Enlarge / Matter promises to make smart home devices work with any control system you want to use, securely. This marketing image also seems to promise an intriguing future involving smart mid-century modern chairs and smart statement globes.

CSA

The specification for Matter 1.0 was released on Tuesdayall 899 pages of it. More importantly, smart home manufacturers and software makers can now apply for this cross-compatibility standard, have their products certified for it, and release them. What does that mean for you, the person who actually buys and deals with this stuff?

At the moment, not much. If you have smart home devices set up, some of them might start working with Matter soon, either through firmware upgrades to devices or hubs. If you're deciding whether to buy something now, you might want to wait to see if it's slated to work with Matter. The first devices with a Matter logo on the box could appear in as little as a month. Amazon, Google, Apple, and Samsung's SmartThings division have all said they're ready to update their core products with Matter compatibility when they can.

That's how Matter will arrive, but what does Matter do? You have questions, and we've got... well, not definitive answers, but information and scenarios. This is a gigantic standards working group trying to keep things moving across both the world's largest multinational companies and esoteric manufacturers of tiny circuit boards. It's a whole thing. But we'll try to answer some self-directed questions to provide some clarity.

CSA

What is Matter? Where did it come from?

Matter is maintained by the Connectivity Standards Alliance (CSA), which was previously known as the ZigBee Alliance. ZigBee is an IEEE 802.15.4 specification for a low-power, low-data-rate mesh network that is already in use by Phillips' Hue bulbs and hubs, Amazon's Echo and Eero devices, Samsung's SmartThings, Yale smart locks, and many smaller devices. It had pretty good buy-in from manufacturers, and it proved the value of mesh networking.

Starting with that foundation, the CSA somehow built up momentum to push for something people want more than an iterative networking standard: a guarantee that if they buy, or develop, a smart home device, they won't have to figure out which corporate allegiances that device can work with. The mission was to "simplify development for manufacturers and increase compatibility for consumers," the ZigBee Alliance said, and the new standard was called CHIP, or "Connected Home over IP."

That standard was renamed Matter, then delayed, more than once. Stacey Higginbotham, a reporter focused on IoT, cited the COVID-19 pandemic and the group's rapidly scaling size for its earliest delays. This week, with 550 members of the CSA involved in Matter standards development and a "fall 2022" release target arriving, Higginbotham heard from insiders that the Matter group felt pressured to release something, even if it was scaled back from its original promises. And as you might imagine, a lot of bugs and questions come up when more than 250 previously siloed companies start working together on something.

So Matter is just a new ZigBee with more corporate buy-in?

No, Matter is an interoperability standard, with many connection options available to devices. Under Matter, devices can talk to each other over standard Wi-Fi, Ethernet, Bluetooth Low-Energy, or Thread, another IEEE 802.15.4 standard (we'll get to Thread a bit later).

If you have an extensive network already set up with ZigBee or Z-Wave, it might still fit into a Matter network. Hub makers are gradually announcing firmware updates to allow for Matter compatibility, allowing them to serve as a bridge between their mesh and Matter-ready controllers and devices. Before it rebranded as the CSA, the ZigBee Alliance announced that it would work with the Thread Group to create compatible application layers.

Originally posted here:
IoT harmony? What Matter and Thread really mean for your smart home - Ars Technica

"I would say down the road, we will be known for more than just security. And we're starting to see that today," Kurtz said.

CrowdStrike brings plenty of credibility from its work in cybersecurity to its effort to penetrate the broader IT space, according to equity research analysts who spoke with Protocol. The company recently disclosed surpassing $2 billion in annual recurring revenue, just 18 months after reaching $1 billion. And even with CrowdStrikes scale, it's continued to generate revenue growth in the vicinity of 60% year-over-year in recent quarters.

In a highly fragmented market like cybersecurity, this type of traction for a vendor is unique, said Joshua Tilton, senior vice president for equity research at Wolfe Research. "They're sustaining [rapid] growth and profitability, which is very rare in this space."

At the root of CrowdStrike's surge in adoption is its cloud-native software platform, which allows security teams to easily introduce new capabilities without needing to install another piece of software on user devices or operate an additional product with a separate interface. Instead, CrowdStrike provides a single interface for all of its services and requires just one software agent to be installed on end-user devices.

As a result, CrowdStrike can tell existing customers who are considering a new capability, You already have our agent turn it on, try it out, Kurtz said. And if you like it, keep it on. It's that easy.

For years, Kurtz has touted the potential for CrowdStrike to serve as the "Salesforce of security" thanks to this cloud-based platform strategy. But at a time when cybersecurity teams are looking to consolidate on fewer vendors and are short on the staff needed to operate tools, CrowdStrike's approach is increasingly resonating with customers, analysts told Protocol.

The company has now expanded well beyond endpoint detection and response, a category it pioneered to improve detection of malicious activity and attacks (such as ransomware and other malware) on devices such as PCs. Along with endpoint protection, CrowdStrike now offers security across cloud workloads, identity credentials, and security and IT operations.

The cloud-native platform concept is still early on for cybersecurity, but if CrowdStrike's momentum continues, it's poised to potentially become the first "fully integrated, software-based platform" in the security industry, Tilton said. That's in contrast to other platform security vendors that are hampered by architectures that predated the cloud, or that rely on hardware for some of their functionality.

"CrowdStrike's DNA is that they've come as a cloud-native company with a focus on security from day one," said Shaul Eyal, managing director at Cowen. "It does provide them with an edge."

Even with CrowdStrikes advantages, there are no guarantees it will maintain a leading position in a market as large and competitive as endpoint security. There, the company faces a fierce challenge from Microsoft and its Defender product. Its a topic that Kurtz is outspoken as ever about.

In regards to Microsoft, "if you are coming out with zero-day vulnerabilities on a weekly basis, which are being exploited, that doesn't build trust with customers," Kurtz said.

"I'm not saying they're not going to win deals. Because they're Microsoft, sure, they're going to win some deals," he said. "But we do see deals boomerang back our way when someone has an issue. Many of the breaches that we actually respond to [are for customers with] Microsoft endpoint technologies in use."

Even so, Microsoft brings plenty of advantages of its own in terms of its security approach, analysts told Protocol. Much of the business world counts itself as part of the Microsoft customer base already, and the company has seen major success in bundling its Defender security product into its higher-tier Office 365 productivity suite, known as E5. As of Microsoft's quarter that ended June 30, seats in Office 365 E5 climbed 60% year-over-year, the company reported.

And for every CISO who thinks it doesn't make sense to trust Microsoft on security due to vulnerabilities in its software products, there is another CISO who thinks Microsoft's ubiquity in IT is exactly why the tech giant is worth leveraging for security, Tilton said.

Beyond the successful bundling strategy, Microsoft has overall done "an exceptional job of elevating security within their product portfolio," said Gregg Moskowitz, managing director and senior enterprise software analyst at Mizuho Securities USA.

Still, "we do typically hear that Microsoft has limitations when it comes to what an enterprise's requirements are across some of these cybersecurity areas," including on endpoint, Moskowitz said. At the same time, "we do believe Microsoft's going to get a lot stronger over time," he said.

IDC figures have shown CrowdStrike in the lead on endpoint security market share, with 12.6% of the market in 2021, compared to 11.2% for Microsoft. CrowdStrike's growth of 68% in the market last year, however, was surpassed by Microsoft's growth of nearly 82%, according to the IDC figures.

Still, Kurtz argued that CrowdStrike has the leg up in endpoint for plenty of other reasons beyond the lack of the same security baggage via vulnerability issues at Microsoft.

The chief advantage goes back to CrowdStrike's single-agent architecture, which he said requires fewer staff to operate and has a lower impact on user devices. That translates to better performance and less use of memory because the product does not rely on analyzing digital patterns, known as signatures, for signs of an attack.

I would say down the road, we will be known for more than just security. And we're starting to see that today.

All of these factors need to be considered when doing the math around how much it will cost to implement an endpoint security product into an operation, Kurtz said. Based on that math, "we are significantly cheaper to operationalize than Microsoft," he said.

CrowdStrike has particularly stood out with customers when it comes to the lower performance impact from its Falcon product line, said John Aplin, an executive security adviser at IT services provider World Wide Technology.

The company recently worked with one of the largest U.S. banks to select a new endpoint security product, and the choice came down to CrowdStrike or Microsoft Defender, he said. While the bank was initially tempted to utilize its E5 licensing and go with Defender, Aplin said, extensive testing revealed Falcon's comparatively lighter-weight impact on devices, prompting the customer to pick CrowdStrike.

Performance impact is not a trivial thing when customers are often running 40 to 70 different security tools, he said. So while being able to provide reliable security is obviously important, the "operational effectiveness" in areas such as performance impact on devices is "where CrowdStrike always wins," he said.

The reputation for trustworthy security that CrowdStrike has built since its founding in 2011 shouldn't be minimized as a factor either, according to Wolfe Research's Tilton.

By and large, CISOs make purchasing decisions "based on the amount of minutes of sleep at night" they expect to get from a product, he said. CrowdStrike's "first-mover" advantage in endpoint detection and response is a huge one, and its brand awareness is virtually unmatched in security, probably on par only with that of Palo Alto Networks, Tilton said.

While some smaller challengers, chiefly SentinelOne, have made headway in the endpoint security space, they have an uphill battle, he said. In endpoint security, "the CISO has to have a good reason to not buy CrowdStrike."

In categories outside of endpoint security, CrowdStrike doesn't yet enjoy the same stature. But in some areas, such as identity security, it's on track to get there quickly.

Misuse of credentials has emerged as the biggest source of breaches by far as workers have moved outside of the protections of the office firewall, according to Verizon. While CrowdStrike isn't trying to compete with identity management vendors such as Okta or Ping Identity, the company does believe it's found a sweet spot in helping customers to counter identity-based threats, Kurtz said.

Following its fall 2020 acquisition of identity security vendor Preempt Security, CrowdStrike has added identity protection and detection capabilities to its platform, and customer adoption has been "like a rocket ship," Kurtz said. During CrowdStrikes fiscal second quarter, ended July 31, customer subscriptions to the company's identity protection module doubled from the previous quarter.

That's a "stunning level of adoption from customers," Mizuho's Moskowitz said. Given that CrowdStrike paid $96 million for Preempt, "that's clearly one of the best small to midsize acquisitions that weve seen in software in recent years," he said.

CrowdStrike refers to its various add-on security capabilities as modules, and currently has 22 in total, up from 11 in late 2019. A forthcoming module based on the companys planned acquisition of startup Reposify will be aimed at spotting exposed internet assets for customers, bringing CrowdStrike into the very buzzy market for external attack surface management.

Besides identity protection, the companys other fastest-growing module at the moment is data observability, based on its early 2021 acquisition of Humio, which was recently rebranded to Falcon LogScale. And while highly applicable to security, observability focuses on tracking and assessing many types of IT data. Observability enables customers to "do things that are not just security-related," Kurtz said, such as deploying software patches and taking other actions to improve IT hygiene.

George Kurtz, CEO of CrowdStrike. Photo: Michael Short/Bloomberg via Getty Images

In total, CrowdStrike reported that it was generating $2.14 billion in annual recurring revenue as of its latest quarter, with its "emerging products" category contributing $219 million. ARR for those emerging products which include identity protection and observability, but not more-established areas for CrowdStrike, such as workload protection surged 129% from the same period a year before.

Looking ahead, "we'll continue to solve problems that are outside of core endpoint protection and workload protection, but are related, in the IT world," Kurtz said.

Even within cybersecurity itself, CrowdStrike's emphasis on observability "shows that the industry is starting to recognize that cybersecurity is a data problem," said Deepak Jeevankumar, a managing director at Dell Technologies Capital, who had led an investment by the firm into Humio.

CrowdStrike has no ambitions to get into areas such as network or email security, Kurtz noted. But if a certain business challenge involves collecting and evaluating data from endpoints or workloads, whether that's IT or security data, "we can do that," he said.

Application security is another future area of interest, Kurtz said. Given the criticality of many business applications, "understanding their security, who's using them, how they're being used that's important for organizations of many sizes to have that level of visibility and protection."

Within security, CrowdStrike is also notably embracing an approach that's come to be known as extended detection and response, or XDR, for correlating data feeds from a variety of different security tools. CrowdStrike's XDR approach taps into data both from its own products and from third-party tools, including vendors in its CrowdXDR Alliance that have technical integrations with CrowdStrike.

While XDR is no doubt an industry buzzword, it's the most effective way yet to put the pieces together and understand how a cyberattack occurred, Kurtz said. "Before XDR, we were sort of blind to how [an attacker] got to the endpoint," he said. "Now were able to tell the whole story."

CrowdStrike offers a number of managed security services as well, which the vendor was quick to recognize as an important option amid the cybersecurity talent shortage, according to Peter Firstbrook, vice president and analyst at Gartner.

CrowdStrike actually perfected this, Firstbrook said. They ran into this roadblock early. Customers said, Look, this [technology] is really cool. But we don't have anybody that can manage it.

Ultimately, CrowdStrike is well positioned at a time when CISOs are fed up with going to dozens of different vendors to meet their security needs, Cowen's Eyal said. The current refrain from CISOs is, "'We want to deal with the Costco or the Walmart, the big supermarket, for all of our security needs,'" he said. In that respect, "the platform approach is absolutely going to be benefiting [vendors] like CrowdStrike."

Over the years, Kurtz said he hasn't backed away from comparing CrowdStrike with Salesforce for a good reason: It's a meaningful comparison, which has only gotten more so as time has gone on.

"I've said this since I started the company, that we wanted to be that 'Salesforce of security' to have a true cloud platform that would allow customers to do more things with a single-agent architecture," he said. "We haven't really deviated from that."

See the rest here:
The Biden administration issues sweeping new rules on chip-tech exports to China - Protocol

Hackers have increasingly focused on third-party vendors as avenues to data held by associated businesses. On August 25, 2022, DoorDash announced that it had experienced a data breach which impacted the personal information of certain customers and drivers. After detecting unusual activity originating from one of its third-party vendors, an investigation by DoorDash revealed that the vendor was the target of a phishing campaign. This comes just a few years after DoorDash customer data was breached in a similar hack in 2019, which was also linked to a third-party vendor. Unfortunately, DoorDash is not alone in experiencing the security risks linked to many third-party vendors.

Several companies have been exposed to data breaches by their third-party vendors in recent years. These hacks have resulted in lawsuits from consumers as well as government investigations. Failing to secure consumer data and monitor the cybersecurity practices of third-party vendors may open businesses up to state and federal enforcement actions.

Third-party vendors have significant access to the systems and data used by the companies that they work with. Many enterprises also contract with more than one third-party vendor, increasing the number of ways that information could be leaked. Hackers have learned to exploit this access by targeting the third-party vendors, who may have less stringent cybersecurity measures than associated businesses. Third-party vendors may be more vulnerable to phishing attacks, like the one used to breach DoorDash, in which hackers use compromised emails to gain access to sensitive data. They have also been the targets of increased ransomware efforts and attacks against outdated hosting services that leave information open for unauthorized use.

Many companies may not discuss data security policies with their third-party vendors, which means they could inadvertently be trusting their customers information with others who are not prepared to prevent breaches. While companies are focused on the security of their own networks, they should be aware that the vulnerabilities of their third-party vendors may pose an even greater risk to their customer data. Failing to assess and guard against these risks leaves businesses vulnerable to lawsuits from their consumers as well as government enforcement actions.

To minimize some of these risks, companies should prioritize cyber and data security when working with third-party vendors. Companies should ensure that any third-party vendor they contract with has a cybersecurity plan that includes regular testing of their protocols, documented efforts to fix any vulnerabilities, and communicating best practices with employees. Before agreeing to work with a vendor, businesses should ask how the vendor identifies data incidents and what their plan is to address any incident that may arise. Companies should also be sure to monitor what internal data each vendor has access to and consider whether the third-party vendors security policies are sufficient compared to their own policies. Access controls should be implemented to monitor third-party data usage and alert to any unauthorized access that might originate with a third-party vendor.

Contract language should also be drafted with data security in mind. To ensure fast and effective responses to cyber threats, third-party vendors should be obligated to report data breach incidents that they discover within a designated timeframe. Specific security requirements may also be established within a vendor contract. In the event that a data breach does occur, companies should consider adding an indemnity clause that would hold third-party vendors liable for any breach caused within their organization.

Bottom Line

Businesses should be aware of the cybersecurity risks associated with third-party vendors. When working with third-party vendors, companies should consider and assess the vendors security protocols. Both businesses and third-party vendors alike should invest in cyber insurance, and businesses should include strong indemnification language in their contracts with third-party vendors.

See the article here:
DoorDash Hacker Incident Illustrates Third-Party Vendor Risks and Potential Vulnerabilities - JD Supra

When it comes to data, one fact has endured from the origin of mankind: it is inextricably linked to the decision-making process. The more data that we can include in our analysis, the more we can understand the past and navigate the future effectively.

Practices in the capture and storage of business data often from diverse global sources must evolve in response to the skyrocketing quantity of data that businesses produce and their need to act on it faster than ever. One research firm, Statista, forecasts that there will be 181 zettabytes of data by 2025, up from 97 zettabytes this year. A zettabyte is one billion terabytes. The chart below depicts this growth trajectory.

Companies can only store, manage, and act on data at the required speed by modernizing their data infrastructure. To do so, they need to move past the legacy construct of monolithic systems, which store a single type of data in siloed fashion with no movement of data between them. By modernizing such systems in the cloud, companies enable unification of data with robust new functionality and services that dont exist in legacy systems.

To understand the value of modernizing data in the cloud, its helpful to start with this baseline, data-oriented definition of the cloud, a vast network of remote servers hooked together and meant to operate as a single ecosystem. These servers store and manage data, run applications, or deliver content or a service such as streaming videos, web mail, office productivity software, or social media. Users can access files and data from any Internet-capable device making information available anywhere, anytime.

Because of complexity, silos, and the need to have vast amounts and sources of data accessible at high velocity, the need to modernize data infrastructure takes on more urgency every day. Moving data to the cloud is the most compelling option because the cloud will deliver (at least) three critical benefits:

The cloud allows any organization to ingest, analyze and contextualize data at high speed. And we all know that fast decision-making and real-time actions are key to capitalizing on business opportunities in the Acceleration Economy.

In addition, the cloud requires low to no maintenance on the part of the customer, improving security and protection of data and systems, as well as data recovery in case of any threat or incident. This is especially important for highly regulated industries that require large volumes of historical data and regulated compliance by implementing business rules that apply to many systems and tools at once.

There is not a magic recipe for any organization to transition from traditional or monolithic data systems to a cloud data system. That entails moving from a physical infrastructure that has been designed as a reflection of a traditional, hierarchical organization towards something that is more flat, horizontal, and collaborative with fewer boundaries and barriers.

However, there are some cloud data modernization recommendations that should hold true in virtually all industries and use cases:

While the points above are ordered based on a logical sequence, the first point, relating to people, must be addressed at the outset. First, moving to the cloud challenges the status quo (data ownership, silos, org structure) of many organizations. With cloud technology, we are moving from a practice of data to report to decision to a more streamlined practice of data to decision; the implications of this new paradigm can be highly impactful.

Join us on October 27, 2022 for Acceleration Economys Data Modernization Digital Battleground, a digital event in which four leading cloud vendors answer questions on key considerations for updating data strategies and technology. Register for free here.

So, when embarking upon modernization of the data stack, a company should start by educating (or re-educating) the entire workforce, starting from the top of the hierarchy, about being open and transparent, practicing collaboration among teams (which team generates and analyzes specific types of data), delegating more decisions to others, and learning about new technologies and tools. Once the cultural element has been addressed, let engineers and technical people handle the technical aspects of cloud data modernization.

Once migration and modernization have happened, the tech team must stay in close contact with the cloud infrastructure vendor(s) and have a clear understanding about the responsibilities of each party. It is very important to actively monitor cloud performance, storage, and applications usage as well as vendor billing practices known as FinOps. Close internal monitoring of billing, combined with good communication with the provider(s), facilitates solid operational results and keeps the cloud provider(s) fully engaged on your behalf.

There are numerous vendors offering cloud solutions, but again, each and every organization is unique, with a different vision, strategy, and goals. It is easy to understand, therefore, why each vendor is more suitable for certain use cases, industries, and businesses, so a deep understanding of each vendors product offering is critical before adopting one solution over others.

An evaluation of vendor strengths and alignment with your business goals and culture must include:

In the analysis above, Ive focused on the why and how of data modernization in the cloud and shared important technical considerations.

Theres one more critical technology factor to consider, and thats the vendor or partner you select to execute on your data modernization goals. In the table below, Im presenting the companies from my direct, hands-on experience and ongoing engagement that are the best candidates to help you, and some key strengths they offer. These companies, of course, are the subject of ongoing analysis at the Acceleration Economy site.

Looking for more insights into all things data? Subscribe to the Data Revolution channel:

Read this article:
Why Cloud Data Modernization Is Needed, and How to Make It Work - Acceleration Economy

Michael Backes, Co-Founder and CTO at receeve explores the benefits of cloud-native software especially when it comes to powering collections operations.

Security has always been a delicate topic when it comes to financial technology, especially within the banking industry and partnering with third-party software providers. What are the real risks behind cloud-based? How does cloud-native differ from on-premise alternatives? receeve experts share more.

A collaborative approach to service digitisation cuts both the time and cost of companies by allowing them to focus their critical resources on their core business. They also gain the added benefit of bringing in domain-specific expertise on a specific part of the business, increasing reliability and positive outcomes.

Increasing service digitisation empowers businesses, as its more comprehensive data analysis and reporting improve access to customer insights. This facilitates detailed customer segmentation and offers opportunities to boost service levels through increased digital competence across multiple channels.

In the case of collections operations, businesses can avoid upfront hardware investments and costly ongoing maintenance - with the option to scale up or down to meet current demands. This serves institutions that are looking to focus their resources on their core business. Similarly, companies seeking to arm their teams with a tech stack that enables scalability and independence from IT departments can ensure resource assignment is optimised.

Ultimately, consumers benefit from an improved service offering, allowing them to streamline the products they use and sustain patronage with the companies meeting their needs.

The potential risks that arise from partnering with third-party companies can be many and varied: data exposures, failures in regulatory compliance, the adoption of inadequate security protocols, and more. If not taken into account, these issues can yield significant legal and reputational consequences.

In some instances, risks are increased when vendors outsource elements of their own service to third-party providers. This is because security protocols, levels of transparency, and data protection policies can vary from business to business.

As financial services providers increase their third-party dependence, it becomes essential to identify critical services and ensure effective oversight of both system tolerances and security risks. And since the financial sector is inherently interconnected, with multiple entities across the value chain, businesses must consider central risks before onboarding new vendors, including the threat of data breaches, unauthorised access to internal information, and the disclosure of intellectual property.

Since updates to legal and regulatory frameworks around data access and management are common, it can be a risk to simply assume your third-party vendor is safeguarding your operational and commercial compliance. This is evidenced by the fact that 64% of data breaches are linked to third-party operators - and the average data breach costs businesses over USD 7.5 million to remedy.

To mitigate these potential risks, many companies employ cybersecurity risk management controls that include vetting third-party security practices and establishing data breach and incident report protocols. Unfortunately, these measures are often resource-intensive and costly.

An added consequence of third-party software use is the potential for outages and system failures - often from oversights at the implementation stage - leading to interrupted service for customers. As with data breaches, these gaps in usability can often be reputationally damaging and costly to resolve. Many vendors, therefore, employ a continuous deployment approach, automating the building, testing, and rollout stages of the software delivery process with each iteration.

A large number of third-party software providers choose an alternative methodology, opting for longer production cycles that allow for increased testing prior to delivery, to reduce risk once the product is live.

Though many of these risks are associated with third-party vendors, the development of proprietary software also carries with it many of the same potential pitfalls, requiring ongoing maintenance and robust security systems. To achieve this, large financial outlays are necessary, to ensure ongoing development, support, and maintenance.

As outlined, many businesses conduct rigorous testing and vetting processes to ensure new vendors meet their commercial and operational needs, from a delivery, support, and legal compliance standpoint. Still, third-party companies themselves can shore up security levels by separating sensitive data from primary system infrastructures - ideally with the use of a single-tenant cloud-based environment.

On-premise applications are, as the name suggests, applications that are stored and run at a single premise - with data only being generated, stored, and accessed locally. A primary example would be an office with multiple computers running Microsoft Word. While the application may be installed or run across multiple computers, the files and documents created on a given machine will only be accessible by users logging into the same computer.

Cloud-native applications, on the other hand, maximise accessibility and eliminate reliance on a centralised storage source. They cut out the need for investment in expensive servers and allow for fast scaling, doing away with application developments, system management, and server-to-server integration.

Crucially, cloud-based applications have the added benefit of offering simple, pain-free integrations, since they use APIs to quickly facilitate communication between multiple systems and programs. This ensures your tech stack operates as a single, coherent application, letting you connect multiple tools at the click of a button.

Cost-effectiveness, efficiency, and interoperability are key factors for businesses adopting new technologies. Additionally, with no upfront hardware investments and maintenance costs, collections teams can scale their operations up or down at a moments notice with speed and ease. Better still, cloud-native applications will automatically update and ensure ongoing support as new digital systems become available.

With data-driven, cloud-based applications, businesses can eliminate the stresses of maintaining legacy systems and implementing non-cloud-native software, letting their collections teams focus on essential tasks. This frees up opportunities for staff to refine customer segmentation approaches and develop more successful collection strategies in the long term.

Michael Backes has 20 years in the tech industry as an entrepreneur helping organisations transform their legacy frameworks into digital-first models. In 2019 Michael brought his experience building next-generation financial services to the debt management industry and co-founded and launched receeve GmbH, a cloud-native solution for the collections & recovery industry. receeve is venture capital funded and growing the team aggressively in the EU & LatAm markets. receeve transforms debt management with a comprehensive data layer and ML/AI helping internal teams recover more by optimising processes, strategies, engagement, and asset management.

Read more:
The benefits of cloud-native software in financial services - The Paypers