PAS-C01 approach - SAP on AWS - Specialty Certification Updated: 2024

Sustainability initiatives have been organised for most of the agricultural commodities of the Pan Amazon, including palm oil, soy and beef, but also for coffee and cacao. Several of these initiatives have adopted the term roundtable in their names because it conveys the notion of inclusiveness that is a core concept in these multi-stakeholder initiatives. Typically, the stakeholders include all the participants in a supply chain, from the farmer to the retailer, but also commodity traders, consumer goods manufacturers, banks and service supplies, as well as civil society groups.

Their shared goal is to identify effective solutions to the social and environmental challenges associated with conventional production systems. The mechanism used to reform supply chains is typically a voluntary certification system that verifies that the production, trade and transformation of a commodity has complied with a set of best practices that have been agreed to by all the parties. The search for consensus is important, because it means all of the stakeholders have agreed to accept this package of solutions and commit to supporting the commercialisation of the goods that have been certified as sustainable.

Some environmental activists view these initiatives as a form of greenwash and have questioned their efficacy. Participating companies certify the production within their own supply chain, but roundtable initiatives have not succeeded in transforming their respective sectors. Demand for certified commodities has failed to attract a critical mass of producers that would actually transform the market and change the economic drivers of deforestation.

Adoption is highest for coffee (40%) and cocoa (22%), while commodities linked to industrial plantations tend to be lower: palm oil (20%), sugar (3%) soy (2%) and beef (<1%). Part of the explanation for the slow uptake of the voluntary standards is the lack of demand; typically, only about fifty per cent of certified production is actually sold as a certified commodity.

The lack of uptake is yet another manifestation of the dilemma of allocating the cost of environmental protection and social justice. Sustainability protocols cost money, which either adds to the price of a consumer good or reduces the profit margin of commodity producers. Although North American and European consumers are concerned about deforestation, most still choose a lower-cost product, while those in Asia, Latin America and the Middle East are overwhelmingly focused on price. Moreover, global commodity markets are dominated by producers on landscapes that were transformed by agriculture decades or centuries in the past, and these farmers operate without fear of being accused of environmental crimes. Consequently, traders are not motivated to pay a premium to farmers on the agricultural frontier.

A few producers seek to differentiate their products as organic, deforestation-free, fair-trade or antibiotic-free because they are selling their products into a differentiated market and receive a premium for their production in compensation for the extra cost and reduced yields that these systems [allegedly] entail. Others participate because it guarantees them market access. Most producers opt to circumvent the voluntary guidelines or sell to traders unconcerned about sustainability or just ignore the whole process entirely.

Social advocates have questioned the economic benefits of certification because they tend to discriminate against small-scale producers who cannot meet the record-keeping and logistical demands of a certification process. These protocols are negotiated by large-scale producers that dominate the roundtable initiatives and tailor the certification criteria to their supply chains. As formalisation spreads throughout national and international markets, smallholders could be increasingly marginalised within regional and even local markets in contradiction with the stated social objectives of these certification schemes.

“A Perfect Storm in the Amazon” is a book by Timothy Killeen and contains the author’s viewpoints and analysis. The second edition was published by The White Horse in 2021, under the terms of a Creative Commons license (CC BY 4.0 license).

Read the other excerpted portions of chapter 3 here:

The US is facing an employee skills gap with staggering macroeconomic consequences.

According to Korn Ferry’s estimates, 85 million jobs are at risk of going unfilled by 2030 due to a lack of sufficiently skilled employees, resulting in an $8.5 trillion loss of unrealized revenues.

Unsurprisingly, the culprit behind the widening skills gap is the rapid pace of technological development. By now, every single industry on this planet has been subjected to countless disruptions and technological paradigm shifts, making it difficult for even the youngest generations to keep up.

In fact, Gen Zers face a unique set of challenges in our modern digital context where skills transfer and tangible apprenticeship opportunities are rarer than ever before.

At the same time, our educational system is struggling to adapt to the constantly changing requirements of the workplace, leaving a growing number of fresh graduates desperately underskilled.

The challenges ahead are daunting, and the consequences of failing to bridge the skills gap are worth serious consideration by politicians and private sector leaders alike.

Some have already done more than that by springing into action.

Below, we’ll explore three industry-led examples where business leaders have boldly stepped up to foster the next generation of talent on their own.

Google's Certification Program: A Bold Approach to Upskilling

Google’s position at the forefront of technology means it is also among the first to suffer from the skills gap.

Acknowledging this, Google has created the Google Career Certificate program that equips current and future employees with the necessary skills to excel in areas of work that are of particular interest to the firm.

These certifications cover various areas, including IT support, data analytics, project management, user experience design and many other areas where traditional educational institutions are lagging. Each certification begins with a free trial and the flexible online formats allow learners to acquire practical and job-ready skills at their own pace.

Google's certifications have set a precedent in the industry, demonstrating how companies can directly contribute to closing the skills gap. These programs provide concrete competencies that are in high demand, not only within Google but across the tech industry.

This initiative has inspired other companies such as Amazon to develop similar programs, scaling the approach to create a more skilled and adaptable workforce.

Engineering Tomorrow: Fostering Future Engineers

Engineering Tomorrow is a non-profit established to address the skills gap in engineering by building the next generation of engineers. After decades of experience in an industry that stands to suffer directly from the future skills gap, including as a founding partner of Global Infrastructure Partners, Bill Woodburn started the charity in order to create a larger, more diverse engineering workforce that can solve the engineering challenges of the future.

With a goal of inspiring high school students to consider engineering and STEM careers, the program focuses on hands-on learning and real-world applications. "We started with teaching and running experiments in high school gyms," Bill recalled in our accurate discussion, emphasizing the program’s practical approach.

From its humble beginnings in 2014, the initiative has scaled up rapidly and it will s surpass 400,000 participants in its virtual labs this school year, across all 50 states. In each virtual lab, engineers teach in-demand skills that address some of society’s most pressing challenges, providing instruction and materials at no cost to schools.

Engineering Tomorrow also places emphasis on bridging the diversity gap in engineering by encouraging more under-represented students to explore this field. "Part of our ecosystem approach is to foster diverse talent," Bill noted, highlighting the program’s inclusive philosophy.

Reflecting on Engineering Tomorrow being an early pioneer in bridging the skills gap and an ESG program with impact Bill added, "The concepts are there. It’s about rewarding people for helping on this journey. We’re not just engineers; we’re mentors guiding the next generation and we hope others are inspired to action by our example."

The Legal Mentor Network: Shaping The Future of The Legal Profession

The Legal Mentor Network is another beautiful example of industry experts coming together to foster the next generation.

This mentorship-focused group was founded by Brian Potts in 2020 after his Linkedin post about how he is a partner at a law firm that rejected him as a student went viral. Perseverance is indeed a virtue, and as the mentors in the Legal Mentor Network know, it is one that can be cultivated in others.

Guided by strong demand for legal career mentorship, particularly from underrepresented students, the group has grown rapidly, connecting legal experts from dozens of companies with mentees through one-on-one mentorship, skills building events and more.

By focusing on mentorship, the network makes real-world skills transfer and professional development happen in ways that the modern educational system and workplaces simply can’t.

As a valuable side effect, the network is also creating a more robustly networked generation of legal practitioners, ready to tackle the challenges of a dynamic legal environment which requires more collaboration by the day.

The success of programs like Engineering Tomorrow, Legal Mentor Network, and Google's certification exemplifies a new era of leadership – one that goes beyond business success to genuinely invest in growing the next generation.

These leaders are not only reaping what they grow. They are also sowing seeds for a more skilled, adaptable, and innovative future workforce that will benefit the entire economy.

• Walmart is leaning more into its 4,700 US stores to fulfill orders for its growing e-commerce business.
• It's a strategy that rival Target has been laser-focused on for a decade, with notable success.
• Borrowing from Target's playbook could provide Walmart a needed edge in its competition with Amazon.

Some rivalries are about more than winning against one opponent.

A good competition also teaches each player lessons that can be used in other matchups.

As Walmart and Target seem to borrow — or steal — strategies from each other, a striking similarity between the two is their approach to e-commerce.

Specifically, Walmart's latest round of renovations shows its commitment to fulfilling more of its e-commerce orders from its retail stores — an approach Target has prioritized with great success for years.

But more than battling one another for digital supremacy, the big-box brands likely have their eye on a larger fish in the online pond: Amazon.

To be sure, Walmart is still the bigger company by almost every key metric. The Arkansas-based retailer is the world's largest private employer and its annual revenues have propelled it to the top spot in the Fortune 500 for 10 straight years.

But in the world of online sales, no one comes close to Amazon's preeminence. The company's e-commerce business made nearly $220 billion in North American sales last year, eclipsing Walmart's $53.4 billion and Target's $20 billion.

Now it seems that Walmart has determined that the best way to gain digital ground on Amazon is to borrow some pages from Target's playbook.

Digital sales still depend on physical merchandise in physical locations, and this is where the competition looks like it's heating up.

In the US, Amazon's fulfillment network is made of some 1,300 facilities (plus about 500 Whole Foods locations). Target has nearly 2,000 stores, plus some 55 supply chain facilities.

Walmart CFO John David Rainey highlighted the difference in scale in his remarks at Morgan Stanley's retail conference on Wednesday.

"The most expensive part of delivery is the last mile," Rainey said. "That's where our physical footprint of 4,700 stores in the United States that are within ten miles of 90% of Americans gives us an enormous advantage."

Walmart also owns some 200 distribution facilities across the US that keep the whole operation moving along.

Although Walmart was technically ahead of Target in what's now called omnichannel (Walmart launched its "Site to Store" service in 2007), the company has experimented with just about every iteration of order fulfillment available.

The Bullseye retailer meanwhile has been laser-focused on refining the approach it launched a decade ago and currently refers to as "stores-as-hubs," in which store inventories are used to fulfill online orders.

That may sound like a simple or foregone conclusion to the fulfillment puzzle, but for large retailers it's anything but. Costco for example elected to build a separate fleet of warehouses to handle dot-com orders.

Walmart has dedicated e-commerce warehouses too, but the company's "store of the future" redesigns now feature more space than ever before devoted to the sorting and shipping of digital orders.

If that sounds familiar, it might be because Target's accurate store modernization effort also reallocated more square footage to processing web and app sales. Target says its stores fulfill 95% of digital orders.

Tapping into their considerable physical retail presence offers Walmart and Target the opportunity to meet or exceed Amazon in one metric that founder Jeff Bezos cared a lot about: speed.

It has taken Amazon a phenomenal level of investment and innovation to locate its facilities in places where it can reliably offer next-day delivery in the US.

Amazon recently improved its speed by shifting from a national fulfillment network to a regional model, as well as expanding its same-day delivery sites, an Amazon spokesperson told Business Insider.

But while you can get two-hour delivery from Whole Foods, Target and Walmart routinely offer two-hour delivery on just about anything in their stores.

To make things even faster, Walmart is taking another cue from Target with the expanded use of sorting facilities to route shipments in high-density markets. These centers collect parcels from multiple stores before sending them on routes for delivery.

Going into the holidays, Amazon is the most popular online retailer for gifts, with two-thirds of US consumers saying they'd shop the site.

Amazon's spokesperson also pointed out the company's extensive product selection — some 300 million items available with Prime shipping and tens of millions available next-day or faster.

Walmart placed a distant second, followed by Target to round out the top three in JungleScout's most accurate Consumer Trends Report, though the pair placed first and second among in-store retailers.

It remains to be seen in the coming years whether Walmart embracing a smaller rival's fulfillment strategy will help close the lead with its larger one.

In the conquest of dedication, expertise, and innovation, Sumanth Tatineni, a distinguished professional in the IT industry, has been awarded the prestigious 2023 Global Recognition Award for his outstanding contributions to AI and DevOps.

New York, NY, United States - January 4, 2024 —

In the conquest of dedication, expertise, and innovation, Sumanth Tatineni, a distinguished professional in the IT industry, has been awarded the prestigious 2023 Global Recognition Award for his outstanding contributions to AI and DevOps. This esteemed award acknowledges and testifies to Tatineni’s outstanding journey, highlighting his crucial role in advancing technology, particularly at the intersection of AI and DevOps.

The Journey of Excellence

Tatineni embarked on his professional journey more than a decade ago, when he started out as a Test Engineer. Following this, his career took a bearing through renowned organizations until he settled as a DevOps Engineer at Idexcel in 2018. With a bachelor’s degree in electrical, electronics, and communications engineering from ICFAI University, Tripura, Sumanth’s academic foundation laid the fundamentals for an exemplary career in the dynamic IT environment.

Making of an Expert

An impressive lineup of certifications emphasizes Sumanth Tatineni’s commitment to professional development. Primarily, certifications from Oracle, such as Oracle Certified Professional in Java EE 5 Business Component Developer and Oracle Solaris 10 System Administrator, show a strong foundation in key technologies. In addition, certifications in Amazon Web Services Solutions Architect – Professional and HashiCorp Certified: Terraform Associate affirm Tatineni’s contemporary skills and adaptability in the rapidly progressive tech environment.

A Leader and Published Author

As an MBA candidate at Chicago Booth, Tatineni is acquiring business administration skills, which brings a strategic perspective to his already impressive technical acumen. His strike into the world of literature is showcased by publishing the book “AI in Finance”. This comprehensive work delves into the impact of AI on the financial sector, depicting Tatineni’s keen insights and forward-thinking approach. The 2023 Global Recognition Award is evidence of Tatineni’s leadership style, attributed to a unique blend of strategic planning and operational insight. This recognition is a commendation for his role as a DevOps Engineer at Idexcel and acknowledges his position as an AI researcher, contributing to advancements that benefit different stellar financial clients. 

Setting a New Stance Toward AI in DevOps

Tatineni’s focus on AI in DevOps has transformed the operational landscape for esteemed clients and garnered recognition at the highest academic excellence. His expertise in automating CI/CD pipelines for over 50 projects proves his commitment to innovation and efficiency, thus setting a new standard in the industry. This commitment to excellence goes beyond professional practice and into academia. Tatineni’s noteworthy contributions have been acknowledged with a ‘Best Paper Award’ in a journal by the board of Tijer – an International Research Journal. This accolade reinforces Tatineni’s impact on practical industry applications and shows their ability to contribute helpful insights to the academic community. The merge of his industry-shaping work in AI-driven DevOps and the recognition from the academic community highlights a varied professional whose influence spans both scholarly pursuit and practical innovation. This dual commitment further solidifies Tatineni’s position as a trailblazer in setting new operational efficiency standards and contributing significantly to the broader discourse within the field. 

Final Words

The 2023 Global Recognition Award reflects Sumanth Tatineni’s current achievements and is a stepping stone for future accomplishments, advancements, and innovations. Tatineni’s impact on the IT industry, particularly in AI and DevOps, inspires aspiring professionals to the limitless possibilities within the ever-changing landscape of technology. 

About Global Recognition AwardsTM:

Global Recognition AwardsTM is an international organization that recognizes exceptional companies and individuals who have significantly contributed to their industry. Their awards are highly regarded and sought after by businesses across the globe.

Contact Info:
Name: Alexander Sterling
Email: Send Email
Organization: Global Recognition Awards
Website: https://globalrecognitionawards.org

Source: Baden Bower

Release ID: 89117944

If there are any deficiencies, problems, or concerns regarding the information presented in this press release that require attention or if you need assistance with a press release takedown, we encourage you to notify us without delay at error@releasecontact.com. Our diligent team is committed to promptly addressing your concerns within 8 hours and taking necessary actions to rectify any identified issues or facilitate the removal process. Providing accurate and trustworthy information is of utmost importance.

A cross-party group of British MPs have issued a “wake-up call” over the U.K. government’s plans to tackle global deforestation.

In a new report out today (4 January), the environmental audit select committee (EAC) warns the intensity of U.K. consumption on the world’s forests is higher than that of China, and calls on British ministers to develop a global footprint indicator to demonstrate this impact to the public.

It also calls on ministers to set a firm target to reduce the UK’s impact on global deforestation and work with international partners to Strengthen oversight on this issue, both at home and abroad.

According to the committee report, the U.K. government has committed to establishing a regime to require forest-based commodities to be certified as sustainable if they are to be sold into British markets.

At the accurate COP28 climate change conference in Dubai, the U.K. government announced that the first four of these commodities are to be cattle products (other than dairy), cocoa, palm oil and soy.

But the committee’s report states it was concerned over the” seeming lack of urgency” about the implementation of this regime.

For instance, it adds no timeline has been offered as to when this important legislation will be introduced, and its phased approach of incorporating products gradually into the regime does not reflect the urgency of tackling deforestation.

It also recommends ministers also bring other forest-risk commodities, such as maize, rubber and coffee, into the certification regime as soon as possible.

Committee chair Phillip Dunne said in a statement there is little sense of urgency about getting a rapid grip on the problem of deforestation.

“Countries all around the world contribute to deforestation, and the international community of course needs to do much more to tackle deforestation,” said Duane.

“Yet on some measures the intensity of UK consumption of forest-risk commodities is higher than that of China,” he added. “This should serve as a wake-up call to the government.”

Nicole Rycroft, founder and executive director of environmental non-profit Canopy said in an email conserving forests is critical to limit warming to 1.5°C and to maintaining vibrant biodiversity and planetary systems.

Rycroft added the committee’s report is clear in calling for “urgent and substantive action” of its government.

She said she hopes it motivates the U.K. government to step up alongside other jurisdictions that have taken strong regulatory action to halt and reverse deforestation by 2030, such as the European Union’s Deforestation Regulation (EUDR) and innovative national regulation in Costa Rica.

“We are pleased to see the U.K. government begin to prioritise deforestation and forest conservation through commitments to the Amazon Fund and requirement that certain forest-based commodities must be certified as sustainable to be sold into U.K. markets,” added Rycroft.

“We urge the U.K. to quickly apply this regulation to other traded goods such as pulp, paper, packaging, and viscose textiles, and ensure that certification schemes are rigorous and don’t allow sourcing from high-carbon or biodiverse forests.”

Kate Norgrove, executive director of advocacy and campaigns at WWF, said in an email the committee report shows that the U.K. government needs to do much more to save the forests.

“Every hectare of forest we lose takes us closer to runaway climate change which will be devastating for us all,” added Norgrove.

“We urge all parties to take up the committee’s comprehensive plan of action to end the U.K.'s contribution to global deforestation. We haven’t a moment to lose to bring our world back to life.”

In response, a government spokesperson said in a statement the U.K. is leading the way globally with new legislation to tackle illegal deforestation.

“This legislation has already been introduced through the Environment Act and is just one of many measures to halt and reverse global forest loss,” said the spokesperson.

“We are also investing in significant international programmes to restore forests, which have avoided over 410,000 hectares of deforestation to date alongside supporting new green finance streams.”

Layoffs, bankruptcies and macroeconomics created choppy waters for cybersecurity businesses in 2023. It was the year that the sector, which once seemed unsinkable, wavered. But unlike the Titanic, industry pros say 2024 will be a comeback year for the sector. However, those blue skies won’t come before strong headwinds that include consolidation, technology churn and innovation that will challenge the cybersecurity old guard.

What follows is a SC Media round robin of informed opinions from industry thought leaders on what to expect in 2024 when it comes industry consolidation, pending regulations, software supply chain issues and new tech supplanting old tech.

Economy and industry consolidation

Industry shift toward cost-effective cybersecurity solutions and consolidation, says Oren Koren, Veriti CPO and co-founder: 

Amid these economic pressures, cybersecurity vendors are expected to increasingly consolidate and bundle their products. This approach, aimed at offering comprehensive security solutions through bundled packages, is predicted to provide cost-effectiveness for organizations. However, this trend also raises concerns about the risks associated with vendor lock-in and the potential over-dependence on single providers for comprehensive security needs.

Trend toward best-of-breed solutions, says Husnain Bajwa, VP of product strategy, Beyond Identity:

Husnain Bajwa

The previous year's trend towards bundled cybersecurity solutions will face a correction in 2024. Companies will realize that a one-size-fits-all approach does not effectively address their unique security needs. This will lead to a renewed interest in best-of-breed solutions, with organizations selectively integrating specialized tools for more tailored and effective cybersecurity strategies.

Larger tech companies will acquire small SaaS startups and a market recovery, says Olivia Rose, CISO and founder at Rose CISO Group, faculty at IANS Research:

Olivia Rose

2024 will see larger tech and cybersecurity companies acquiring smaller SaaS startups. These smaller entities have flocked to the cloud, offering similar services, and often lack a distinct value proposition. As a result, they will be absorbed by larger organizations seeking to supplement their offerings with innovative technology.

We’ll see the consolidation of passwordless and credential management companies, says Bassam Al-Khalidi, co-founder and co-CEO, Axiad:

We’ll start to see mergers between passwordless and credential management companies, which will create a new category in the authentication space: think “passwordless plus.” This movement will be similar to the consolidation we saw a few years back between identity management and access management companies, which resulted in the identity and access management (IAM) industry.

Regulations and corporate responsibility

Cybersecurity can’t stay silent any longer, says Mike DeNapoli, director and cybersecurity architect, Cymulate:

A massive precedent was set in 2023, with the conviction of Uber’s former CSO for two felonies by U.S. federal courts, and SolarWinds being given not one but two Wells Notices. It is anticipated that senior leadership and even board-level discussions around cybersecurity will accelerate dramatically in 2024 in response. These conversations will be on what is required to meet the SEC’s new regulations, but also what is required to keep leadership and board members from being indicted and charged with federal crimes.

Legal and regulatory stakes are higher, says Kayla Williams, CISO, Devo:

CISOs’ jobs are getting harder. Many are grappling with an onslaught of security threats, and now the legal and regulatory stakes are higher. The new SEC cybersecurity disclosure requirements have many CISOs concerned they’ll be left with the liability when an attack occurs. As we’ve seen with the charges against the SolarWinds CISO, these fears have merit — and we need to prepare ourselves for this. CISOs can’t just be technical experts anymore. Their skillset must be more well-rounded in enterprise risk management, requiring a deeper understanding of the laws and regulations in the jurisdictions and industries where their companies operate. They must also tie compliance tightly to corporate objectives. It’s also going to require CISOs to (more often) form alliances with other executives who will have to play a bigger role as cybersecurity becomes a board-level issue.

Better executive accountability for cyber failures, says Igor Volovich, vice president of compliance strategy, Qmulos:

Regulators in the U.S. and abroad are demanding better accountability from enterprise executives, focusing on cybersecurity in general, and cyber compliance specifically, as the means of incentivizing better decisions and greater transparency about enterprise security posture. Executives are beginning to question the integrity of their compliance reporting, as they recognize how much of what they believe they know about their risk posture is based on subjective opinion as opposed to objective, data-driven evidence. As regulators ratchet up their scrutiny of corporate cyber resilience, concerns mount about the validity of compliance reporting and the risk of personal civil and criminal responsibility for leaders who falsify compliance reporting, especially in the context of federal grants and contracts. Expect to see additional efforts by the SEC, FTC, DHS, and CISA to bring to account firms and leaders found to be misrepresenting their cyber posture.

Expect to see new regulations for reporting breaches, says Bobby Cornwell, vice president strategic partner enablement and integration, SonicWall:

Bobby Cornwell

In 2024, incoming cybersecurity regulations will force businesses to be more transparent about their breaches and attacks. Forthcoming legislation such as the EU's NIS2 Directive and the Cyber Resilience Act will impose more stringent standards for cyber protection and establish clear reporting timelines in the event of a breach. As these directives take effect, businesses will be made to share with their partners and suppliers early identifications of system vulnerabilities or face fines. The aim of this is to prevent cybercriminals from inflicting widespread damage across multiple businesses. In 2024, it will be crucial to optimize the transparency afforded by these regulations, and by dragging cybercriminals out into the open, authorities can more effectively curtail their illicit activity.

Regulations will be more strict, says James Campbell, CEO and co-founder, Cado Security:

Regulatory bodies, especially the SEC, will likely impose stricter cyber regulations as cyber incidents increasingly influence stock markets and investor sentiments. These impending regulations respond to the growing cyber challenges with financial and societal implications. It's expected that more stringent oversight and guidelines will emerge to protect investor interests and ensure market stability.

Supply chain and third-party vendors

Attackers will continue to seek ways into the ground floor, infecting devices before they are even onboarded, says Michael Heywood, business information security officer, HP Inc.:

In 2024, we’ll see the attention on software and hardware supply chain security grow, as attackers seek to infect devices as early as possible — before they have even reached an employee or organization. With awareness and investment in cybersecurity growing each year, attackers have recognized that device security at the firmware and hardware layer has not maintained pace. Breaches here can be almost impossible to detect, such as firmware backdoors being used to install malicious programs and execute fraud campaigns on Android TV boxes.

The increasing sophistication of AI also means attackers will seek to create malware targeted at the software supply chain, simplifying the process of generating malware disguised as secure applications or software updates. In response to such threats, organizations will need to think more about who they partner with, making cybersecurity integral to business relationships with third parties. Organizations will need to spend time evaluating software and hardware supply chain security, validating the technical claims made by suppliers, to ensure they can truly trust vendor and partner technologies. Organizations can no longer take suppliers' word on security at face value. A risk-based approach is needed to Strengthen supply chain resilience by identifying all potential pathways into the software or product. This requires deep collaboration with suppliers — yes or no security questionnaires will no longer be enough.

Organizations must demand a deeper understanding of their partners' cybersecurity posture and risk — this includes discussing how incidents have changed the way suppliers manage security or whether suppliers are segregating corporate IT and manufacturing environments to shut down attackers' ability to breach corporate IT and use it as a stepping stone to the factory.

A risk-based approach helps ensure limited security resources are focused on addressing the biggest threats to effectively secure software and hardware supply chains. This will be especially important as supply chains come under increasing scrutiny from nation-state threat actors and cybercrime gangs.

Automated vendor assessments and enhanced security measures will become the norm, redefining how companies interact with third-party vendors, says Adi Dubin, vice president of product management, Skybox Security:

In 2024, we can expect a significant shift in how companies interact with third-party vendors and assess their security measures. The traditional checklist approach to mitigating third-party breach threats will evolve as businesses increasingly transition from manual assessments to automated procedures.

Similar the adoption of external attack surface solutions, many companies will adopt automated vendor assessments for a more comprehensive approach. This approach is expected to become the norm, especially in industries like insurance. Additionally, customers will take a more active role in assessing their vendors, conducting extensive evaluations, and implementing a wide range of automation-driven solutions to enhance code controls and security measures. This will ultimately strengthen the vendor-customer relationship.

Convergence of cyberspace, supply chain and international conflicts, says Tyler Moffitt, senior security analyst, OpenText Cybersecurity:

Tyler Moffitt

Concurrently, the escalation of geopolitical tensions in regions such as Eastern Europe and the Middle East are likely to spur a rise in cyber-espionage campaigns and targeted malware attacks, underscoring the growing convergence of cyberspace and international conflicts. A notable development in the supply chain landscape is the Cl0P ransomware gang's successful exploitation of a zero-day vulnerability in MOVEit Transfer, a managed file transfer solution. This significant cyberattack, one of the largest in 2023, signals a pivotal shift towards targeting supply chain and third-party software vulnerabilities, a trend I predict will intensify and be leveraged by nation states. I expect we may see an increase in similar attacks in the upcoming year.

Shifts in design and services

Adoption of security-by-design, says Mike Linksvayer, VP of developer policy, GitHub:

After the Cyber Resilience Act, policymakers and developers drive adoption of security-by-design. The CRA wisely avoided breaking the open source software ecosystem, but now the hard work starts: helping manufacturers adopt modern software development practices that will enable them to ship secure products and comply with the CRA, and driving public investment in open source software security to efficiently raise all boats. Implementation of the U.S. national cybersecurity policy will have similar themes and show this is a worldwide trend that spikes in 2024.

CNAPP and XDR as "table stakes," says Andre Rall, director of cloud security, Uptycs:

Identity is emerging as the new perimeter in cybersecurity. With the evolution of threats and increased scrutiny on Cloud Service Providers (CSPs), the Identity and Access Management (IAM) market is poised to flourish. The burgeoning adoption of digital IDs and the extension of IAM into customer identity underline this trend. I believe we will see more startups focusing on incorporating biometrics and behavioral analytics into IAM.

SIEM as we know it will disappear, says Elia Zaitsev, CTO, CrowdStrike:

Legacy SIEMs have failed the SOC. They are slow, costly, and were designed for an era when data volumes, adversary speed, and sophistication were a fraction of today. Teams have been forced to spend more time and resources setting up, maintaining, and trying to extract effective security insights from their SIEMs, rather than stopping breaches. With breakout times approaching 7 minutes for the fastest adversaries, legacy SIEM just isn't up to the challenge anymore. Defenders need an edge that’s orders of magnitude faster, easier to deploy, and far more cost effective than current approaches.

To stop modern adversaries in 2024, the SIEM needs to be rebuilt from the ground up for the SOC around the security analyst experience. The market will dictate a need for solutions that unify all capabilities, including SIEM, SOAR, EDR and XDR, into one cloud-native, AI-powered platform to deliver better, faster, and more cost effective outcomes.

Microsegmentation will be a foundational element of cyber defense, says Agnidipta Sarkar, VP CISO Advisory, ColorTokens:

With the increase in digital business-as-usual, cybersecurity practitioners are already feeling lost in a deluge of inaccurate information from mushrooming multiple cybersecurity solutions coupled with a lack of cybersecurity architecture and design practices, resulting in porous cyber defenses. In 2024, business leaders will realize that investments in microsegmentation will force the IT and security teams to begin developing digital business context-based cybersecurity architecture and design because microsegmentation is the last line of defense during a cyberattack. Security and risk leaders will leverage the pan-optic visualization capability of microsegmentation to build immediate cyber defenses to protect digital business as usual, even during severe cyberattacks.

There will be increased reliance on zero-trust architectures, says Chandrodaya Prasad, executive vice president of product marketing, SonicWall:

The zero-trust model will likely become a default stance for many organizations, driven by a combination of an increase in sophisticated cyberattacks, the ubiquity of remote work, and the adoption of cloud services. Implementing zero trust will necessitate a shift from traditional perimeter-based security models to more identity-centric ones, with multi-factor authentication (MFA), continuous authentication, and least-privilege access becoming widespread. This will include increased adoption of a distributed firewall, aka hybrid mesh firewall. All organizations public and private need to secure their entire network, including location, device, content and applications by implementing a network-wide security policy such as zero trust.

Passwords and identity

Passwordless authentication will accelerate, says Zubaid Kazmi, managing director of identity and access management, MorganFranklin Consulting:

The adoption of password-less authentication will grow rapidly to Strengthen digital identity security. This evolution highlights the need for organizations to understand FIDO, implement policies that enforce limited trust, and have an acute awareness of the risk across their application landscape to potentially the entitlement level.”

Identity will continue holding the keys to the kingdom for cybercriminals, says Rishi Bhargava, co-founder, Descope:

Cyberattacks are complex, involve multiple vectors, and often need a lot of recon and preparation to succeed. However, the smoking gun in the vast majority of cases is the same: stolen credentials (usually passwords). The 2022 Verizon DBIR found that 86% of basic web application attacks stemmed from stolen credentials.

More acceptance of passkeys, says Anna Pobletts, head of passwordless, 1Password:

This past year, tech giants like TikTok, Google, Amazon, and Uber, among others, drove a substantial uptick in passkey adoption, laying the groundwork for billions of people to explore the security and convenience of passkeys, and for many other sectors to follow suit in the coming years. 2024 will be the year that more highly regulated services embrace passkey technology — including fintech and banking, particularly among consumer apps. Historically, these industries have been slow to embrace new technologies, but adopting passwordless authentication will provide them with a unique competitive advantage — there’s the proven security of public key cryptography upon which passkeys are built on, and for the end user, the passkey sign-in experience will be one that’s simple and familiar.

Cyber insurance

Insurance will cover less and cost more, says Eli Nussbaum, managing director, Conversant Group:

In response to an influx of claims from massive breaches [since] 2022, the cyber insurance industry, which has a lower visibility to risk than other sectors of insurance, will likely continue to raise rates, limit coverage, and reduce capacity. While we haven’t yet heard of carriers denying claims on the basis of organizations asserting certain controls were in place in their application — but clearly lack these controls once a breach is discovered — I would not be surprised if we begin to see this in the year ahead.

On the subject of cyber insurance carriers, organizations will continue to allow their cyber carriers’ and compliance requirements to drive their security investment decisions, as opposed to responding to the real security needs of the organization. Since neither compliance frameworks nor insurance carriers can keep up with the threat activity that's currently happening (and since security controls must evolve in response to real-time and real-life data from threat events, which most organizations do not have access to), we anticipate that IT will continue to spend in a way that does not actually secure the organization.

Cybersecurity certification and cyber insurance will converge, says Pascal Menezes, CTO, MEF:

Organizations are expected to increasingly align their cybersecurity efforts with insurance policies, resulting in a holistic approach to risk management. As companies invest in certified cybersecurity services, they aim not only to fortify their digital defenses but also to secure more favorable policy rates from cyber insurance providers. This integration represents a paradigm shift where cybersecurity measures directly impact insurance premiums, encouraging businesses to adopt robust security measures to mitigate potential financial risks associated with cyber threats.

Insurance will demand breach and attack solutions for coverage, says Andrew Barnett, chief strategy officer, Cymulate:

While some insurance companies have already updated their policies to state that organizations must have a breach and attack simulation (BAS) tool in place and provide reports to receive any payouts after an attack, a stronger stance is coming soon. With additional pressure from the SEC and other regulatory bodies to report attacks within a short period, organizations must begin to adopt BAS en masse if they want to continue to receive cyber insurance — there’s no way around it anymore.

Copyright 2024 BBC. All rights reserved.  The BBC is not responsible for the content of external sites. Read about our approach to external linking.

Beta Terms By using the Beta Site, you agree that such use is at your own risk and you know that the Beta Site may include known or unknown bugs or errors, that we have no obligation to make this Beta Site available with or without charge for any period of time, nor to make it available at all, and that nothing in these Beta Terms or your use of the Beta Site creates any employment relationship between you and us. The Beta Site is provided on an “as is” and “as available” basis and we make no warranty to you of any kind, express or implied.

In case of conflict between these Beta Terms and the BBC Terms of Use these Beta Terms shall prevail.

Buying the right sheet set is incredibly important. Stiff-vs.-soft preferences aside, it can even impact the quality of your sleep. Fabric choice is the most important factor, as hot sleepers don't want to wake up in a sweat, while cold sleepers don't want to feel chilled throughout the night.

With that in mind, we decided to round up the best bed sheets for multiple types of sleepers. Each of our top picks -- from top brands like Parachute and L.L. Bean -- is made of strong and soft materials ranging from linen to bamboo. They'll feel comfortable to sleep on and will work with any mattress, but more importantly, all are loved by real customers. Read on to learn which sheet set is right for you. 

The best linen sheet set

The Citizenry stone washed linen sheet set

Linen is a great option for hot sleepers. The fabric is incredibly breathable and lightweight while also managing to be strong and sumptuously soft. These linen sheet sets from the Citizenry are no exception, as they're made of premium European linen. They also boast an Oeko-Tex certification, meaning these sheets were made without harmful chemicals. The sheet set comes in four sizes, including full, queen, king and California king, and feature a wide range of earth-tone color options, ranging from chambray to sienna. 

The stone-washed linen sheet set has an impressive 408 five-star ratings out of 532 reviews. One reviewer wrote: "Can't say enough good things about these sheets. They are next level luscious. Should have sprung for them earlier!"

 Another customer called them the "softest, lightest linen sheet!", adding: "I absolutely love these sheets! My husband is a hot sleeper and these keep him much cooler than other linen and cotton sheets we've tried. They are so soft and cozy, and I know will only get softer with time. 10/10!"

Best cotton sheet set

Parachute percale sheet set: 20% off

These cotton sheets from Parachute are made of long-staple cotton, which is one of the best types of cotton you can get. Long-staple cotton is known for being stronger and softer than its short-staple counterparts. You'll get all that, and, since the sheet set is a percale weave, you'll also notice that it has a nice, crisp feel to the fabric. 

We like that you can choose what pillowcase style you'd like (slide open or back envelope) and that you get the option remove the top sheet from your set. That kind of customization isn't common when purchasing sheet sets. The percale sheet set comes in six sizes, ranging from a twin to California king, and 10 colors, including nine classic colors and one seasonal color. 

What's more, this sheet set is currently 20% off for the brand's annual winter sale. 

Best bamboo sheet set

Cozy Earth bamboo sheet set: 20% off

Reviewers and Oprah herself love this bamboo sheet set from Cozy Earth. Bamboo sheets share a lot of similarities with cotton sheets; both are breathable, lightweight and soft. What we like about Cozy Earth's bamboo sheets is the brand's 100-night sleep trial — you can test these out for 100 nights, and if you feel the bedding isn't right for you, it can be returned, no problem. We also really like the variety of sizes (you can order a twin XL or a split king) and 13 color options, which include neutral colors and a selection of earth tones.

The Cozy Earth bamboo sheet set has a 4.9-star rating out of more than 6,100 ratings. One reviewer said that these were "The softest sheets I've ever owned! Love them!!!" Another customer commented, "I have to say I have tried sheets from just about everywhere and nothing compares to Cozy Earth, not even close! I am also very particular about my sheets and what I like and don't like... the only way I can explain it is heavenly! I may not ever want to get out of bed." 

Right now, this popular sheet set is 20% off for a limited time as part of Cozy Earth's holiday sale.

Best organic cotton sheet set

Boll & Branch signature hemmed sheet set

If you'd prefer your bedding to be of the organic variety, get this sheet set from Boll & Branch. The brand's popular signature hemmed sheet set is made of a long-staple organic cotton. This organic cotton has been certified by GOTS (the Global Organic Textile Standard), an organization that certifies that products labeled as organic contain at least 70% organic materials. The set also boasts an Oeko-Tex certification and comes in eight sizes, ranging from a twin to a split king. You can choose from -- yes, really -- 25 colors and patterns, including a blue botanical print that looks like a watercolor painting, or color block options.

The Boll & Branch signature hemmed sheet set has a 4.8-star rating out of more than 11,800 ratings. One customer said, "Highly recommend! The more you wash the softer they get! These are the comfiest sheets to slide into every night for a great night sleep. My bed looks so inviting and clean!" Another reviewer wrote, "I love these sheets. I have four sets. I have given them as gifts. It is true the more you use them the better they get. I highly recommend them to all." 

Best flannel sheet set

L.L.Bean ultrasoft comfort flannel sheet set

If you tend to run cold under the covers, one of the best bedding solutions is flannel sheets. Flannel has napping, which is that fuzziness you find on the sheets. The texture helps trap heat, making for super-warm sleeping. The sheets are 100% cotton, so there will still be some nice breathability to the fabric. The sheet set comes in sizes ranging from twin to California king and is available in eight color options, ranging from white to blue. 

The L.L. Bean ultrasoft comfort flannel sheet set has a 4.7-star rating out of 5,155 ratings. One reviewer wrote that these were the "best flannel sheets ever," adding: "This is my second set of L.L.Bean flannel sheets. They are the softest, best wearing flannel sheets I've ever had, and they don't pill like other lesser sheets I've had. Simply the best." 

Another customer said: "Buy these sheets! I wish I had purchased these sheets years ago. Best night's sleep I've had in ages. So cozy, soft, and warm."