Creating Content That Improves CX: A Q&A with Lionbridge & Aprimo

Today’s brands face numerous challenges. They need to create a customized, excellent experience for each and every customer worldwide. To do that, they need to create high-quality, on-target content. They need to create that content quickly, effectively, and for audiences who speak multiple languages. How can brands overcome some of these challenges? In this Q&A, we’re teaming up with our friends from Aprimo to dive into that topic. Arnie Koh is the Senior Director of Global Offerings at Lionbridge. He works closely with the company’s channel partners to help them achieve their global objectives.

Spotlight

Edge Health UK

dge Health works with providers, commissioners and regulators of health care. We provide economic advice, bespoke data products and undertake valuable research and development. We partner with our clients to develop engaging strategies, design high quality and scalable solutions, and build rich and long lasting experiences.

OTHER ARTICLES
Health Technology, Digital Healthcare

NIS2 Cybersecurity Rules are Coming: Are You Ready?

Article | September 7, 2023

NIS2 Cybersecurity Rules Approaching: Is Your Organization Prepared? The EU NIS cybersecurity regulations are evolving for 2024, and if you’re not currently aware of how they’ll apply to your organization, now is the time to get up to speed with the desired requirements. Not only is the directive being tightened, but an extended range of healthcare and related organizations will be added to the list of ‘critical entities’ that must comply. These include certain medical device manufacturers, pharmaceutical companies, and organizations that carry out R&D. The Network and Information Systems (NIS) standards were set up in 2016 to protect essential services – such as water, energy, healthcare, transport, and digital infrastructure – from online cyberattacks. The updated legislation, NIS2, will have stricter rules,reporting requirements, and higher penalties for non-compliance. They will apply to medium-sized and large businesses that operate within one or more EU countries. Those based only in the UK can’t sit back; however, the original NIS regulations will still apply as part of British law. What’s more, a UK version of the rules is coming very soon, and it’s likely that the framework will closely resemble the EU’s. What will the requirements cover? There are a number of cyber risk management measures that all organizations that come under the scope of NIS2 will be required to put in place. For instance, they will need to conduct regular security assessments and risk analyses, adopt incident response and handling plans, and appoint a chief information security officer (CISO), among other obligations. The new directive will streamline and strengthen incident reporting requirements. Entities must notify regulators of any incident that has compromised data or had a significant impact on the provision of their services, such as causing severe operational disruption or financial loss. Applying information system security policies and business continuity plans will form part of the obligations, as will conducting cybersecurity testing and training for all staff. The use of multi-factor authentication (MFA) and encryption, wherever appropriate, will also be mandated. There is plenty of focus within the directive on the cornerstones of cybersecurity best practices particularly, the proper control of administrator-level account credentials, privileged access, and endpoints, all of which are prime targets for attackers. Under NIS2, organizations are being separated into ‘critical’ and ‘important’ entities. It’s important to determine which category yours’ will fall under, as each has different requirements. The third-party threat will also be addressed in NIS2 by pulling in managed service providers (MSPs) to the list of ‘critical entities’, with the aim of keeping digital supply chains secure. MSPs are often granted privileged access to clients’ corporate systems and networks, which creates security risks. What are the consequences of non-compliance? Organizations that come under the regulations’ purview will be subject to random checks, regular security audits, on-site inspections, and off-site supervision. For those found to be in breach, sanctions could include warnings, temporary suspension of certain activities, and temporary prohibition to exercise certain managerial functions. Financial penalties could be as high as 10 million Euros or 2% of an organization’s global turnover, whichever is higher. What steps should healthcare organizations take now? Organizations should take action to establish whether the EU or UK NIS2 regulations will apply to them and what their responsibilities will be. Having identified any gaps in existing cybersecurity processes, policies, and practices, they must determine what changes need to be made to address them. As a priority, they must review their incident response plans and incident management and reporting procedures. It’s also a good idea to begin assessing the security posture of partners and third parties in the supply chain and incorporating relevant security requirements into contracts. Given the framework’s focus on protecting privileged admin accounts, organizations should implement controls limiting the number of staff members with these robust credentials. Implementing privileged access management (PAM) will allow IT to control who is granted access to which systems, applications, and services, for how long, and what they can do while using them. Preparing for the introduction of the EU NIS2 regulations should be considered more than just a compliance exercise. By meeting the strengthened requirements, healthcare organizations will be building a foundation of resilience that protects them, their customers, and the essential services they provide.

Read More
Healthtech Security

The Key Ingredient in Healthcare Compliance Success

Article | November 29, 2023

The healthcare industry has become a prime target for cybercriminals in recent times. According to The State of Ransomware in Healthcare 2023 report from Sophos, six in 10 healthcare organizations have been hit by ransomware in the last 12 months, up from 34% in 2021. Among this uptick have been several headline-grabbing attacks. For example, Shields Health Care Group became the subject of the single-largest breach affecting any organization globally in April 2023, when 2.3 million patients of the Massachusetts-based medical services provider had their personal data stolen after a cybercriminal gained unauthorized access to the organization’s systems. Meanwhile, in the UK, a ransomware attack on the University of Manchester occurred in June, affecting an NHS patient data set holding information on 1.1 million patients across 200 hospitals. Critically, the wealth of data housed in healthcare networks, and the potential impact of data unavailability in healthcare, make the industry both attractive and lucrative to threat actors. It’s no coincidence that the Sophos report shows the rate of encryption in the healthcare sector is at its highest level in recent years. Of those healthcare organizations which suffered a ransomware attack in 2023, 73% had their data encrypted – up from 61% in 2022. When cybercriminals can successfully take down hospital systems and/or encrypt patient data so it can’t be used, they can blackmail health service providers, demanding significant sums before reinstating systems and/or data availability. Considering healthcare's critical role as the highest-stake industry in our society, where people's lives depend on its success, the likelihood of attackers achieving their goals is greater than in other sectors, as confirmed by the Sophos report. Indeed, of the 73% of healthcare organizations that had their data encrypted, 42% reported that they paid the requested ransom to recover data. DSPT and the compliance burden Without question, the security-related challenges in healthcare are mounting. Right now, industry organizations are operating against a backdrop of unprecedented operational and workforce pressures, spiralling demand for care and industrial action. Moreover, there is a growing regulatory burden, with organizations continually asked to comply with evolving cybersecurity rules, battling with multiple compliance mandates at any given time. Take the NHS as an example. According to the 2023 NHS Providers’ Regulation Survey, just over half (52%) of respondents said the regulatory burden on their trust had increased. And this is expected to ramp up further in the future, with the UK government setting out a new 2030 strategy aimed at bolstering cyber resilience in healthcare. Among the compliance burdens that the NHS faces is the challenge of meeting the requirements of the newly updated Data Security and Protection Toolkit (DSPT). Mandated to minimize cyber risks and enable healthcare providers to maintain a robust information security posture, the DSPT is not a simple checklist of security controls, but a comprehensive toolkit to evaluate current security maturity and establish a risk management programme. Indeed, in more recent times, DSPT has moved away from being a guide for achieving certain levels of assurance, and toward a mandatory evidence-based system which demands NHS organizations align with 10 precise National Data Guardian (NDG) standards: 1. The organization assures good management and maintenance of identity and access control for its networks and information systems. 2. The organization closely manages privileged user access to networks and information systems supporting essential services. 3. The organization ensures passwords are suitable for the information being protected. 4. Process reviews are held at least once a year where data security is put at risk and following security incidents. 5. Action is taken to address problems as a result of feedback at meetings. 6. All user devices are subject to anti-virus protections, while email services benefit from spam filtering and protection deployed at the corporate gateway. 7. Action is taken on known vulnerabilities based on advice from NHS Digital, and lessons are learned from previous incidents and near misses. 8. The organization has a defined, planned and communicated response to data security incidents impacting sensitive information or key operational services. 9. The organization has demonstrable confidence in the effectiveness of the security of technology, people, and processes relevant to essential services. 10. The organization securely configures the network and information systems that support the delivery of essential services. Reducing Compliance Challenges with the Right Solutions Taken individually, these standards may not seem too strenuous to adhere to. However, to be compliant with DSPT, all 10 items need to be completed and deemed ‘satisfactory’. To tick all 10 key boxes in the most effective and efficient manner simultaneously, organizations should consider their strategy carefully. This could involve embracing supportive tools to accelerate and enhance their compliance journey. Boiled down, DSPT demands several key things, including unincumbered visibility of the entire ecosystem, as well as the ability to demonstrate secure access, logs and storage, and essential auditing processes to maintain data security. Achieving these things might appear complicated, even daunting. However, there are solutions known as Security Information and Event Management (SIEM) systems on the market that can make achieving these capabilities, and in turn DSPT compliance, easy. Here, we outline some of the key features to look out for to meet compliance: • Log retention: A modern SIEM should be able to provide a centralized log storage and big data platform that scales to any organization’s size. Platforms should be able to provide role-based access to log data, including ‘data privacy’ functionality that can mask sensitive data until approved. Log data should not be modified or removed by users once ingested into the platform, while all data held should also be indexed and fully searchable. • Identifying and disabling unnecessary accounts: A good SIEM will also provide account auditing facilities for Active Directory that allow administrators to quickly identify dormant accounts. They should also be able to remove privileged user access when no longer required or appropriate. More sophisticated platforms will be able to do this in an automated manner. • Easy identification of issues: Clear and easily readable dashboards, alerts and reports for user logging activity should be provided, including failed login, apparent brute-force attempts, and bad password management practices. Further, those using machine learning will be able to identify unusual behavior patterns based on a baseline of activities of users and their peer group. • Integrate with third-party threat feeds: It will also be able to integrate with a wide variety of third-party threat feeds that provide information about specific known threat payloads/hashes and destination domains/addresses. Meeting the mandate Of course, having the right features in place is only part of the puzzle. For organizations to be truly successful in embracing tools that enable them to meet DSPT compliance more effectively, they should work to ensure that solutions providers offer them ongoing support – both in terms of ease of deployment and to ensure that they are using key systems in an optimal manner. Scalability is another important aspect to consider. Systems should be able to scale and continue to support the organization as data volumes increase and become more complex over time. In respect of scalability, organizations should take time to think about pricing models, ensuring that these are based on the number of devices (nodes). In doing so, it will become easier to accurately budget future costs, as well as provide greater budgeting certainty over the short, medium and longer term. A converged SIEM allows organizations to prioritize the big picture over individual tools, enabling them to develop a seamless and easy to use security operations setup. Not only does this approach boost cost transparency and eliminate potential complexities with managing a variety of siloed products – equally, it reduces the burdens on security teams, eliminating complexities over system integration and enhancing performance. A converged SIEM combines key technologies easily to offer improved security outcomes. In doing so, organizations can easily home in on specific standards and adopt security best practices while reducing the burden on security teams tasked with meeting DSPT compliance.

Read More
Health Technology, AI

3 Key Considerations in Cloud Security for Healthcare Organizations

Article | July 18, 2023

With medical system consolidation and increasing numbers of medical records created, the need for digital access and storage is gaining steam. Digitizing records allows clinicians to improve accuracy and decrease redundant testing and studies, as well as reduce treatment delays. Greater availability of digitized records has other perks too. With vast amounts of accessible medical data, researchers can move public health studies forward, also potentially improving care and treatment of individual patients. As a result, cloud storage is taking off, though healthcare organizations are adopting it more slowly than other industries. According to a 2019 Nutanix report, 71% of healthcare organizations using cloud were considered the least mature – relative beginners – in that they were using fewer cloud services. Compare that figure to finance or retail, where 13% and 15% respectively were beginners. However, that is changing.

Read More

Advanced Healthcare Supply Chains: Why It’s All in the Data

Article | February 10, 2020

During the past decade, the healthcare industry has undergone an unprecedented technological transformation. The industry, once defined by manual processes, has moved squarely into the digital age. As patients, we’ve all become accustomed to seeing physicians as well as clinical staff use laptops during office visits. And behind the scenes, hospitals and health networks have made substantial investments in financial and HR systems, among others. One of the more significant digital advancements has been the industry’s focus on applying greater levels of automation to supply chain processes. In doing so, provider and supplier organizations have improved the efficiency of their supply chains, driven out millions of dollars in cost and waste, all while keeping patient care front and center.

Read More

Spotlight

Edge Health UK

dge Health works with providers, commissioners and regulators of health care. We provide economic advice, bespoke data products and undertake valuable research and development. We partner with our clients to develop engaging strategies, design high quality and scalable solutions, and build rich and long lasting experiences.

Related News

Lionbridge Augments Artificial Intelligence Offering Through Acquisition of Gengo and Gengo.ai

Lionbridge | January 16, 2019

Today, Lionbridge, one of the world’s most trusted global communications platforms, announced its acquisition of Gengo, a Tokyo-based, leading edge technology company providing crowdsourcing, machine learning and localization services to global customers. Lionbridge has a 20-year history of leveraging its 500,000 linguistic experts to help the world’s largest companies expand their businesses on the global stage by providing machine learning data to make their platforms and products smarter and create content for a variety of industries. The acquisition of Gengo will strengthen Lionbridge’s position in the machine learning and content relevance markets. This purchase includes Gengo.ai, the company’s platform that provides AI training-data services delivered by a fast and efficient crowdsourced network of highly specialized contributors. “Gengo is a key acquisition for us that immediately complements our core strategic initiatives,” said John Fennelly, Lionbridge CEO. “It will accelerate our ability to penetrate new markets in the artificial intelligence space; it bolsters our human capital pool by bringing an extremely talented team assembled by Matthew Romaine into our company; and Gengo’s advanced technology platform will become a key part of our localization delivery system. In addition to those very tangible benefits, we’ll add to our already formidable capabilities in Asia, and this will give us a deeper set of technology tools to increase our market share in the local games and life sciences markets.”

Read More

Lionbridge Wins Employee Engagement Award from The Conference Board

Lionbridge | July 10, 2019

Lionbridge, the world's most trusted global communications platform, is pleased to announce that it has won the Technology division award for Employee Engagement in the Conference Board's Excellence in Marketing & Communications Awards Program. This prestigious program honors organizations for their innovative use of communications technologies. Last year, Lionbridge developed a new intranet known as The Bridge to help its more than 6,000 employees around the world live out its mission to break barriers and build bridges. The Bridge has supported the change management and transformation of Lionbridge by reenergizing and reengaging the global "Pride." It has created a direct feedback loop between senior management and a global workforce and improved communication and collaboration across departments and countries. "Each year, we highlight how organizations across different industries have achieved their goals through their integration of innovative technologies into their communications and marketing strategies," said Jen McClure, Principal Distinguished Fellow at The Conference Board's Marketing & Communications Center, and Chair of the Center's awards program. "We are very pleased to honor and showcase the pioneering work of Lionbridge as part of this year's awards program."

Read More

Lionbridge Again Named One of America's Best Employers by Forbes

Lionbridge | April 17, 2019

Lionbridge Technologies is proud to announce it has again been named one of America's Best Employers by Forbes, which also recognized Lionbridge as a Best Employer for Women in 2018. The 2019 list recognizes organizations across a variety of industries that employ more than 1,000 people in the U.S. Working with Statista, Forbes deployed an independent survey to a representative sample of the US workforce and reached more than 50,000 employees overall. The rankings were mainly assessed based on the likelihood that an employee would recommend their employer to friends and family versus recommend a different employer. Other questions included inquiries about company culture, career development, gender equality, and compensation. "Our foundational priorities are our people and customers," said John Fennelly, CEO of Lionbridge. "We're very proud of the progress we've made in creating an environment that allows our talent to expand their skillsets and interests. This has also helped us accelerate our innovation efforts." Ann Lazarus-Barnes, Lionbridge's Chief People Officer, said the award is a testament to the company's dedication to its employees. "Our community's strength is an immeasurably important part of our success and we are always on the lookout for the best and brightest to join us," she said.

Read More

Lionbridge Augments Artificial Intelligence Offering Through Acquisition of Gengo and Gengo.ai

Lionbridge | January 16, 2019

Today, Lionbridge, one of the world’s most trusted global communications platforms, announced its acquisition of Gengo, a Tokyo-based, leading edge technology company providing crowdsourcing, machine learning and localization services to global customers. Lionbridge has a 20-year history of leveraging its 500,000 linguistic experts to help the world’s largest companies expand their businesses on the global stage by providing machine learning data to make their platforms and products smarter and create content for a variety of industries. The acquisition of Gengo will strengthen Lionbridge’s position in the machine learning and content relevance markets. This purchase includes Gengo.ai, the company’s platform that provides AI training-data services delivered by a fast and efficient crowdsourced network of highly specialized contributors. “Gengo is a key acquisition for us that immediately complements our core strategic initiatives,” said John Fennelly, Lionbridge CEO. “It will accelerate our ability to penetrate new markets in the artificial intelligence space; it bolsters our human capital pool by bringing an extremely talented team assembled by Matthew Romaine into our company; and Gengo’s advanced technology platform will become a key part of our localization delivery system. In addition to those very tangible benefits, we’ll add to our already formidable capabilities in Asia, and this will give us a deeper set of technology tools to increase our market share in the local games and life sciences markets.”

Read More

Lionbridge Wins Employee Engagement Award from The Conference Board

Lionbridge | July 10, 2019

Lionbridge, the world's most trusted global communications platform, is pleased to announce that it has won the Technology division award for Employee Engagement in the Conference Board's Excellence in Marketing & Communications Awards Program. This prestigious program honors organizations for their innovative use of communications technologies. Last year, Lionbridge developed a new intranet known as The Bridge to help its more than 6,000 employees around the world live out its mission to break barriers and build bridges. The Bridge has supported the change management and transformation of Lionbridge by reenergizing and reengaging the global "Pride." It has created a direct feedback loop between senior management and a global workforce and improved communication and collaboration across departments and countries. "Each year, we highlight how organizations across different industries have achieved their goals through their integration of innovative technologies into their communications and marketing strategies," said Jen McClure, Principal Distinguished Fellow at The Conference Board's Marketing & Communications Center, and Chair of the Center's awards program. "We are very pleased to honor and showcase the pioneering work of Lionbridge as part of this year's awards program."

Read More

Lionbridge Again Named One of America's Best Employers by Forbes

Lionbridge | April 17, 2019

Lionbridge Technologies is proud to announce it has again been named one of America's Best Employers by Forbes, which also recognized Lionbridge as a Best Employer for Women in 2018. The 2019 list recognizes organizations across a variety of industries that employ more than 1,000 people in the U.S. Working with Statista, Forbes deployed an independent survey to a representative sample of the US workforce and reached more than 50,000 employees overall. The rankings were mainly assessed based on the likelihood that an employee would recommend their employer to friends and family versus recommend a different employer. Other questions included inquiries about company culture, career development, gender equality, and compensation. "Our foundational priorities are our people and customers," said John Fennelly, CEO of Lionbridge. "We're very proud of the progress we've made in creating an environment that allows our talent to expand their skillsets and interests. This has also helped us accelerate our innovation efforts." Ann Lazarus-Barnes, Lionbridge's Chief People Officer, said the award is a testament to the company's dedication to its employees. "Our community's strength is an immeasurably important part of our success and we are always on the lookout for the best and brightest to join us," she said.

Read More

Events