Production plants and their control systems are among the most sensitive areas in the manufacturing industry. To increase efficiency and profitability, these systems are increasingly networked and therefore automatically a target for cyber criminals. In many cases, a cyberattack does not start directly with the OT systems, but via gaps in the traditional IT. From there, the attackers gradually gain access to other IT and control systems in order to attack the most sensitive areas of production. Their goal: maximum disruption to operations, theft and encryption of production and operationally relevant data as well as blackmail.

Companies have recognized risks

IT security company Sophos conducted a targeted survey of industrial companies in Germany to find out the status of attack risks and defenses. The results show a positive development: many companies have recognized this danger and are setting up their organization accordingly. Responsibilities are being more clearly defined and cooperation between IT and production is developing well for the most part. SMEs in particular are increasingly relying on support from external security partners.

Almost every second company has its own security officer

The days when cyber security was a sideline are clearly over in many companies. 47.9% of the companies surveyed have now appointed a permanent person responsible for IT security. A further 33.6 percent combine this task with other areas - a model that is mainly practiced by smaller companies where resources are scarcer.

SMEs strengthen themselves with external security partners

The way smaller companies deal with cyber security is particularly interesting. One in four companies with fewer than 250 employees (25 percent) now work with specialized external IT security partners. In large companies with over 1,000 employees, however, this figure is only 11.1 percent; most of these companies have set up their own specialist departments.

This development shows that medium-sized companies are countering the lower availability of resources (compared to large companies) with pragmatic solutions to a complex problem: Instead of looking for and building up security experts themselves, they are turning to specialized service providers who already have the necessary experience and infrastructure.

IT has the leading role in production security

A clear picture emerges regarding the distribution of responsibilities in the companies: In seven out of ten companies (70.1 percent), the IT department is responsible for the IT security of production facilities. Production itself only bears the main responsibility in 19 percent of cases. This distribution clearly reflects the fact that production systems are now part of networked IT structures that need to be protected holistically.

 Exchange, coordination, joint task

Coordination between departments also appears to be common practice in many companies. In 68.7 percent of companies, IT and production regularly talk to each other about security issues. Only 4.3 percent do not coordinate between the two departments at all. This very low percentage makes it clear that most companies have apparently internalized the fact that robust cyber security can only be achieved as a joint task.

Suppliers are also increasingly part of the security strategy

A look at the supply chain reveals another dynamic relevant to cyber security: more than half of companies (57.3%) now impose contractual requirements on the cyber security of their partners. Almost two thirds also check their IT security regularly, and a further 19.4 percent at least occasionally. These are all crucial measures, as vulnerabilities at suppliers are among the riskiest points of attack in cyberattacks.

"A clear assignment of responsibilities is the foundation for effective protection in production," says Michael Veit, security expert at Sophos. "Where IT and production work hand in hand, companies can react much faster in the event of disruptions or attacks. Medium-sized companies in particular benefit from clear structures - whether with their own specialists or with the help of external partners. Anyone who also keeps an eye on their supply chain closes one of the most dangerous gaps."

A solid basis has been created

The survey clearly shows that German production companies have made significant organizational progress in terms of cyber security. Clear responsibilities, well-functioning cooperation and the involvement of suppliers create a solid basis for more protection in production. SMEs in particular show that this is possible even without large internal teams - if the network of partners is right.

Or: not everyone has to reinvent the wheel. If you get the right support, you can build effective protection even with limited resources.

Source: www.sophos.de

This article originally appeared on m-q.ch - https://www.m-q.ch/de/deutsche-branchen-umfrage-cybersicherheit-in-der-produktion-hat-luft-nach-oben/

We have to stop shifting the blame. Even if it is unpopular, protecting the company remains the responsibility of the IT security department. Other employees can only play a supporting role by recognizing dangerous emails in good time. This is not a matter of course and will happen less and less in future - despite training, as a recent study shows. IT security must also work if a person causes an accident, just like in a car. Because if there is an accident and humans are no longer able to intervene, automatic systems such as seat belts or airbags take on the important task of reducing the impact of the damage, just like in a car.

What does that mean in the face of AI?

AIs, especially LLMs (Large Language Models), are optimized for machine-human communication. Not only can they string words together in a meaningful way, they can also imitate writing and speaking styles. Using so-called "prompt engineering", i.e. programming by entering commands, practically any user can tell the machine how to act. This makes it increasingly difficult for victims to tell the difference between normal and fraudulent communication, while AI also reduces costs and increases productivity.

In the area of fraud, the highest efforts are made in the area of targeted attacks. A perpetrator engages with his victim and tries to create an irresistible attack from available information. With spear phishing, we are not talking about accidents, because they do not happen by chance. They are attacks in the broader sense, and their success rate, according to another studyis over 50 percent, even among purely human experts. This type of attack has rarely occurred in reality. This is because the amount of work required is considerable. But what happens when AI takes over? The evaluation of the data and the creation of an attack profile would then be automated. According to the study, this would have led to reasonable results in 88 percent of cases. The content generated can no longer be distinguished from normal communication.

The faster and more effective AI solutions become, the more frequently they will also be used in cybercrime, and the less often humans will recognize this as a security component - regardless of the level of training.

What can we do next?

Technology has always been the counterpart to human error and is designed to prevent it or at least limit the resulting damage. In IT security, the building blocks of Zero Trust, Cyber Risk Exposure Management (CREM) and Detection and Response are well known. These building blocks reduce the risk of occurrence and the impact of incidents. For these technologies and strategies, it is irrelevant where the attack comes from and why it could not be averted. Metaphorically speaking, it is the seat belts and airbags that guarantee survival in the event of damage. If a link-clicking employee is responsible for a company being fully encrypted, then it is not the employee who is the problem, but the company's own security infrastructure.

Conclusion: Is training necessary? When do they make sense?

Training is expensive. Not only the costs of introducing the processes, but also the workload of each individual employee must be taken into account. It is therefore legitimate to question the added value. This lies in reducing the probability of cyberattacks occurring. Training has always been an important part of security strategies. But like everything else in security, this too loses its effectiveness over time. However, this does not mean that this component immediately becomes pointless. As long as IT security is stretched to capacity by the sheer number of individual events that need to be checked, training is needed to reduce these.

Training against phishing is particularly important when it comes to the fraud itself and recognizing red flags such as requesting money or access to company data. Employees also need to understand why they need to follow security processes, such as multi-factor authentication when accessing data, and how attackers try to get past them. Yes, training remains important. But they are not an excuse for security incidents. The stigma of blame if an employee has not recognized it is not helpful, because it will happen more often in the future. Companies should take precautions to ensure that even if the worst does happen, the impact remains limited.

Source: Trend Micro

This article originally appeared on m-q.ch - https://www.m-q.ch/de/sind-schulungen-gegen-phishing-im-zeitalter-von-ki-noch-sinnvoll/

Mewa receives inquiries from over 200,000 B2B customers in Europe every year. Processing them by email or telephone is time-consuming and resource-intensive. In order to make the service processes more efficient and transparent, the digital customer portal mymewa.com is continuously being expanded with new self-service functionalities. The latest innovation, which received an award from SAP in Madrid, offers an automated ticket system for service requests such as repeat orders, changes and insights into the delivery status of workwear and cleaning cloths in the all-round service.

Digital services create time for personal advice

The customer portal and the implemented ticket system use SAP Commerce Cloud, SAP Sales Cloud, SAP Service Cloud and SAP ERP. The rule-based automation reduces the processing time per ticket by around 15 minutes on average. The time saved is available to the service teams for individual support with more complex issues and advice on qualitative questions.

In addition to the more personalized service quality, customers also benefit from the transparency of the digital functionalities: they can manage their clothing stock across all locations around the clock, view invoices and receive feedback as soon as their service request has been processed without losing any time. Last but not least, the digital solution also contributes to sustainability, as the use of the portal significantly reduces paper consumption. To ensure that the customers' perspective is incorporated into the further development of services and processes, the applications were developed in close dialog with users from the field - including the involvement of the Mewa customer advisory board. Regular customer surveys and measurements via the Customer Loyalty Index prove that customer satisfaction has increased as a result of the digital service offering.

Face-to-face contact remains essential in Mewa customer service

Rainer Monteagudo Santí, Head of Strategic Marketing & Product Management, comments on the award win as follows: "Our aim is to be close to our customers and offer them the best possible service - based on partnership, reliability and high quality. With digitalization, we can continue to ensure this, improve efficiency and transparency for both sides and thus remain fit for the future with our service for our customers as well as for our own employees."

Even with increasingly digitalized service processes, Mewa consistently relies on personal customer relationships. Direct contact with the textile service provider - by phone or email - is possible at any time. A team of sales employees, customer service staff and qualified service drivers provide technical support on site. Small and medium-sized companies are looked after regionally, while major customers with several locations, both nationally and internationally, receive centralized customer service.

Source and further information: www.mewa.ch

This article originally appeared on m-q.ch - https://www.m-q.ch/de/mewa-gewinnt-sap-innovation-award-2025-fuer-digitales-kundenportal/

Check Point Research (CPR) has published the Brand Phishing Ranking for the second quarter of 2025. The report describes the brands that are most frequently misused by cyber criminals to steal sensitive personal and financial data and highlights the constant evolution of phishing tactics. The Check Point Brand Phishing Ranking is published quarterly and is based on data from Check Point's ThreatCloud AI platform, the world's largest collaborative cyber threat intelligence network. The report analyzes phishing emails, fake websites and impersonation attempts across various vectors.

Microsoft remains the front runner

According to the report, Microsoft was again the most frequently attacked brand in Q2 2025, accounting for 25% of all phishing attempts. Google followed in second place with 11 percent and Apple was in third place with 9 percent. Remarkably, Spotify returned to the top 10 list for the first time since Q4 2019, taking fourth place with 6 percent of phishing activity. The technology sector thus remained the most impersonated industry, followed by social networks and retail.

Omer Dembinsky, Data Research Manager at Check Point Software Technologies, comments: "Cyber criminals continue to exploit the trust that users place in well-known brands. The re-emergence of Spotify and the increase in travel-related scams, particularly around the summer and school vacations, show how phishing attacks adapt to user behavior and seasonal trends. Awareness, education and security controls remain crucial to reduce the risk of compromise."

Below you will find the brands that were most frequently targeted by phishing attacks in Q2 2025:

1. Microsoft - 25%
2. Google - 11%
3. Apple - 9%
4. Spotify - 6%
5. Adobe - 4%
6. LinkedIn - 3%
7. Amazon - 2%
8. Booking - 2%
9. WhatsApp - 2%
10. Facebook - 2%

Phishing attack pretends to be Spotify

One of the most high-profile phishing attacks this quarter targeted Spotify users. Hackers created a malicious login page that could be accessed at premiumspotify[.]abdullatifmoustafa0[.]workers.dev was set up and the users to activegate[.]online/id1357/DUVzTTavlOw/CgJiMcgc0fMOJY29SAg5JRoH? redirected. The malicious page mimicked the official Spotify login page, including authentic branding and design. Victims were asked to enter their usernames and passwords. They were then redirected to a fake payment page where an attempt was made to steal their credit card details. This campaign marks Spotify's first appearance in the phishing top charts since the fourth quarter of 2019, highlighting that entertainment services are now being exploited just as aggressively as technology platforms.

Another important trend in the second quarter was the sharp increase in phishing domains for Booking.com. Over 700 new domains with the format confirmation-id****.com registered. This represents an increase of 1000 percent compared to the beginning of the year. To add credibility and urgency, many of these domains contained real user data such as names and contact details. Although these websites were short-lived, they illustrate the increasing personalization and targeting capabilities of phishing campaigns.

Trend: Technology and digital platforms under attack

In the second quarter of 2025, the technology sector was still the industry most frequently targeted by phishing attacks. Tech giants, such as Microsoft, Google and Apple, continue to be prime targets due to their widespread use in authentication and productivity workflows.

Social media platforms, such as LinkedIn, WhatsApp and Facebook, also continue to be high-risk targets. The retail and travel sectors - including Amazon and Booking.com - have been exploited by attackers to capitalize on the seasonal shopping and travel business.

Source: www.checkpoint.com/

This article originally appeared on m-q.ch - https://www.m-q.ch/de/welche-marken-besonders-haeufig-fuer-phishing-missbraucht-werden/

The AI Act, which came into force on February 2 of this year, creates a uniform legal framework for artificial intelligence within the EU. Although many regulations will not come into effect until 2026, a new phase focusing on three areas will begin on August 2, 2025:

1. Penalties for non-compliance
2. Obligations for general purpose AI models (GPAI)
3. Establishment of supervision and governance at national and European level

Penalties of up to 35 million euros

AI systems with unacceptable risks have been banned since February 2 of this year. From August 2, 2025, additional fines can now be imposed for violations of existing obligations, which can amount to up to 35 million euros or 7 percent of their total annual turnover. For example, companies must ensure that their employees have AI skills. The European Union expects its member states to define their own effective, proportionate and dissuasive penalties. The special circumstances of SMEs and start-ups should be taken into account so as not to jeopardize their economic viability.

New obligations for providers of GPAI models

GPAI models that are marketed in the European Union from August 2, 2025 are subject to legal obligations. The European Office for Artificial Intelligence published the final version of the codes of conduct on July 10, 2025. Providers of such GPAI models must, among other things, create technical documentation, observe copyrights and ensure transparency regarding the training data used.

GPAI models are AI systems with a particularly wide range of applications and are designed to perform a variety of tasks. They are trained with huge amounts of data and are correspondingly versatile. The best-known example is large language models (LLM), such as the generative language model GPT-4o, which is integrated into ChatGPT. For GPAI models that were already on the market in the European Union before August 2, 2025, a transition period applies until August 2, 2027.

Supervision and governance

The AI Regulation creates a framework with implementation and enforcement powers at two levels. At national level, each EU Member State must designate at least one market surveillance authority and one notifying authority by August 2, 2025. The former is responsible for the surveillance of AI systems, the latter for the notification of independent conformity assessment bodies. Member states must publish information on the national authorities and their contact details by the deadline. At EU level, the European AI Office and the European AI Committee will coordinate supervision. In addition, an advisory forum and a scientific committee of independent experts will be set up.

What does this mean for HR departments and employees?

The AI Act has a direct impact on how AI is used in the areas of recruitment, performance management, personnel analysis and employee monitoring. HR managers must ensure that AI tools in these areas are transparent, fair and compliant.

• Fairness and anti-discrimination: AI systems used in hiring or promotion decisions must be traceable and free from bias. HR departments should regularly review their tools and providers to ensure compliance.
• Trust and transparency: Employees gain a better insight into how AI systems influence their work, for example in scheduling, performance evaluation or occupational safety. HR departments can create trust by openly communicating how AI is used and how employees' data is protected.
• Responsibility of third-party providers: If third-party AI tools are used, HR departments must ensure that these providers meet the transparency and documentation requirements. Contracts and procurement processes should be adapted accordingly.
• Training and change management: With stronger regulation of AI, the HR department will play a key role in training managers and employees. The aim is to promote the responsible use of AI and anchor ethical standards in the corporate culture.

"Providers of GPAI models that were already on the market before August 2, 2025 have until August 2, 2027 to fully implement the new regulations. Further obligations for high-risk AI systems will follow in 2026 and 2027. This milestone reflects the EU's ambition to encourage innovation while ensuring that AI is safe, transparent and in line with European values. This puts HR at the center of responsible adoption of AI in the workplace," says Tom Saeys, Chief Operations Officer at SD Worx, a European provider of HR and payroll solutions.

Source: SD Worx

This article originally appeared on m-q.ch - https://www.m-q.ch/de/eu-ki-gesetz-wird-scharf-gestellt/

The Swiss company QUMEA, Winner of the Swiss Medtech Award 2025finds a powerful sales partner in UMB. As an experienced ICT provider for the healthcare sector, UMB takes on all phases from consulting and sales through to operation and 1st level support. To this end, the dedicated UMB sales team with a focus on healthcare was specifically trained on QUMEA.

Strategic expansion of the portfolio in the healthcare sector

With the combination of radar sensor technology and artificial intelligence, QUMEA enables contactless, anonymous monitoring that meets the highest acceptance and data protection requirements, particularly in sensitive care environments. Sales are aimed in particular at the long-term care sector, where UMB is an established provider of digital solutions as a holistic integrator. The company is currently in advanced talks with several existing customers regarding the introduction of QUMEA in their care facilities. "With QUMEA, we are strengthening our offering for long-term care with a forward-looking component. The radar-based solution enables discreet, effective monitoring and gives nursing staff valuable time for personal care," says Reto Rüegsegger, Product Management Healthcare Solutions at UMB. QUMEA complements the UMB portfolio strategically and technologically and meets a real market need with its data protection-friendly 3D radar technology, says Rüegsegger. And Cyrill Gyger, CEO of QUMEA, says of the strategic partnership with UMB: "QUMEA and UMB share the vision of combining digitalization and humanity in care. We are delighted to be moving into the future of care together."

Advantages of the QUMEA system

QUMEA enables completely contactless and anonymous monitoring using 3D radar technology, without the need for cameras, microphones or body-worn devices. The system detects early on when people in need of care leave their bed or wheelchair and alerts care staff in real time, effectively preventing falls and increasing safety. Thanks to precise detection, care staff receive targeted support and have more time for individual care. In addition, the solution allows the prevention of pressure ulcers and enables delirium management by registering unusual movement patterns or inactivity. The intuitive, app-based operation is simple, customizable and, together with full compliance with the highest data protection standards, ensures smooth, data-secure use in sensitive care environments. 

Source: UMB

This article originally appeared on m-q.ch - https://www.m-q.ch/de/umb-und-qumea-arbeiten-fuer-innovative-pflegetechnologie-zusammen/

The energy transition is profoundly changing our electricity grid. The increasing use of photovoltaic and wind power plants is making it more and more decentralized and volatile. Without digitalization, this power grid would no longer be manageable. Edge intelligence plays a key role here: the analysis of measuring device, control unit and sensor data using artificial intelligence directly at the point of origin. Dell Technologies shows how this edge intelligence supports the energy transition in many ways. 

1. Decentralized control in real time. As artificial intelligence analyzes the data at the edge, it does not need to be transferred to a central data center or cloud for processing. This makes it possible to control the local power supply from photovoltaics and wind power in real time. If there are fluctuations in supply and demand, the AI can react without delay: by regulating the feed-in, storing electricity or shifting loads.
2. Support for e-mobility. The charging infrastructure for electric vehicles can also be controlled in real time. Artificial intelligence analyses data directly at charging points and in the local grid and can forecast charging requirements, react immediately to external conditions such as grid load, electricity prices or vehicle condition and dynamically optimize charging performance. These fast and context-related decisions are particularly essential in larger charging parks and for bidirectional charging.
3. Stabilization of the overall network. By controlling local grids and charging infrastructures, edge intelligence not only ensures local grid stability. It also keeps the higher-level electricity system more stable because it dampens load peaks and avoids frequency fluctuations. Its fast, autonomous reactions relieve the burden on central grid control centers and prevent local problems from escalating into large-scale instabilities. The more edge intelligence is active in local systems, the more flexible and robust the overall grid becomes. 
4. Strengthening data protection. Edge Intelligence also strengthens data protection. Sensitive personal information such as consumption data, attendance patterns or the energy consumption of individual households remains local and does not have to be transferred anywhere. This significantly reduces the risk of data leaks and unauthorized access.
5. Increasing resilience. Last but not least, edge intelligence makes the power grid more resilient. By processing data on site, it is not dependent on a functioning internet connection. This is particularly beneficial in rural areas, where technical faults or internet outages occur more frequently. The power supply in microgrids, isolated solutions or battery systems is not affected by such cases. 

"Edge intelligence is a key tool in the energy transition because it reacts to local fluctuations in real time, thereby ensuring stable and efficient grid operation," says Chris Kramar, Director & General Manager OEM DACH at Dell Technologies. "It is supported by robust and powerful IT systems on site and central platforms that allow these systems to be supplied with the necessary software and secured."

Source: Dell Technologies

This article originally appeared on m-q.ch - https://www.m-q.ch/de/die-energiewende-vollzieht-sich-am-edge/

According to the WTW Swiss Pension Finance Watch for the second quarter of 2025, Swiss pension commitments continue to have high coverage despite a decline in the second quarter and global volatility. Assets remained largely unchanged in the second quarter of 2025, while obligations increased by 1.0 % due to the slight decrease in discount rates. As a result, the funding ratio (i.e. the ratio of pension assets to pension obligations) deteriorated by 1.3% in the second quarter, as shown by the WTW Pension Index. It fell from 125.5 % as at March 31, 2025 to 124.2 % as at June 30, 2025.

Corporate bonds were volatile in the second quarter, but ultimately the discount rate changed only slightly over the quarter, falling by 3 basis points. This had only a modest impact on pension obligations in corporate balance sheets. Asset markets were also volatile over the quarter, with typical pension fund asset classes falling by around 5 % in the first week of the second quarter, but then recovering to close the quarter virtually unchanged.

Resilience despite headwinds: Swiss pension funds remain financially stable

After a sharp increase in the first quarter of 2025 and a slight decrease in the second quarter of 2025, the discount rate has leveled off at around 1.20 %.

"Swiss pension funds continue to have strong financial positions. The general resilience of the system continues to be supported by proven investment strategies and careful risk management. The latter is characterized by timely adjustments to parameters such as conversion rates and the technical interest rate over the last five to ten years. On average, the fluctuation reserves are still almost fully covered and provide a valuable buffer against possible future market volatility," comments Adam Casey, Head of Corporate Retirement Consulting at WTW in Zurich.

Possible shift to investments with higher risks

In June, the Swiss National Bank lowered its key interest rate to 0.00 %. The European Central Bank followed suit and reduced its key interest rate by 25 basis points to 2.00 %. The US Federal Reserve (Fed), on the other hand, kept its key interest rate unchanged at 4.25 to 4.50 %, although the markets continue to expect further interest rate cuts in the course of the year.

The first part of the year was characterized by rising geopolitical tensions, including trade disputes, conflicts in the Middle East and increasing friction between the US and China. These developments led to significant market volatility in the first quarter, with the recent rise in oil and commodity prices reflecting the prevailing uncertainty. These trends continued in the second quarter, with the USA announcing far-reaching tariff increases, which led to strong market fluctuations. However, the stock markets recovered noticeably in June.

"Against a backdrop of ongoing uncertainty, many institutional investors such as pension funds have increasingly turned to alternative investments such as private equity, infrastructure and real assets - a strategy aimed at diversification and risk mitigation, particularly in light of falling bond yields. Accordingly, we advise pension funds to review their strategic asset allocation and, if necessary, replace traditional bond investments with other bond instruments," says Alexandra Tischendorf, Head of Investment at WTW Switzerland. "A highly diversified portfolio with a balanced risk exposure to the various economic sectors remains important," she continues.

Source: WTW

This article originally appeared on m-q.ch - https://www.m-q.ch/de/schweizer-pensionszusagen-verfuegen-weiterhin-ueber-hohe-deckung/

The integrated capabilities of AI agents enable the processing of large amounts of data, real-time analyses and predictions as well as the summarization and presentation of information. As a result, they are fundamentally revolutionizing the way financial transactions are conducted. Finance has evolved into a dynamic, real-time and continuous field. In AI-driven finance, automated workflows, predictive insights and collaborative actions are possible, leading to unprecedented efficiency and deeper business understanding. Finance teams can now focus on operational monitoring, business optimization and delivering reliable, actionable insights.

A paradigm shift: AI agents and the future of finance

AI agents combine traditional and generative AI to provide multidimensional capabilities that can execute end-to-end processes with minimal human intervention. These agents do more than individual AI software as they replace large parts of traditional, labor-intensive workflows and introduce new functions.

Oracle is a driving force behind this change, developing a range of AI agents that are redefining the hands-on work of finance today. By combining different AI agents, CFO teams can achieve higher levels of productivity and efficiency than ever before. CFOs can achieve strategic goals more proactively by accessing AI-powered insights, forecasts and recommendations in real time. In doing so, they utilize comprehensive data sets that were previously unavailable to them. Embedded AI agents could become the backbone of finance and continue to evolve by regularly integrating new automation and optimization capabilities. The era of iterative financial transformations with point solutions and additional software could soon be a thing of the past.

The basis is the Agent for document conversion from Oracle, which automates data capture and document creation for billing, accounting and data management. This includes processes such as breaking down expense receipts, processing supplier invoices, bank reconciliations and creating journal entries. Using the generative AI component, the agent can process data from different formats and languages so that it can deal with everyday realities, such as when a new trading partner sends in an order in a completely different format. The agent is continuously improved so that data accuracy and quality is increased through automation and little or no additional configuration is required. This advanced feature increases productivity and improves the completeness, accuracy and timeliness of data.

This allows finance teams to gain a new perspective based on a broader data set than ever before. Finance teams use their knowledge and expertise to develop optimal recommendations and actions. At the same time, they contribute to the continuous improvement of AI agents and data to ensure the highest quality and reliable results. In this way, finance can become more business-oriented, more action-oriented and, above all, more valuable. Crucially, CFOs do not need data scientists to use these tools effectively.

This base of AI agents is growing at a rapid pace. In combination with a SaaS platform that provides up-to-date and company-specific data, we believe that new opportunities for financial organizations will continue to arise.

Finance teams and AI: a strong partnership

The role of finance teams will evolve dramatically in this age of AI. AI agents automate many processes, yet they will only complement, but never replace, experienced finance professionals. AI uses big data and processes it in new ways. It analyzes and presents information and trends so that finance teams can apply their judgment, strategic insights and decision-making skills. Establishing centers of excellence for AI agents will become a best practice that enables seamless collaboration between humans and AI.

Change management must become a core competency as finance teams create a framework for continuous updates to processes, data and technology. AI agents support teams by focusing on real-time data and AI-driven outcomes, improving processes, defining measures and optimizing results. Human expertise will always be crucial when it comes to monitoring and optimally managing AI outcomes.

Now is the time for AI-driven finance

AI-driven finance activities are not just about process improvements; they represent a new way of thinking for CFOs. AI agents using your data can achieve results beyond current capabilities, allowing you to focus specifically on operational efficiency and business outcomes.

The future of finance is clear. Now is the time to switch to AI-driven financial processes.

Author

Jean Marc Pfammatter is Applications Leader Switzerland at Oracle. www.oracle.com

This article originally appeared on m-q.ch - https://www.m-q.ch/de/ki-gesteuertes-finanzwesen-eine-neue-aera-der-kontinuierlichen-transformation-fuer-cfos/

The Helsana Group is taking over Adcubum AG, which is majority-owned by the American private equity company TA Associates. Adcubum will be assigned to the Helsana Group's holding company and will remain an independent company headquartered in St. Gallen. All existing contracts will be fulfilled. Operational management will remain with the current management, and all employees will be retained. "With this investment, Helsana wants to maintain and further develop its stable, efficient and innovative health insurance software," says Helsana CEO Roman Sonderegger, explaining the takeover of Adcubum. "The investments and targeted innovations for the software will benefit Helsana and all health and accident insurers that work with Adcubum. This will ultimately benefit millions of insured persons throughout Switzerland".

Equal treatment of all customers

As the new owner, Helsana promises that Adcubum will continue to operate as an independent company. With this in mind, the majority of Adcubum's new Board of Directors will in future be made up of people who are independent of Helsana, the company announced. Adcubum is also committed to ensuring that all customers have equal access to products and services at fair prices.

Digitalization and resilient IT systems are key in a mass business such as insurance. Helsana and Adcubum have been working closely together for over a decade. The takeover should therefore also be seen in the context of Helsana's strategic development, according to the statement. The takeover strengthens digital expertise and is a decisive step towards even greater efficiency and innovation.

Adcubum with long-term oriented Swiss owner and clear ambitions

With the leading health insurer Helsana, Adcubum gains a long-term Swiss owner that is also an important customer. This creates additional opportunities to take the needs of Swiss health and accident insurers even more into account in future and to implement innovation projects efficiently. Adcubum wants to play an active role in shaping the digital transformation in the healthcare sector and further expand its position as a leading provider of insurance software in this area. With its combination of technological expertise and broad access to industry knowledge, the company will continue to focus on innovative solutions.

No premium money for takeover

The acquisition is being carried out by Helsana Beteiligungen AG, a company specializing in investments in the healthcare sector. The purchase will be financed via the holding company (Helsana Ltd). The insurance business will not be affected and no premium money will be used for the purchase of Adcubum. The parties have agreed not to disclose the purchase price.

Source: Helsana

This article originally appeared on m-q.ch - https://www.m-q.ch/de/helsana-gruppe-uebernimmt-softwareunternehmen-adcubum/

Grok, the AI chatbot developed by Elon Musk's xAI start-up, has been available on Microsoft's Azure cloud platform since the end of May. The announcement, made at the Build 2025 conference, marks a strategic turning point: Microsoft is opening up its ecosystem to a wider range of AI players, including some that are challenging its traditional partners such as OpenAI.

Open cloud environments lead to more complexity

"In general, the rapid development of AI in the cloud requires a rethink of access policies and improved monitoring of usage to ensure greater security for sensitive data flows," says Sébastien Viou, Director of Cybersecurity & Product Management at Stormshield: "The integration of AI models developed by xAI, such as Grok, on the Microsoft Azure platform represents a further step in the opening up of cloud environments to alternative large language model providers. While this open ecosystem dynamic appears to bring agility to organizations, it also introduces a new level of complexity for the teams responsible for cybersecurity."

Transparency of use is a key concern here. With generative AI now accessible via standardized Azure interfaces, the number of potential applications can increase without meaningful controls and countermeasures, especially in complex application environments that span a variety of subsystems. The result is a blurring of the line between legitimate experimentation and "shadow AI". Without precise monitoring mechanisms, it is difficult to know who is using these models, with what data and for what purposes.

New requirements for risk management

This inevitably raises the question of risk management of a legal or technical nature, such as governance of access, traceability of usage and protection of sensitive data. The fact that Grok now exists alongside other AI tools on the same platform requires a granular reassessment of the impact on data processing and operational resilience. A least privilege philosophy must prevail, with tighter controls on identities and usage sessions. Otherwise, the risk of sensitive information being compromised or leaked simply due to configuration errors becomes non-trivial.

Finally, beyond the access and visibility issues, controlling sensitive data flows is a critical blind spot. Seemingly innocuous interactions between employees and AI can hide data exfiltration or processing operations that violate security policies. In an environment where traditional data loss prevention solutions were already complex to apply, the challenge takes on a new dimension. This requires holistic cybersecurity measures that go beyond mere reactivity and are integrated into the corporate strategy from the ground up. This includes comprehensive mechanisms to enforce zero-trust principles that ensure that every access request - whether from a human or AI - is authenticated, authorized and continuously validated, regardless of location or device.

Digital sovereignty as the key

Controlling the flow of data in the context of AI applications also requires innovative solutions that go beyond traditional perimeter defense. An effective security strategy must be able to analyze AI-generated content and AI-driven interactions in real time to prevent potential misuse or leakage of sensitive information. This requires advanced network-level inspection capabilities and endpoint protection capable of detecting and preventing unusual behavior or suspicious patterns emanating from AI models.

Given the rapid pace of development and potential risks, it is essential to rely on trustworthy and transparent cybersecurity solutions, especially when it comes to protecting critical data and infrastructure. Only by building a robust security foundation that prioritizes digital sovereignty and compliance with European standards can companies reap the full benefits of AI safely and responsibly. Such a comprehensive strategy is key to unleashing the innovative power of AI without losing control. Because without a rigorous approach to governance and oversight, AI, whether generative or not, is likely to evolve in organizations faster than the means to control it.

Source: Stormshield

This article originally appeared on m-q.ch - https://www.m-q.ch/de/cloudbasierte-ki-anwendungen-und-die-gefahr-der-schatten-ki/

Venturelab has been putting together the Swiss national start-up team since 2006. As part of the Venture Leaders Roadshows, the entrepreneurs meet investors, industry experts and potential customers in leading global technology centers such as Silicon Valley, Boston, Asia, Barcelona, Munich and London. The Venture Leaders Medtech 2025 program is supported by EPFL, ETH Zurich, Hansjörg Wyss, Helbling Technik, the Health Innovation Hub Aargau, Kellerhals Carrard, the Canton of Vaud and Vischer.

Attracting international attention

After a competitive selection process that reviewed over 70 applications, a panel of investors and industry experts selected ten startups to participate in the upcoming roadshow in Boston - one of the world's leading centers for healthcare innovation. The week-long program will give participants the opportunity to connect with company representatives, potential partners and investors and advance their US market entry strategy.

The selected Swiss medtech startups are receiving international attention - and for good reason: they address challenges such as smart implants, AI-assisted diagnostics, neonatal nutrition and non-invasive monitoring. "These innovations are not only impressive - they have the potential to change medical technology worldwide," says Stefan Steiner, Co-Managing Director of Venturelab.

This year's Venture Leaders Medtech participants join a remarkable group of previous attendees - including Lunaphore Technologies (acquired by Bio-Techne), Virtamed, Credentis (acquired by vVardis), Stimit (acquired by Dräger), CUTISS, Distalmotion, MindMaze, Positrigo and Volumina Medical. "The organization of the program was exceptional, and the quality of the meetings exceeded all my expectations," says Pablo Lara, co-founder of OncoSwab and former Venture Leader Medtech 2024 participant. "I was so impressed that I even postponed my return flight to extend my stay. I can recommend this program without reservation."

The 10 medtech start-ups of 2025

This year's national startup team in the medtech sector is made up as follows:

• Babylat | Bern | www.babylat.com: Babylat is the first automated table-top device for enriching proteins and fats from breast milk to improve the nutrition of premature babies.
• Clee Medical | Geneva | www.cleemedical.comClee Medical enables safer and faster neurosurgical procedures through high-resolution real-time brain imaging combined with AI-driven navigation.
• dEEGtal Insight | Bern | www.deegtal.aidEEGtal Insight improves the diagnosis of epilepsy and mental illness by using AI software to extract hidden patterns from routine EEGs.
• DigeHealth | Vaud | www.digehealth.chDigeHealth is developing a wearable that records bowel sounds to detect blockages early and enable more informed clinical decisions.
• Hemetron | Zurich | www.hemetron.comHemetron offers a solution for home monitoring using novel blood tests to enable the early treatment of chronic inflammatory diseases.
• Inteeth | Geneva | www.inteeth.comInteeth is the first truly invisible dental splint that straightens teeth from behind and enables faster, more discreet treatment.
• NX-Spine | Basel | www.nexilis.chNX-Spine improves the fixation of bone screws in spinal fusions with a fast, polymer-based solution that increases stability and safety.
• OrthoSens | Law | www.orthosens.chOrthoSens makes orthopaedic implants intelligent by integrating battery-free sensors that provide surgeons with real-time data on recovery.
• Augury Medical (Pace Locator) | Bern | www.pacelocator.comPace Locator helps prevent heart failure caused by pacemakers by providing real-time cardiac data during the procedure.
• Scanvio Medical | Zurich | www.scanvio.comScanvio Medical uses AI to turn standard ultrasound into a tool for faster, non-invasive detection of endometriosis.

Source: Venture Leaders

This article originally appeared on m-q.ch - https://www.m-q.ch/de/zehn-schweizer-medtech-startups-fuer-us-expansion-ausgewaehlt/