Gemini, Copilot, or ChatGPT? What You Want to Know

/in , ,

Earlier this month, we surveyed our clients about the AI services they use regularly. The results show that a majority of respondents prioritize the AI services included within their existing productivity suites.

Of more than 50 respondents:

  • 57% use Gemini for Google Workspace (including the Gemini App, Gems, and NotebookLM)
  • 55% use Microsoft Copilot
  • 51% use stand-alone AI services, such as ChatGPT, Claude, and/or Grok
  • 12% use Gemini Enterprise

While stand-alone service adoption is slightly lower, many companies officially use more than one solution:

  • 33% use Gemini AI and at least one stand-alone service.
  • 33% use Microsoft Copilot and at least one stand-alone service.

As you evaluate your AI needs, consider these strategic factors:

Secure Your Baseline

Maintain control and security over your data before you begin your AI journey. You need to ensure that individuals using AI cannot access information beyond their specific responsibilities. Additionally, you also want to confirm that your data is not used to train or populate learning models beyond your internal systems.

This data governance is critical for maintaining compliance with regulatory, industry, and contractual requirements for data protection.

Understanding how each AI tool or service integrates with your identity, access, and security services helps you select solutions that will protect your business.

Start Simple

Before diving into multiple new solutions, explore and take advantage of the AI services embedded in your current IT systems and applications.

Microsoft Copilot and Gemini for Google Workspace each offer a robust suite of services. You may not need to make additional investments in other tools. Additionally, both platforms integrate directly with your email, documents, spreadsheets, and meetings, as well as other applications within your suite.

Leveraging these services lets you avoid the cost and complexity of third party integrations. For example, both Gemini and Copilot provide excellent transcription and note-taking services for Google Meet and Microsoft Teams meetings, respectively.

Dive DeepConnect with a Cloud Advisor

Before adding third party AI services and tools, make sure to explore and pilot the capabilities already at your fingertips.

For instance, Gemini AI for Google Workspace includes:

  • The Gemini App (gemini.google.com): Provides prompt response using public information and secure access to your content in Google Workspace. It also supports advanced image creation and manipulation, Deep Research tools, and short video creation.
  • Gems: Customized Gen AI chat agents with defined personas and objectives
  • Scheduled Actions: Automation for repetitive AI actions
  • NotebookLM: creates private, secure learning models using your data and select public information.

Define Use Cases

As part of your exploration, identify use cases where AI integration provides tangible benefits.

For each use case, define the opportunity, workflows, process changes, and desired outcomes.

These use cases provide you with a framework to test AI services and solutions, and they will help you identify the individuals and teams that will be impacted by AI adoption. These people will require training and should participate in your AI pilot projects.

Be Selective

If you cannot address use cases with your integrated and embedded AI services, focus your search on AI tools and services appropriate for your use cases.

Before selecting a tool, vet its ability to integrate with your existing applications, systems, and security. Keep in mind that every additional application introduces administrative overhead and security constraints.

Balance the added effort and costs against the potential outcomes to ensure that the tool delivers true value to your business.

Help is Here

Visit our AI Landing Zone for a range of resources to help you plan, manage, and secure your AI services.

Our Cloud Advisors can also provide the guidance and assistance you need to plan and execute your AI strategy. Send us an email or book a brief introductory call. We are here to help.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with productive, security, and secure managed cloud services. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped hundreds of organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience and effective change management.

Cyber Attack Recovery Starts Before the Breach

/in , ,

No prevention is perfect. No protection is perfect. You are already a target for cyberattacks, and eventually, one will likely succeed. When that happens, you need to know what comes next.

Event or Incident? Know the Difference

Understanding the distinction between a cybersecurity event and an incident is critical because they carry different operational and legal implications.

A Cybersecurity Event is an observable change in the status of a network, system, application, or data. You should investigate these events to determine if they qualify as an incident. Not all events become incidents.

A Cybersecurity Incident is a confirmed event, or series of events, that jeopardizes the confidentiality, integrity, or availability of data or systems. It causes harm or disruption and requires an immediate, formal response. Incidents trigger legal, regulatory, and contractual obligations, such as reporting, that must be managed.

Connect with a Cloud AdvisorYour Next Steps

With this distinction in mind, follow these steps to manage the situation effectively.

1 Do NOT Panic

Stay calm.

Quick, smart action serves you better than panic.

2 Disconnect and Isolate

Notify your IT team and service providers immediately.

Enlist their assistance to secure every impacted or potentially impacted system:

  • Log out users on all devices.
  • Change passwords or disable accounts.
  • Disconnect systems from your network and the internet.
  • Document all actions and changes with a timestamp.

3 Document the Event

Take a few moments to document everything you know.

Create a clear timeline of the situation:

  • What did you notice and when?
  • What happened and when?
  • What actions did you take (e.g., links clicked, reports made to IT)?

4 Do NOT Start Fixing Things

Your cyber insurance carrier, legal counsel, or law enforcement may need to preserve your systems for forensics.

Restoring systems or recovering data prematurely could destroy evidence and impede criminal investigations. Furthermore, altering systems might provide a reason for your insurance carrier to deny or limit your claim.

5 Make These Calls

Connect with resources that can help you navigate your next steps.

Your Cyber Insurance Agent and/or Carrier

Advise your insurer that you are responding to a cybersecurity event that may be an incident. They will want to know the nature of the event and any actions you have taken. If they determine the event is an incident, they will initiate a response.

Your insurer may: (1) Require you to report the event to law enforcement (FBI or CISA.GOV); (2) Require you to hold systems for forensic analysis; (3) Hire a specialized firm to manage recovery efforts; and/or (4) Direct you to complete other specific actions.

Your insurer may also ask for validation that you follow your security policies and procedures. Depending on your coverage, they may also provide assistance with: (1) Required legal and/or regulatory reporting; (2) Client communications; (3) Client response services (e.g., credit monitoring); and (4) Other response-related services.

Your Legal Counsel

Work with counsel knowledgeable in cybersecurity response.

They will help you with: (1) Compliance with state and federal laws and industry regulations; (2) Stakeholder and customer notifications; (3) Contractual obligations; and (4) Interactions with law enforcement.

Law Enforcement

We recommend opening a report with law enforcement in coordination with your cyber insurance carrier and legal counsel.

  • If your local law enforcement agency lacks a dedicated cybercrime unit, they can still open a report and refer you to the cybercrime unit of your local FBI field office. You can also report directly to the FBI or CISA.GOV.
  • Please be aware that law enforcement may collect computers or other devices as evidence. While this can be disruptive to daily operations, the long-term benefits far outweigh the temporary inconvenience.
  • Reporting the crime provides you with an official record that often assists insurance claims, and law enforcement may also be able to assist with recovery. For example, federal agencies maintain a database of decryption keys for ransomware attacks which could help you recover data without paying a ransom.

The Event

Human action triggered all three of these recent events. While it is easy to claim that the individuals involved should have known better, the reality is that even knowledgeable people succumb to these tricks when they are tired or distracted.

How many times have you replied to or acted on an email that you skimmed or quickly read without focusing on the content? We are all busy, and an email often feels like just another task to check off.

When you combine a false sense of security with a momentary lack of attention, it is very easy to click the wrong link, enter credentials into a fake site, or share private information.

Technology is vital for protection, but your people must also understand the risks. They should be able to identify suspect interactions and know exactly what to do when faced with a suspicious email, text, call, or web page.

After The Event

In every recent event we have handled, the business and IT leaders were unsure how to proceed. Given the urgency and stress of the moment, none of them referred to an existing Information Security Plan because they did not have an incident response checklist or strategy in place.

We tend to focus on recovery, such as getting systems back online and restoring data. While this is an urgent and tangible response, it is only one part of the equation.

Your cyber insurance carrier may need to verify your security measures, conduct a forensics analysis, or direct your recovery efforts. You likely have legal, industry, or contractual reporting requirements, and you may even need law enforcement to investigate.

Response and recovery from a cyberattack requires having the technology in place to get your systems, apps, and data back in operation as well as having resources in place to get you through the legal, regulatory, contractual, marketing, and customer relationship challenges you will face.

Help is Here

Responding to an attack requires a plan before the attack occurs. Our Security CPR® model provides the framework your business needs:

  • Communicate and Educate: Ensuring your team stays knowledgeable, aware, and prepared through appropriate policies and procedures.
  • Prevent and Protect: The right mix of security solutions to prevent cyberattacks and protect against active and successful attacks.
  • Recover and Respond: The services needed for business continuity, resilience, and a quick return to operations, along with the resources to assist with the insurance, regulatory, legal, and communication aspects of a cyber incident response.
About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America.

Cybersecurity Fatigue: Is Your Business at Risk?

/in , ,

Security fatigue is real. You’ve felt it, and so have we. Cyber criminals know this, and they are waiting to capitalize on it. When we let security fatigue guide our decisions and allow our guard to drop, we become much more likely to fall victim to a cyberattack.

Over the past few weeks, we have assisted multiple companies that fell victim to such attacks. These events reflect a recent surge in cyberattacks, serving as a harsh reminder that we must remain vigilant.

Common Elements

Each of these recent cases shared three common elements:

  1. An employee clicked on a malicious link and shared account information.
  2. The company opted not to deploy recommended security measures.
  3. Neither the business or IT leaders had a plan for how to respond to an emergency.

These elements demonstrate critical failures at every phase of a cybersecurity event.

Prior to The Event

Even as small businesses, we are more vulnerable to cyberattacks than we may expect. A basic suite of cybersecurity services is no longer optional, it is essential for defending and protecting against attacks.

In each of the cases we recently handled, simple and effective baseline tools were not in place. Decisions made to avoid the incremental cost of added protections left these businesses exposed.

Consequently, each company is now paying a much larger price, ranging from several days of downtime and lost productivity to potential fines and litigation.Connect with a Cloud Advisor

The Event

Human action triggered all three of these recent events. While it is easy to claim that the individuals involved should have known better, the reality is that even knowledgeable people succumb to these tricks when they are tired or distracted.

How many times have you replied to or acted on an email that you skimmed or quickly read without focusing on the content? We are all busy, and an email often feels like just another task to check off.

When you combine a false sense of security with a momentary lack of attention, it is very easy to click the wrong link, enter credentials into a fake site, or share private information.

Technology is vital for protection, but your people must also understand the risks. They should be able to identify suspect interactions and know exactly what to do when faced with a suspicious email, text, call, or web page.

After The Event

In every recent event we have handled, the business and IT leaders were unsure how to proceed. Given the urgency and stress of the moment, none of them referred to an existing Information Security Plan because they did not have an incident response checklist or strategy in place.

We tend to focus on recovery, such as getting systems back online and restoring data. While this is an urgent and tangible response, it is only one part of the equation.

Your cyber insurance carrier may need to verify your security measures, conduct a forensics analysis, or direct your recovery efforts. You likely have legal, industry, or contractual reporting requirements, and you may even need law enforcement to investigate.

Response and recovery from a cyberattack requires having the technology in place to get your systems, apps, and data back in operation as well as having resources in place to get you through the legal, regulatory, contractual, marketing, and customer relationship challenges you will face.

How We Help: Security CPR

Your security profile should match your business. The nature of your company, its size, your industry and markets, and your locations should all dictate your security requirements. Your leadership team should guide your security strategy and spending.

Our Security CPRⓇ model and services provide the framework for creating the right security profile for your business:

  • Communicate and Educate: Ensure you and your team are knowledgeable, aware, and prepared, and that you have appropriate policies and procedures in place.
  • Prevent and Protect: Implement the right mix of security solutions to stop cyberattacks and defend against active threats.
  • Recover and Respond: Build the necessary services for business continuity, resilience, and a quick return to operations, including resources to assist with the insurance, regulatory, legal, and communication aspects of a response to an incident.
About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America.