribunal to better sort out the convoluted facts,” he says.
By comparison, disputes involving relatively small amounts or less complex circumstances benefit little from physical proceedings,” he adds. “Parties may opt for online or hybrid hearing in order to conserve both costs and time.”
Zhang Guanglei agrees that the demand for ODR will remain above pre-covid levels even with the pandemic coming under control and offline events mounting a robust return. “While online hearings still risk being incompatible with highly specialised or technical cases, it can still subsist as a viable option with technological improvements, or the adoption of an ‘online plus offline’ mode,” he says.
“Just in the first half of 2022, we have conducted a number of hybrid arbitration hearings, where arbitrators or attorneys sometimes patch in via online access, which to a large degree prevented delays caused by incompatible time arrangements between all participants.”
Ray Liu points out that the innate advantages of ODR will endure even with the resumption of physical hearings. “To lawyers, ODR is expedient, efficient and fast, free from spacial constraints; while for clients, especially SMEs, ODR saves costs in transportation and printing, while also consuming less time.”
On the other hand, he does not believe that ODR is on a path to completely overtake the more traditional format. “ODR makes it difficult to verify party identities, give testimonies and present evidence, and is especially limited when the cases are complex or the parties suffer from bad internet connection,” he points out.

“I believe that ODR is at its most useful and efficient in small claim cases such as cross-border e-commerce disputes or domain name infringements, while traditional offline procedures are more suitable to complicated cases involving a lot of witnesses and physical evidence.”
Apart from practicality, ODR’s post-covid rise to prominence may have irrevocably altered the general habit of legal professionals. To Ji Xuefeng, the director of Tianjin office of Anli Partners, ODR exceeded her expectations in terms of efficiency and ease of use. “I believe that in the future, even when the pandemic is a distant memory and life has resumed a normal pace, ODR will still enjoy a significant presence,” she says, “especially as it makes long-distance proceedings so much more efficient by taking traffic time out of the equation.”
Zhou Zhiming, a Shanghai-based partner at Guantao Law Firm, acknowledges that social perception of ODR has changed, and that the pandemic helped its spread and development by allowing its strengths and value to shine. He says that in prior surveys he conducted in his capacity as the director of the civil and commercial litigation committee of the Shanghai Bar Association, many lawyers reported that due to technical constraints and inconsistent ODR capacity at each court and arbitration venue, the ODR experience overall fell short of its offline counterpart.
Nevertheless, Zhou is optimistic about the long-term applicability and accessibility of ODR. “To parties or lawyers participating in online lawsuits or arbitrations, my advice is to explore the option of submitting in-trial comments to the court or tribunal beforehand,” he says. “During the trial, it is important to keep expressions concise and accurate. In addition, pre-hearing preparations should cover not only the case itself, but also the internet connection, equipment and environment, and make any necessary adjustments.”
In many ways, China’s explorations of technology-based judicial proceeding have gone beyond the use of video-conferencing and the digitisation of evidence. In 2017, the first internet court in the world was inaugurated in Hangzhou. Beijing and Guangzhou soon followed suit.
“Internet courts, incorporated with technologies related to identity authentication, electronic data input, online evidence presentation and electronic delivery, are fully online unless parties applied to conduct certain procedures offline,” says Chris Zhang.
As internet courts are designed to handle internet and technology-related cases such as disputes over online service contracts, domain names, blockchain, cryptocurrency and non-fungible tokens (NFTs), they form a unique ecosystem to use technologies to resolve tech-related disputes, giving rise to a series of valuable legal precedents.
“The Hangzhou Internet Court gave online judgments to China’s first unfair competition case involving big data products, the first case to confirm the legal review method of blockchain electronic certificates, the first Bitcoin ‘mining machine’ dispute, and the first NFT infringement,” says Ray Liu. “Evidently, internet courts are innovative not only in its procedures, but also in terms of the types and nature of the disputes.”
In July 2020, the Hangzhou Internet Court officially launched its cross-border trade tribunal, being the first in China to specialise in cross-border digital trade disputes. The first case it heard, a lawsuit filed by a Singaporean user against Tmall, China’s biggest B2C e-commerce platform, was broadcast live across dozens of media and watched by 8 million viewers.
“I believe that AI, blockchain and such technologies will profoundly transform ODR and internet courts, and fundamentally affect the procedural, or even substantive, rules of court proceedings, including how services are delivered and how evidence is presented,” says Liu.
!function(e,i,n,s){var t=”InfogramEmbeds”,d=e.getElementsByTagName(“script”)[0];if(window[t]&&window[t].initialized)window[t].process&&window[t].process();else if(!e.getElementById(n)){var o=e.createElement(“script”);o.async=1,o.id=n,o.src=”https://e.infogram.com/js/dist/embed-loader-min.js”,d.parentNode.insertBefore(o,d)}}(document,0,”infogram-async”);
China Business Law Journal reveals the law firms that have excelled in the past year
We asked some of our elite A-list lawyers to provide us with keywords that others might use to rise to the top of their game
After months of intensive market surveys and research, China Business Law Journal’s editorial team unveils our In-house Counsel Award winners
Top arbitration institutions examine the evolution of the sector in China
General counsel hold the keys to unlocking sound investment opportunities in troubled times
Join our mailing list for legal news and alerts

source

Data blind: Universities lag in capturing and exploiting data  Science
source

The need for organizations to automate their talent management processes increased dramatically in recent years, especially when the COVID-19 pandemic forced companies to implement work-from-home policies. The shift to a predominantly remote workforce made in-person, manual processes difficult, if not impossible.
Talent management software continues to be not just useful, but essential, even as workers return to the office. Besides helping to automate talent processes and provide self-service options to employees and managers, talent management software systems enable companies to stay engaged with current, potential and past employees, no matter where they live and work.
Often driven by the HR department and supported by people managers, talent management spans an employee’s entire lifecycle at a company. It includes all the processes, guidelines and systems used to attract, retain, develop and manage employees.
Talent management encompasses all of the tools and processes needed to meet the human capital needs of the enterprise, including hiring people with the right skill set, training workers on new technologies and tracking employee information.
This article is part of
Download this entire guide for FREE now!
Talent management software refers to all the systems and applications needed to manage the employee lifecycle in an organization. Multiple systems may be part of a company’s landscape, with some offering specific functionality: for example, a core HR system that tracks basic employee data, another system for performance management and a third for learning management. But some products — the comprehensive suites that are the focus of this roundup — can provide most or all of the talent management functions in one system that has a consistent look and feel.
Talent management software features are often categorized by modules, each of which handles a specific function. A compensation module, for example, is used specifically to manage pay raises and to plan strategies for rewarding employees. Though it’s ideal to have a comprehensive package to manage talent, it’s often not possible to implement the whole system at once. Also, depending on company culture, size, budget, industry and priorities, some of the functions available on the market may not be needed.
What follows is an explanation of the modules and some of their key features to consider when choosing talent management software systems. The standard functionality is often similar among vendors, so the focus here is on capabilities that may not be provided by every vendor.
There’s a plethora of talent management software products to choose from. Consider the following key factors when selecting a talent management platform vendor:
When evaluating an all-in-one package, consider how the vendor enables its customers to use data across multiple modules. Skills data, for example, might be valuable in multiple situations, such as rating employees in performance management, looking for internal candidates to fill open positions and auto-assigning development training to employees.
Along these lines, we’ve narrowed the list to the five best talent management software packages that provide support for all or most of the employee lifecycle.
This software supports all aspects of talent management, including the payroll functions that ADP is known for. Candidates can apply through the applicant tracking module, complete all the new hire forms in the onboarding module, view and update personal information, and manage performance and compensation.
Key features
Similar to Workforce Now, Dayforce supports the entire employee lifecycle, including payroll. Ceridian has spent years making an HR system that supports companies with employees in multiple countries with various currencies.
Key features
Developed for smaller organizations, BambooHR offers many features to support the employee lifecycle, with a UI that’s intuitive to employees and the HR team. The system provides a comprehensive set of features and is easy to integrate with many niche vendors that have pre-built interfaces with BambooHR.
Key features
One of the biggest vendors in the HR software market, Workday offers a comprehensive and configurable SaaS talent management package for domestic and international customers.
Key features
Like Workday, SAP SuccessFactors offers all the functionality needed for talent management, but under the umbrella of human experience management (HXM). Targeted at large organizations, the suite is configurable and has a consistent look and feel across the platform.
Key features
Whether the choice is a single vendor providing an all-in-one package or multiple vendors offering niche applications, automating the entire talent management process is imperative for companies juggling remote and hybrid workforces, battling to attract and retain highly skilled talent, and continuing to compete at a high level.
Talent management software provides many advantages in the areas of recruitment, performance management, training and education, and compensation management. Companies can collect, centralize, track, store, report and analyze employee data, while receiving automated reminders and notifications. Prospective and current employees have access to self-service options to complete tasks when convenient, without depending on the HR team or their managers.
How are recruitment and talent acquisition different?
9 keys to a killer recruitment marketing strategy
Employment background checks shift to continuous
6 trends in recruiting technologies
Critical SAP vulnerabilities are a constant concern and are increasing as SAP systems open more due to digital transformation and…
SAP Build, a new low-code platform that debuted at SAP TechEd, is designed to enable business users to create apps, but it’s …
SAP Sustainability Control Tower enables companies of all sizes to gather and manage ESG data. The revamped SaaS model focuses on…
With its Cerner acquisition, Oracle sets its sights on creating a national, anonymized patient database — a road filled with …
Oracle plans to acquire Cerner in a deal valued at about $30B. The second-largest EHR vendor in the U.S. could inject new life …
The Supreme Court ruled 6-2 that Java APIs used in Android phones are not subject to American copyright law, ending a …
The analytics vendor and open source tool have already developed integrations that combine self-service BI and semantic modeling,…
Free Ingest encourages the vendor’s customers to use its data import tools, rather than a third party’s, to reduce the complexity…
In addition to an easy-to-use BI platform, keys to developing a successful data culture driven by business analysts include a …
Content management trends — AI, cloud deployment, knowledge management and data privacy — can help organizations automate …
When it comes to ECM, there are myriad vendors to consider. Delve into 10 platforms to understand their capabilities and …
PIM systems help retailers manage product information across channels. Key PIM system benefits include improved employee …
Expect more organizations to optimize data usage to drive decision intelligence and operations in 2023, as the new year will be …
These 10 roles, with different responsibilities, are commonly a part of the data management teams that organizations rely on to …
These eight challenges complicate efforts to integrate data for operational and analytics uses. Here’s why, plus advice on how to…
All Rights Reserved, Copyright 2017 – 2022, TechTarget

Privacy Policy
Cookie Preferences
Do Not Sell or Share My Personal Information

source

Search for…

2022 was another strong year for unicorn creation in Central and Eastern Europe. It saw the rise of eight new unicorns in the wider CEE region, moving the total to 44. Startups with $1B+ valuations included Bulgarian fintech Payhawk, Czech enterprise software company Productboard, and Croatian automaker Rimac Automobili. 
Despite the economic downturn, a total of €5.3B VC money flooded in the region, making it one the fastest growing regions for VC funding in Europe.
What is in the cards for 2023? The Recursive scouted for the tech startups to watch in 2023, as they have the biggest chances to become the next unicorns of Central and Eastern Europe. 
We selected startups with an estimated valuation between $200-950M, the last funding year being at least 2017, and with headquarters or founding place in Bulgaria, Romania, Greece, Western Balkan countries, The Czech Republic, or Poland. Valuations estimates are provided by Dealroom, unless otherwise indicated.
 
In 2021, fintech startup Payhawk, which was on our previous soonicorns list,  became the first unicorn originating from Bulgaria. Four years after founding, the company raised a $100M round in March 2022, extending its previous historic Series B. Another Bulgarian private tech company rumored to have a valuation of over $1B is SiteGround, the web hosting company founded in 2004. The rest of startups to watch in 2023 follows the candidate list from last year.
 
Founders: Dilyan Pavlov
Headquarters: Massachusetts, US
Industry: Enterprise Software
Solution: Asset management and reporting software for alternative assets.
Total funding: N/A
Estimated valuation: $900M
Last round: Strategic growth investment in 2021, undisclosed amount
 
Founders: Krasimir Marinov, Peter Brodsky, Vladimir Tzankov
Headquarters: New York, US
Industry: Enterprise Software
Solution: Data automation technology to improve operational efficiency.
Total funding: $289M
Estimated valuation: $400—600M
Last round: $100M Series E in December 2021
Founders: Ivan Osmak, Jordan Angelov, Radoslav Georgiev, Bo Pedersen
Headquarters: Colorado, US
Industry: Enterprise Software
Solution: A software and services company offering a data-drive OKR platform where companies can track their most important metrics to improve decision making.
Total funding: $160.6M
Estimated valuation: $480—720M
Last round: $120M Series C in December 2021
 
Founders: Snejina Zacharia
Headquarters: Massachusetts, US
Industry: Financial Services, Insurance
Solution: Virtual insurance platform for auto, home, and life insurance using AI and predictive analytics.
Total funding: $130M
Estimated valuation: $400—600M
Last round: $100M Series B in 2021
 
Over the years, Romania has produced two unicorns: publicly listed RPA company UiPath, and privately owned blockchain and crypto startup MultiversX (formerly Elrond). Privately owned e-commerce giant eMAG is also valued at over €1B+. Among the potential unicorn startups to watch in 2023, we see the rise of companies aiming to digitize and modernize the financial services system.
 
Founders: Florin Talpeș
Headquarters: Bucharest, Romania
Industry: Cybersecurity
Solution: Cybersecurity solutions for end users and businesses.
Total funding: $187M
Estimated valuation: $600M
Last round: $180M, secondary market, 2017
 
Founders: Eduard Oneci, Vasile Burcin
Headquarters: Nicosia, Cyprus
Industry: Fintech, Crypto
Solution: A crypto liquidity platform that enables instant card issuance for purchases at any merchant.
Total funding: $75M
Estimated valuation: $300—450M
Last round: $75M late VC series in November 2022
 
Founders: Sergiu Negut, Teo Blidarus 
Headquarters: London, UK
Industry: Financial services
Solution: Low-code solutions for the digital transformation of the finance industry.
Total funding: $81.3M
Estimated valuation: $281M
Last round: $60M Series B in 2021.
 
Founders: Chris Turlica, Nick Haase 
Headquarters: San Francisco, California
Industry: Enterprise Software
Solution: Tools for preventive maintenance and control of daily business operations.
Total funding: $42.8M
Estimated valuation: $156—234M
Last round: $39M Series B in 2021
 
So far, the accelerating Greek tech startup ecosystem has produced two unicorns: learning certification company PeopleCert and neobank Viva Wallet, which recently completed its partial acquisition by JP Morgan. 
In 2022, automotive leasing company FlexCar made one step further towards becoming the next unicorn company from Greece, after a €210M VC round. An industry fellow company, Spotawheel, joined the ranks with a €100M growth equity round.
 
Founders: Konstantinos Davaris, George Desyllas
Headquarters: Athens, Greece
Industry: Automotive
Solution: Automotive leasing solutions that make car ownership flexible and minimize advance payments.
Total funding: $326M
Estimated valuation: $924M—1.4B
Last round: €210M late VC round in 2022
 
Founders: Alex Chatzieleftheriou, Penny Papakonstantinou, Alexis Maragkos, Andreas Nezeriti
Headquarters: New York, US
Industry: Real estate
Solution: Proptech rental company offering a platform for booking flexible stays.
Total funding: $251M
Estimated valuation: $560—840M
Last round: Undisclosed late VC round in November 2022
 
Founders: Charis Arvanitis, Kiriakos Agadakos 
Headquarters: Néa Ionía, Greece
Industry: Automotive
Solution: Dealership platform for used cars.
Total funding: $138M
Estimated valuation: N/A
Last round: €100M growth equity VC stage in April 2022
 
Founders: Alexis Pantazis, Emilios Markou
Headquarters: Maroussi, Greece
Industry: Financial services
Solution: Offers car, motorcycle, and home insurance solutions.
Total funding: $50.9M
Estimated valuation: $141-211M
Last round: €32M late VC round in 2021
In 2022, Western Balkan countries welcomed a new unicorn – Croatian automotive company Rimac Automobili, after raising a €500M Series D round. Rimac thus became the second company with a >$1B valuation in Croatia after communication software company Infobip.
Other success stories in the region include Serbian gaming company Nordeus’ $378 million acquisition in 2021. Several Croatian and Serbian companies raised further rounds and 2022 and made our list of startups to watch in 2023 for unicorn valuations.
 
Founders: Aleksandar Čabrilo, Dusan Kosic
Headquarters: California, US; founding location – Serbia
Industry: Enterprise Software
Solution: Consulting, software engineering and digital product development services.
Total funding: $140M
Estimated valuation: N/A
Last round: $140M initial round at the beginning of 2022
 
Founders: James Isilay, Stjepan Buljat
Headquarters: London, UK; founding location – Croatia
Industry: Enterprise software, Marketing, AI
Solution: Sales intelligence software that uses AI tools to extract sales and recruitment leads from big data.
Total funding: $128M
Estimated valuation: $350—525M
Last round: $87.5M Series C in January 2022
 
Founders: Deniz Kural, Igor Bogicevic; CEO: William Moss
Headquarters: Massachusetts, US; founding location – Serbia
Industry: Biotechnology
Solution: Specializes in software and data analytics to drive healthcare research.
Total funding: $113M
Estimated valuation: $250M
Last round: $15M closing of a $30M Series C in 2021
 
Founders: Davor Tremac, Filip Sturman, Ivan Ivankovic
Headquarters: Dublin, Ireland; founding location – Croatia
Industry: Enterprise software, Fintech
Solution: Solution for tax automation and compliance for companies to streamline the transactional chain.
Total funding: $85M
Estimated valuation: $240—360M
Last round: $60M Series B in July 2022
 
Founders: Mario Vuksan, Tomislav Peričin
Headquarters: Massachusetts, US; founding location – Croatia
Industry: Enterprise Software
Solution: Threat detection solutions for the software supply chain.
Total funding: $81M
Estimated valuation: $224-336M
Last round: €48M Series B in 2021
 
Founders: Andrej Bencic, Miljan Tekic, Bogdan Habic, Nebojsa Urosevic
Headquarters: San Francisco, California; founding location – Serbia
Industry: Enterprise software, Fintech
Solution: An Ethereum Developer Platform for real-time monitoring, alerting, debugging, and simulating of smart contracts.
Total funding: $55.3M
Estimated valuation: $250M
Last round: $40M Series B in March 2022
 
After becoming the first Czech unicorn in 2021, Rohlik Grouo raised a further €220M Series D  this year. 2022 also saw the rise of San-Francisco-based Productboard, after it raised a $125 million Series D. The company’s valuation now sits at $1.725 billion. Logistics provider ShipMonk is also estimated to have a valuation of over $1B, after closing a $290M round in 2020. In January 2021 they raised another $65M growth equity VC round and at the beginning of 2022 they acquired competitor Ruby Has Fulfillment. Several companies with valuations over $500M and recent fundraising rounds could become the country’s next unicorns.
 
Founders: Dr. Ben Maruthappu, Marek Sacha
Headquarters: London, UK
Industry: Healthcare
Solution: A digital-first home healthcare company offering care, nursing, telehealth and repeat prescriptions.
Total funding: $303M
Estimated valuation: $686M—1B
Last round: £130M in debt and £130M from VCs in August 2022
 
Founders: Richard Valtr
Headquarters: Amsterdam, The Netherlands
Industry: Enterprise Software, Travel, Fintech
Solution: A SaaS-based property management system that simplifies hotel operations, from reservations to payments and others.
Total funding: $230M
Estimated valuation: $865M
Last round: $185M Series C round in 2022, one of the largest funding rounds in the Czech Republic in 2022
 
Founders: Jan Mrazek, Michal Klaus
Headquarters: Toronto, Canada
Industry: Enterprise Software, Deep tech
Solution: A software company that specializes in solutions for data quality, master data management, and data governance.
Total funding: ~$152M
Estimated valuation: $550M
Last round: $150M growth equity VC in 2022, one of the largest funding rounds in the Czech Republic in 2022
 
Founders: Tomas Gogar, Petr Baudis, Tomas Tunys
Headquarters: London, UK
Industry: Enterprise Software, Legal, AI
Solution: A cloud document gateway for automated business communication using AI.
Total funding: $106M
Estimated valuation: $400—600M
Last round: $100M Series A in October 2021
 
Founders: Marcin Cichon, Martin Dr. Wricke
Headquarters: Pfaffenhofen, Germany
Industry: Enterprise Software, Marketing
Solution: A provider of full suite price management and CPQ SaaS solutions.
Total funding: $126M
Estimated valuation: $260—390M
Last round: $65M Series C in 2020
 
Founders: Tomas Kratky
Headquarters: New York City, NY
Industry: Enterprise Software, Big Data
Solution: Offers a central hub of all data flows in the organization.
Total funding: $52.5M
Estimated valuation: $140—210M
Last round: Late VC round in December 2022, following a Series B of $35M in May 2022, one of the largest funding rounds in the Czech Republic in 2022
 
Founders: Jiri Kobelka, Samuel Sramko
Headquarters: Miami, Florida
Industry: Fintech, Web3
Solution: Empowers web 3.0 developers to build apps fast.
Total funding: $41.7M
Estimated valuation: $166—249M
Last round: An early VC stage round of $41.5M in October 2022, one of the largest funding rounds in the Czech Republic in 2022
 
Founders: Michal Mensik
Headquarters: Prague, Czech Republic
Industry: Logistics, Transportation
Solution: Delivery solutions for businesses of any kind.
Total funding: $66M
Estimated valuation: $264—396M
Last round: €60M Series B in May 2022, one of the largest funding rounds in the Czech Republic in 2022
 
The Polish startup ecosystem has vast tech talent and a growing pool of VC funding, key ingredients for breeding future unicorns. So far, healthcare startup DocPlanner is the country’s sole official unicorn. Another private tech company valued at over $1B is e-commerce player Modivo (formerly eobuwie.pl). 2022 saw several Series B to Series D funding rounds, bringing new contenders to the unicorn status.
 
Founders: Rafał Modrzewski, Pekka Laurila
Headquarters: Helsinki, Finland
Industry: Space tech
Solution: Micro-satellites for the capture of images from space. A spin-off from Aalto University.
Total funding: $302M
Estimated valuation: $544—816M
Last round: $136M Series D in February 2022
 
Founders: Michał Borkowski, Tomasz Kraus, Łukasz Haluch
Headquarters: Krakow, Poland
Industry: Education
Solution: The world’s largest peer-to-peer learning community for students, parents and teachers.
Total funding: $152M
Estimated valuation: $320—480M
Last round: $80M Series D in 2020
 
Founders: Piotr Pisarz 
Headquarters: London, UK
Industry: Fintech
Solution: A revenue-based finance provider, which allows founders to raise growth capital without giving up control of their business.
Total funding: $117M
Estimated valuation: $320—480M
Last round: Support program from Tech Nation and a Series B of $80M in 2021
 
Founders: Konrad Howard, Stefan Batory
Headquarters: San Francisco, California
Industry: SaaS, e-commerce
Solution: A beauty marketplace for finding, scheduling, and managing appointments, enabled by a SaaS mobile app.
Total funding: €148M
Estimated valuation: €255—382M
Last round: $70M Series C in January 2021
 
Founders: Przemek Kowalczyk, Szymon Sypniewicz
Headquarters: London, UK
Industry: Fintech, Web 3.0
Solution: A non-custodial fiat-crypto exchange infrastructure that makes it easy for users to jump on and off of Web3 from anywhere.
Total funding: €123M
Estimated valuation: €255—382M
Last round: $70M Series B in November 2022
 
Founders: Wojtek Sadowski, Patryk Kabaj, Konrad Kwiatkowski, Arkadiusz Wasilonek
Headquarters: Warsaw, Poland
Industry: Packaging, Retail
Solution: Online marketplace that simplifies ordering and management of branded packaging.
Total funding: $56.3M
Estimated valuation: $176—264M
Last round: €40M Series B in 2021
 
Founders: Martin Markiewicz, Julia Markiewicz
Headquarters: Singapore, Singapore
Industry: Fintech, AI, Legal
Solution: Explainable AI that enables you to solve more screening alerts in less time and with greater accuracy
Total funding: $55M
Estimated valuation: $160—240M
Last round: $40M Series B in March 2022
Over 1 million people from all over the world have learned about the tech ecosystem in Central and Eastern Europe thanks to The Recursive. In order to keep our content free for everyone, we need your help. If you believe what we do is important and have the means to do so, support us in giving a voice to Central and Eastern Europe with as little as €7. Thank you!
Every single contribution of yours helps us guarantee our independence and sustainable future. With your financial support, we can keep on providing constructive reporting on the developments in the region, give even more global visibility to our ecosystem, and educate the next generation of innovation journalists and content creators.
Find out more about how your donation could help us shape the story of the SEE entrepreneurial ecosystem!
START HERE
One-time donation
You can also support The Recursive’s mission with a pick-any-amount, one-time donation. 👍
DONATE NOW
The Recursive
Address: Sofia 1504, 6 Shipka Str.
For news stories, reach out to: [email protected]
For content marketing partnerships: [email protected]

© 2020 – 2022 – Recurisve Media JSC | All rights reserved Web Development by Vipe Studio – WordPress Agency
AI
Blockchain
Cybersecurity
Dev Tribe
Health
Edtech
Mobility
Gaming
Agritech
Climate Tech
Social Impact
Smart Cities
AI
Blockchain
Cybersecurity
Dev Tribe
Health
Edtech
Mobility
Gaming
Agritech
Climate Tech
Social Impact
Smart Cities

source

Enter your email address to instantly generate a PDF of this article.
Whether you’re a freelancer or supervise small teams for enterprise-level companies, project management tools are a must if you want to stay efficient and organized. Today, two apps that dominate the project management workspace are Trello and Asana. Both are industry-leading applications used by both startups and Fortune 100 companies for team collaboration, and they each feature free versions that you can start using right now.
Yet, the two have critical differences in functionality, integrations, workflow, pricing, and features.
At a glance, Trello is the go-to platform if your primary project management tool is a kanban board, as that’s what it undoubtedly does best. Its kanban board is highly user-friendly, and you can add other functionalities to Trello through power-ups.
If you’re after more features and flexibility, you may prefer Asana.
Why is that?
It’s because Asana lets you break down projects into specific categories and groups of tasks with particular assignees. Other features include Gantt charts (starting with the Business Plan), subtasks, and customizable dashboards.
Asana also has kanban-style planning, but it’s not as robust as Trello.
However, neither application can do everything, so it’s crucial to familiarize yourself with both to determine which is best for you. That’s why I’m pitting Trello vs. Asana in a detailed breakdown of each platform’s features, pricing, and support.
If you’ve never used any project management apps before, you may not know anything about Asana or Trello. Both offer project management solutions for freelancers and companies, but the key difference lies in the features they focus on. In particular, Trello relies heavily on its kanban board for work management.
What’s a kanban board?
It’s a visualization tool that uses cards to represent tasks (along with due dates for each card), columns to represent workflow stages, and swimlanes to represent different teams and activities. A kanban board is one of the most effective ways to monitor progress on a project due to its simplicity, and it’s what Trello focuses on the most.
Asana, on the other hand, also features a kanban board, but it’s not the main focus of the application. Instead, Asana has more robust features for task management, including lots of customizability.
With Asana, users can assign individual tasks to assignees in a feature, story, or project. There’s also a calendar view and a to-do list for each team member containing their current tasks (as well as their deadlines).
In short, Asana works better for more complex projects requiring lots of teamwork, while Trello excels at more straightforward tasks. As such, which app you choose will depend heavily on the scope of your project.
Due to its simplicity, Trello is excellent for freelancers wanting to keep track of a few daily assignments. It’s also an excellent tool for smaller teams that don’t want to spend much time dealing with a steep learning curve.
That’s because the Trello board view is so user-friendly and simplistic that anyone can learn how to use it without needing tutorials.
If you’d prefer to hit the ground running on a new project instead of learning the ins and outs of Asana’s more robust features, Trello is an excellent option. It’s also free to use (as long as you don’t add any power-ups), making it even more appealing to freelancers and small businesses.
Yet, if your work is a bit more complex and involves many moving parts, Asana may be the better choice.
If you’re juggling managing a ton of tasks and projects at once, Asana can help you keep track of it all. Compared to Trello, Asana can do much more with task dependencies.
What are those?
In project management, task dependencies refer to the specific order in which certain tasks must be completed.
An example would be specifying that a blog article cannot proceed to the publishing phase until editing/image creation is complete. Another example is stating that electrical work can’t begin until the drywall installation is done.
With Asana, you can easily add dependencies to any task, which is a definite plus. That way, you won’t have to worry about certain phases of the project getting done out of order.
That’s why many large companies choose Asana over Trello due to the wide variety of features and customizable options.
Now it’s time to take a closer look at the core features of both applications to determine which suits your needs better.
Right off the bat, it’s crucial to note that Asana offers more features out of the two by default. While it’s possible to add more capabilities to Trello, they involve power-ups (either by Trello or a third party), and these tend to be hit-and-miss.
Trello’s key features
As stated previously, Trello’s interface revolves around its kanban-style features, which consist of:
Boards. Trello’s kanban board is where every project lives. They keep all your tasks organized along each stage of the project, from ‘things to do’ to ‘completed tasks.’ The boards are highly visual in nature and are easy to read, even if you’ve never used a kanban board before.
Lists. Each board will also have a list view, which represents the stages of each project. These include to-do, doing, and done — but you can also create custom fields. That way, if your project has unique stages, you can edit the list to reflect them.
Cards. Lastly, the cards on each board represent individual tasks. Each card contains all the information that a team member needs to get the job done, including the due date and any special requirements. To visualize progress on each task, you move the cards through each stage (to-do, doing, done).
As you can see, Trello provides an extremely straightforward approach to project management that’s effortless to pick up and use.
Each Trello card contains tons of helpful information, including:
Members. These are the assignees for each task, letting you know who’s in charge of completing what at all times.
Due dates. Keep your team members motivated and on track by including clear deadlines for every Trello card.
Attachments. This is a convenient feature, as it lets you attach anything to the card as you would to an email. That way, your team will have all the files, resources, and attachments they need to get the job done straight from Trello.
Checklists. This feature allows you to break tasks into smaller ones on Trello. You can provide a checklist for each card containing all the stages to completion. That will enable you to monitor progress in real-time, which comes in handy.
Besides these core features, Trello also boasts some impressive integrations, including:
Salesforce
Slack
Dropbox
Outlook
Gmail
InVision
Jira
These integrations make tracking your team’s progress effortless without having to change any of your regular tools. For instance, if your team regularly uses Salesforce, integrating it with Trello will allow you to send info easily between the two.

If you’re a fan of Trello’s simple visual style but want more features, you can opt for its power-ups. These are integrations that come from both Trello and third-party developers.
For this reason, Trello’s power-ups can vary in quality, sometimes drastically. On average, the power-ups provided by Trello tend to be the most reliable and high-quality. Third-party power-ups are more of a risk, but that doesn’t mean that all of them are bad.
It just means that it can be tough to tell if a power-up will be worth it or not, which is a risk you won’t have to take with Asana.
With that said, here’s a look at some of the most popular power-ups you can add to Trello.
Calendar. The most downloaded Trello power-up is Calendar, an app that places all your active projects on one central calendar. That makes it easy to identify projects and tasks that are falling behind schedule so you can get them back on track. The Calendar app also incorporates color-coded organization to Trello cards, and you can export your calendar to integrate with other third-party apps.
Board Sync. Another popular power-up is Board Sync, which lets you sync projects together (including all cards, lists, and boards).
Crmble. Do you wish your project management software could double as a CRM (customer relationship management)? If so, Crmble is the power-up for you. It’s an easy-to-use CRM that you can use straight from Trello, which means you never have to leave the app to manage customer relations.
Plenty of other power-ups are available, including Google Drive integrations and Gantt charts.
It’s crucial to note that not every Trello power-up is free. Some are, but a majority are considered premium power-ups and require an additional fee. Considering this, Asana has the advantage here as all its features come by default without the need to spend money on add-ons.
Instead of a kanban board, Asana centers around its patented Asana Work Graph® model. It uses a series of graphs, boards, and calendars to visualize your work projects, your team, and the people doing the work.
In particular, Asana represents your work timeline as a graph that’s filled with all your tasks.
You can assign each task to an assignee — as they have their own dashboard. There, they can see their assigned tasks, the deadline, and lots of other information about the project.
You can include attachments and hotlinks in each task description to ensure your team has everything they need to complete the project.
The timeline view is completely adjustable and uses drag-and-drop controls, so you’re able to make tweaks to it on the fly (such as for unexpected setbacks or getting ahead of schedule). You can use these timelines to streamline marketing campaigns, event planning, product launches, and more.
Other features include:
Convert spreadsheets into Asana timelines. A highly useful feature (especially if you’re migrating from using Excel as your project management tool) is importing a CSV file and converting it automatically into an Asana timeline. That way, you can quit using cumbersome spreadsheets without having to input them into Asana manually.
Powerful automation tools. With Asana, you can automate much of the busy work involved with project management. You can automatically direct new tasks to the right project, auto-assign teammates, automate due dates, and more.
Built-in calendar view. Unlike Trello, Asana comes with a calendar view that you can use without downloading an add-on. Its visualization tools make it easy to identify gaps and overlaps in your schedule, which is a plus.
Like Trello, Asana can integrate with many third-party applications and tools, including:
Microsoft Office 365
Slack
Jira
Zapier
Canva
YouTube
Loom
Adobe Creative Cloud
Many others
To see a complete list of apps Asana can integrate with, click here.
Asana has so many valuable and customizable features that it easily wins this matchup. Yet, if simplicity is what you value above all else, you may prefer Trello.
Now it’s time to compare Trello vs. Asana in terms of pricing. First, I’ll start by comparing Trello and Asana’s free plans.
In this regard, Asana is the winner. That’s because you get a lot more features from its free plan than you do from Trello (once again, power-ups are what’s holding it back).
With Asana’s free plan, you get the following:
A list view
A calendar
A kanban board
Unlimited projects
Unlimited cloud storage
With Trello’s free plan, you get:
A kanban board
10 projects
Unlimited cloud storage
Two-factor authentication
As you can see, you get unlimited projects with Asana’s free plan (Trello limits you to 10), as well as a handful of other features missing from Trello.
Here’s a look at Trello’s paid plans:
Standard plan. Tello’s first paid option is the Standard plan, which is $6 per month or $60 annually ($5 per month). The pay is on a per-user basis, so you’ll need to pay for additional users. With the Standard plan, you get unlimited boards, advanced checklists, custom fields, single-board guests, 1,000 workspace command runs each month, and saved searches.
Premium plan. Next up is the Premium plan, which is $12.50 per month or $120 annually ($10 per month). New features include unlimited workspace command runs, table, and calendar workspace views, workspace-level templates, collections, observers, and priority support.
Enterprise plan. Lastly, the Enterprise plan runs $17.50 per month, or $210 annually (still $17.50). Exclusive features for this plan include unlimited workspaces, organization-wide permissions, multi-board guests, attachment permissions, and free SSO and user provisioning.
Realistically, there isn’t much use for the Premium or Enterprise plans for most users. If you’re a freelancer or small team using Trello, 9 times out of 10, the Standard plan or free plan will suffice.
Asana’s pricing structure looks like this:
Premium plan. Above the free plan is the Premium plan, which costs $13.49 per month or $131.88 annually ($10.99 per month). Exclusive features include unlimited essentials, four project views, automated workflows, reporting, community support, and scaled security.
Business plan. Next up is the Business plan, which is $30.49 per month or $299.88 annually ($24.99 per month). Features include advanced workflows and advanced reporting.
Enterprise plan. Like Trello, Asana also has an Enterprise plan. Yet, it’s not a standard plan and requires you to contact their sales department to learn more. This plan is for larger companies that need more visibility, control, and support than Asana’s Premium and Business plans.
As you can see, Asana’s plans are a bit pricier than Trello, but they tend to offer more functionality, especially the Premium plan.
Lastly, let’s compare how both applications handle customer support. After all, if nobody is around to answer your questions, why even bother downloading the app? Here’s a look at the support options for both platforms.
In this category, Trello is the clear winner by a long shot.
Why is that?
It’s because Trello has a far more robust and active customer support system in place. Should you have a question, you can get an answer relatively quickly through live chat or over the phone.
On the other hand, Asana places almost all its support focus on its knowledge base, which consists of guides and tutorials. Should you have questions, you can contact support, but they tend to reply slower than Trello.
By now, we’ve looked at Trello vs. Asana in terms of features, pricing, and support – so it’s time to look at the judge’s scorecards for a final verdict.
Let’s tally it up:
Features: Asana
Pricing: Asana
Support: Trello
While both applications are project management powerhouses, Asana takes the win by a split decision. It’s a more robust and customizable tool than Trello, which is why it gets the nod. Yet, Trello remains the ideal app if kanban boards are your thing and your projects aren’t too complex.
Instantly access free expert advice, management strategies and real-life examples of workplace success.

source

October 11, 2022 07:00 ET | Source: Market Research Future Market Research Future
New York, New York, UNITED STATES
New York, US, Oct. 11, 2022 (GLOBE NEWSWIRE) — According to Market Research Future (MRFR),”Global Pharma Knowledge Management Software Market, By Software, By Deployment Type, By End-Users  – Forecast 2030”, the global market is poised to touch USD 5.15 billion by 2030, registering an 18.2% CAGR throughout the assessment period (2020 -2030).
Pharma Knowledge Management Software Market Overview
Using pharma knowledge management software helps optimize manufacturing processes in real time. With the growing competition among pharma companies, knowledge management software is becoming increasingly critical to efficient and compliant product development. Rapid digitization and the use of advanced technologies & processes across pharmaceutical companies impact market growth positively.
Top Key Players leading the global pharma knowledge management software market are,
Get Free Sample PDF Brochure: 
https://www.marketresearchfuture.com/sample_request/4269
Pharma knowledge management software features document management solutions for effective & collaborative workspaces connected through the internet and networked systems. It allows sharing of ideas, experience, and knowledge among team members, contractors, and associates. Over recent years, knowledge management solutions have become crucial for pharma companies to share scientific data and other R&D information securely. Pharma companies are boosting investments to deploy sophisticated knowledge management tools to enhance, retain, and transfer knowledge extracted from their R&D.
The global pharma knowledge management software market is expected to gain significant traction in the next few years. The growing demand for robust knowledge management platforms from pharma companies worldwide is a critical driving force. Besides, the spurring rise in healthcare and pharmaceutical industries boosts the market size. Pharmaceutical firms worldwide are increasingly embracing automation.
Today, most pharmaceutical companies and research institutes use these systems to protect the knowledge extracted from their R&D activities and manufacturing professionals during information sharing among various departments across the organization and partnering companies. With the rising demand for these solutions to increase productivity and improve the engagement & performance of employees, the market is projected to perceive significant growth over the past few years.
business continuity, eliminating commute times, expanding the talent pool, and encouraging diversity.
Pharma Knowledge Management Software Market Report Scope:
Browse In-depth Market Research Report (100 Pages) on Pharma Knowledge Management Software Market:
https://www.marketresearchfuture.com/reports/pharma-knowledge-management-software-market-4269
Pharmaceutical and biotech companies need to handle large amounts of complex data extracted from their R&D processes and specialized researchers. The knowledge management system also helps salespersons with accurate information when pitching a specific drug and collects & stores the feedback and data accessed from physicians. AI-powered pharma knowledge management solutions are trending.
The pharma industry is vulnerable to cyber-attacks due to the involvement of vast innovations, massive R&D investments, and intellectual property on patient health data. The risk of intellectual data theft is significantly higher in pharma and biotech companies. Resultantly, the pharma industry is rapidly turning to knowledge management software to securely manage and share their critical data within the organization and with partnering companies during mergers & acquisitions and licensing deals. 
Pharma research and drug development processes are extensively complex and require multiple clinical trials. Therefore, drug development companies need a robust system that can help them recognize unusual patterns in vast clinical trial data and ensure no critical information is overlooked. Pharma companies are increasingly adopting AI-powered knowledge management solutions to enhance their research processes. 
Pharma Knowledge Management Software Market Segments
The pharma knowledge management software market report is segmented into software/solutions, deployment types, end-users, and regions. The software segment is sub-segmented into iOS, Android, Windows, and many others. The deployment type segment is sub-segmented into hybrid, cloud, and on-premise.
The end-user segment is sub-segmented into environmental biotechnology, animal biotechnology, medical biotechnology, forensics biotechnology, agricultural biotechnology, academics, and others. The region segment is sub-segmented into the APAC, Americas, MEA, Europe, and rest-of-the-world.
Ask for Discount:
https://www.marketresearchfuture.com/check-discount/4269
Pharma Knowledge Management Software Market Regional Analysis
North America dominates the global pharma knowledge management software market. The growing adoption of pharma knowledge management software across pharma enterprises drives the pharma knowledge management software market growth. Besides, the early uptake of knowledge management systems in pharma companies of all sizes boosts the market size, supporting interaction & information sharing among scientists and pharma researchers.
The rapidly growing competition and vast demand for multi-disciplined processes among pharma firms in this region escalate the market demand. The growing need for integrating and delivering external & internal scientific data for decision-making and attaining organizational goals influences the market size. Additionally, increasing R&D investments in developing other related technologies, cloud solutions, and economic growth accelerates pharma knowledge management software market revenues. 
Pharma Knowledge Management Software Market Competitive Advantage
The global pharma knowledge management software market appears highly competitive due to several notable players forming a competitive landscape. Industry players initiate strategic approaches such as mergers & acquisitions, collaborations, expansions, and technology/product launches to gain a larger competitive share.
Also, they make significant investments to drive research & development activities and expansion plans. Technology providers employ continuous improvement strategies to analyze product updates, implement improvements, and launch new technologies to meet the changing consumer needs. 
Software developers are increasingly collaborating with biopharma manufacturing to develop automation technologies. Such deals strengthen their position as crucial software & solutions providers. Pharma companies developing biologics, small molecule, and new drug modalities create significant market demand for well-developed knowledge management software to optimize biopharma manufacturing processes in real-time. 
Ask To Expert:
https://www.marketresearchfuture.com/ask_for_schedule_call/4269
For instance, on Sept. 29, 2022, TetraScience, a leading scientific data cloud company, announced a partnership with Scilligence, an industry leader in unified informatics solutions for small molecules and biologics, to enable its customers to access the Tetra Scientific Data Cloud to accelerate productivity and scientific outcomes. Scilligence is committed to helping customers use their scientific data more effectively. 
Its proprietary technologies address three main areas of Life Science informatics needs, including knowledge management and collaboration. TetraScience primarily transforms the way scientific data is used, making it actionable and available for advanced analytics. The partnership will enable TetraScience to help customers gain operational efficiencies, more powerful insights, and better outcomes across the pharma value chain, leveraging the value of all their scientific data. 
Related Reports:
Knowledge Management Software Market Research Report: Information By Type, By Deployment Type, By Organization size By End User and Region—Forecast Till 2030
Clinical Practice Management Software Market Information, By Mode Of Delivery, End User – Forecast Till 2030
Healthcare Revenue Cycle Management Market Research Report, By Type, By Component, By Deployment and By End-user – Global Forecast till 2027
About Market Research Future:
Market Research Future (MRFR) is a global market research company that takes pride in its services, offering a complete and accurate analysis regarding diverse markets and consumers worldwide. Market Research Future has the distinguished objective of providing the optimal quality research and granular research to clients. Our market research studies by products, services, technologies, applications, end users, and market players for global, regional, and country level market segments, enable our clients to see more, know more, and do more, which help answer your most important questions.
Follow Us: LinkedIn | Twitter

source