Feb 20, 2025The Hacker NewsEmail Security / Fraud PreventionThe payment card industry has set a critical deadline for businesses handling cardholder data or processing payments- by March 31, 2025, DMARC implementation will be mandatory! This requirement highlights the importance of preventative measures against email fraud, domain spoofing, and phishing in the financial space. This is not an optional requirement as non-compliance may result in monetary penalties ranging from $5,000 to $100,000. Organizations can sign up for a DMARC analyzer trial to stay ahead of PCI DSS 4.0 requirements today! For businesses of all sizes, this is their cue to strengthen domain security and prevent the next big cyber attack. With more than 94% of organizations falling victim to phishing in 2024, the mandate has never been more critical! Many organizations turn to email authentication management solutions like PowerDMARC to simplify implementation, monitor authentication, and ensure continuous protection. On the flip side, it also presents a golden opportunity for MSPs to sell DMARC to their clients and grow their business exponentially. Key takeaways PCI DSS v4.0 mandates DMARC by March 31st, 2025.The requirement applies to all organizations, system components, people, and processes directly or indirectly handling or processing cardholder data and sensitive authentication data.The PCI DSS 4.0 DMARC Compliance mandate comes at an ideal time with phishing emerging as the top attack vector representing 39% of incidents. Failing to comply may result in financial penalties, increased risk of email fraud, and deliverability issues.MSPs can leverage this opportunity to provide DMARC-as-a-service to clients, standing out in the cybersecurity market. PowerDMARC can help businesses and MSPs meet DMARC compliance easilySurge in Domain Spoofing, Impersonation & PhishingBy December of 2023, there was a 70% increase in phishing attacks in just 3 months. Social media and webmail were the most targeted industry sectors for phishing attacks in 2024.The US takes first place as the top origin for phishing attacks worldwide. Artificial Intelligence has made generating successful email phishing campaigns significantly easier.AI-powered phishing attacks have increased by more than 51% in recent years.Several top brands have been successfully impersonated in domain spoofing attempts over the last 3 years.These concerning statistics highlight the importance of adopting phishing prevention and anti-spoofing solutions like DMARC. Yet, many fail to do so even now. Who Are Affected by the PCI DSS 4.0 DMARC Mandate? Cybercriminals deploy sophisticated methods to exploit vulnerabilities within your organization's - not sparing email communications. Threat actors are adept at impersonating trusted brands and tricking victims into disclosing private financial information. By making DMARC compliance a mandate, the PCI SSC aims to reduce the risk of domain impersonation and phishing attacks. The mandate doesn't just affect businesses. It goes beyond that to impact all entities handling card payments. If your business or service falls into any of the following categories, you must comply with the mandate by March 31, 2025:1. Organizations Handling Cardholder DataAny business that processes, stores, or transmits cardholder data (CHD) or sensitive authentication data (SAD).Examples: retailers, e-commerce platforms, and financial institutions.2. Service Providers Third-party service providers who are responsible for acquiring, processing, accepting, or issuing cardholder data on behalf of other organizations.Examples: payment gateways, processors, and managed IT service providers.3. Entities Storing or Transmitting Cardholder DataOrganizations that store, process, or transmit cardholder data, even if they do not directly handle payments.Examples: cloud service providers and data centers.4. System Components and IndividualsAny system components (e.g., servers, applications, or devices) or individuals directly or indirectly connected to systems that handle cardholder data.Examples: IT administrators, developers, and security teams.5. Indirectly Connected SystemsEntities with system components that are indirectly connected to systems handling cardholder data.Examples: marketing platforms or customer support tools that interact with payment systems.6. Small, Mid-Sized, and Enterprise-Level BusinessesThe mandate applies to organizations of all sizes, from small businesses to large enterprises.Compliance is not limited by the scale of operations but by the involvement in cardholder data handling.Consequences of Non-Compliance with PCI DSS DMARC RequirementsOrganizations, irrespective of size, must ensure compliance with PCI DSS 4.0 by configuring DMARC before the 31st of March 2025. Non-compliance may lead to several complications, including: Financial penalties: the immediate repercussion for businesses failing to comply with the requirements is heavy financial penalties (ranging from $5000 - $100,000).Risk of impersonation: the heightened risk of brand impersonation through domain spoofing attempts. Loss of trust: Reputational damage as a result of excessive spam complaints.Low email deliverability rates: Induced poor email deliverability due to lack of customer trust and poor domain reputation. To avoid last-minute compliance issues, this is the cue for businesses to act fast and implement DMARC for their domains! How DMARC Helps Implementing DMARC is more than just a compliance requirementit's a powerful tool to safeguard your organization's email security. Here's how DMARC can benefit your business:Prevents Email Fraud Blocks phishing, spoofing, and unauthorized email use, reducing cyber threats.Improves Email Deliverability Ensures legitimate emails reach inboxes, minimizing spam filtering issues.Enhances Domain Security Provides visibility into email traffic and stops unauthorized senders.Protects Brand Reputation Prevents domain impersonation, reinforcing trust with customers.Ensures Compliance Meets PCI DSS 4.0 and global email security standards.Delivers Actionable Insights Generates reports to optimize email authentication and security.A Key Opportunity for MSPs to Benefit FromThe new PCI DSS DMARC compliance requirement is more than just a regulatory mandate - it is a golden opportunity for MSPs to acquire more clients and scale their business. Managed Service Providers can explore DMARC MSP partnership programs to ride this wave of success. Offer DMARC-as-a-ServiceMSPs can help their clients achieve PCI DSS 4.0 compliance by offering DMARC implementation, monitoring, and management services. Strengthen Client Domain SecurityMSPs can assist clients in enforcing their DMARC policies to prevent sophisticated email-based threats like phishing, spoofing, BEC, and ransomware. Open Up a New Revenue StreamBy providing DMARC deployment and management services, MSPs can double their profits while investing only a fraction of the amount into adding DMARC to their service stack. Stand Out in the MarketBusinesses are always on the lookout for innovative cybersecurity solutions to handle compliance complexities with ease! By adding DMARC solutions to their service portfolio, MSPs can position themselves as the go-to PCI DSS 4.0 DMARC Compliance service provider. How PowerDMARC Helps Businesses & MSPs PowerDMARC is the one-stop solution for all email authentication and domain security needs! Specializing in simplified DMARC management and monitoring services, it also offers a comprehensive DMARC MSP solution for managed service providers. The platform smartly integrates AI and automation by leveraging Threat Intelligence technology. It's the perfect blend of simple and seamless implementation and robust effectiveness. PowerDMARC can help in the following ways: Quick and Instant DMARC DeploymentAutomated tools to instantly create and publish your DMARC records.Hosted DMARC for easy management and monitoring.Simplified reporting to keep track of your email deliverability. SPF Error Mitigation SupportHosted SPF for effortless SPF implementation and management.SPF Macros for instant SPF record optimizations to stay under DNS lookup and void limits.Easy SPF error handling and troubleshooting.Advanced Threat Intelligence Predictive threat intelligence analysis to detect attack patterns and trends. Detect early signs of phishing and spoofing to prevent them at the root.MSSP BenefitsMulti-tenant and multi-language control panel Full platform white labeling and rebranding Extensive API endpointsDedicated MSP sales, support, and marketing assistance Final ThoughtsAs the PCI DSS v4.0 compliance deadline is fast approaching, businesses need to take immediate action to secure their email communications. With major service providers like Google and Yahoo making DMARC mandatory for bulk senders, email authentication is no longer optional! It's a critical security enhancement that can prevent the next big cyber scam. To make compliance effortless, thousands of organizations and MSPs choose PowerDMARC as their compliance partner. PowerDMARC facilitates fast and hassle-free DMARC deployment backed by AI-powered automation, threat intelligence, and expert support. Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Pam Baker, Contributing WriterFebruary 20, 202511 Min ReadTithi Luadthong via Alamy StockWhile its tempting to brush aside seemingly minimal AI model token costs, thats only one line item in the total cost of ownership (TCO) calculation. Still, managing model costs is the right place to start in getting control over the end sum. Choosing the right sized model for a given task is imperative as the first step. But its also important to remember that when it comes to AI models, bigger is not always better and smaller is not always smarter.Small language models (SLMs) and large language models (LLMs) are both AI-based models, but they serve different purposes, says Atalia Horenshtien, head of the data and AI practice in North America at Customertimes, a digital consultancy firm.SLMs are compact models, efficient, and tailored for specific tasks and domains. LLMs, are massive models, require significant resources, shine in more complex scenarios and fit general and versatile cases, Horenshtien adds.While it makes sense in terms of performance to choose the right size model for the job, there are some who would argue model size isnt much of a cost argument even though large models cost more than smaller ones.Focusing on the price of using an LLM seems a bit misguided. If it is for internal use within a company, the cost usually is lass than 1% of what you pay your employees. OpenAI, for example, charges $60 per month for an Enterprise GPT license for an employee if you sign up for a few hundred. Most white-collar employees are paid more than 100x that, and even more as fully loaded costs, says Kaj van de Loo, CPTO, CTO, and chief innovation officer at UserTesting.Related:Instead, this argument goes, the cost should be viewed in a different light.Do you think using an LLM will make the employee more than 1% more productive? I do, in every case I have come across. It [focusing on the price] is like trying to make a business case for using email or video conferencing. It is not worth the time, van de Loo adds.Size Matters but Maybe Not as You ExpectOn the surface, arguing about model sizes seems a bit like splitting hairs. After all, a small language model is still typically large. A SLM is generally defined as having fewer than 10 billion parameters. But that leaves a lot of leeway too, so sometimes an SLM can have only a few thousand parameters although most people will define an SLM as having between 1 billion to 10 billion parameters.As a matter of reference, medium language models (MLM) are generally defined as having between 10B and 100B parameters while large language models have more than 100 billion parameters. Sometimes MLMs are lumped into the LLM category too, because whats a few extra billion parameters, really? Suffice it to say, theyre all big with some being bigger than others.Related:In case youre wondering, parameters are internal variables or learning control settings. They enable models to learn, but adding more of them adds more complexity too.Borrowing from hardware terminology, an LLM is like a systems general-purpose CPU, while SLMs often resemble ASICs -- application-specific chips optimized for specific tasks, says Professor Eran Yahav, an associate professor at the computer science department at the Technion Israel Institute of Technology and a distinguished expert in AI and software development. Yahav has a research background in static program analysis, program synthesis, and program verification from his roles at IBM Research and Technion. Currently, he is CTO and co-founder of Tabnine, an AI-coding assistant for software developers.To reduce issues and level-up the advantages in both large and small models, many companies do not choose one size over the other.In practice, systems leverage both: SLMs excel in cost, latency, and accuracy for specific tasks, while LLMs ensure versatility and adaptability, adds Yahav.Related:As a general rule, the main differences in model sizes pertain to performance, use cases, and resource consumption levels. But creative use of any sized model can easily smudge the line between them.SLMs are faster and cheaper, making them appealing for specific, well-defined use cases. They can, however, be fine-tuned to outperform LLMs and used to build an agentic workflow, which brings together several different agents -- each of which is a model -- to accomplish a task. Each model has a narrow task, but collectively they can outperform an LLM, explains, Mark Lawyer, RWS' president of regulated industries and linguistic AI.Theres a caveat in defining SLMs versus LLMs in terms of task-specific performance, too.The distinction between large and small models isnt clearly defined yet, says Roman Eloshvili, founder and CEO of XData Group, a B2B software development company that exclusively serves banks. You could say that many SLMs from major players are essentially simplified versions of LLMs, just less powerful due to having fewer parameters. And they are not always designed exclusively for narrow tasks, either.The ongoing evolution of generative AI is also muddying the issue.Advancements in generative AI have been so rapid that models classified as SLMs today were considered LLMs just a year ago. Interestingly, many modern LLMs leverage a mixture of experts architecture, where smaller specialized language models handle specific tasks or domains. This means that behind the scenes SLMs often play a critical role in powering the functionality of LLMs, says Rogers Jeffrey Leo John, co-founder and CTO of DataChat, a no-code, generative AI platform for instant analytics.In for a Penny, in for a PoundSLMs are the clear favorite when the bottom line is the top consideration. They are also the only choice when a small form factor comes into play.Since the SLMs are smaller, their inference cycle is faster. They also require less compute, and theyre likely your only option if you need to run the model on an edge device, says Sean Falconer, AI entrepreneur in residence at Confluent.However, the cost differential between model sizes comes from more than direct model costs like token costs and such.Unforeseen operational costs often creep in. When using complex prompts or big outputs, your bills may inflate. Background API calls can also very quickly add up if youre embedding data or leveraging libraries like ReAct to integrate models. It is for this reason scaling from prototype to production often leads to what we call bill shock, says Steve Fleurant, CEO at Clair Services.Theres a whole pile of other associated costs to consider in the total cost of ownership calculation too.It is clear the long-term operational costs of LLMs will be more than just software capabilities. For now, we are seeing indications that there is an uptick in managed service provider support for data management, tagging, cleansing and governance work, and we expect that trend to grow in the coming months and years. LLMs, and AI more broadly, put immense pressure on an organization to validate and organize data and make it available to support the models, but most large enterprises have underinvested in this work over the last decades, says Alex Bakker, distinguished analyst, with global technology research and advisory firm ISG.Over time, as organizations improve their data architectures and modernize their data assets, the overhead of remediation work will likely decrease, but costs associated with the increased use of data -- higher network consumption, greater hardware requirements for supporting computations, etc. -- will increase. Overall, the advent of AI probably represents a step-change increase in the amount of money organizations spend on their data, Bakker adds.Other standard business costs apply to models, too, and are adding strain to budgets. For example, backup models are a necessity and an additional cost.Risk management strategies must account for provider-specific characteristics. Organizations using OpenAI's premium models often maintain Anthropic or Google alternatives as backups, despite the price differential. This redundancy adds to overall costs but is essential for business continuity, says David Eller, group data product manager at Indicium.There are other line items more specific to models that are bearing down on company budgets too.Even though there are API access fees to consider, the synthesis of the cost of operational overhead, fine-tuning, and compute resources can easily supersede it. The ownership cost should be considered thoroughly before implementation of AI technologies in the organization, says Cache Merrill, founder of Zibtek, a software development company.Merrill notes the following as specific costs to look and budget for:Installation costs: Running the fine-tuned or proprietary LLMs may require NVIDIA A100 or H100 Graphics Processing Units which can cost $25,000+. In contrast, enterprise-grade cloud computing services costs between $5,000 - $15,000 for consistent usage on its own.Model fine-tuning: The construction of a custom model LLM can cost tens of thousands of dollars or more based on the various parameters of the dataset and constructional aspects.Software maintenance: With regular updates of models this software will also require security checks and compliance as well as increasing cost at each scale, which is usually neglected at the initial stages of the project.Human oversight: Employing experts in a particular field to review and advise LLM results is becoming more common, which adds to the employees wage payout.Some of the aforementioned costs are reduced by the use of SLMs but some are not, or not significantly so. But given that many organizations use both large and small models, and/or an assortment of model types, its fair to say that AI isnt cheap, and we havent yet touched on energy and environmental costs. The best advice is to first establish solid use cases and choose models that precisely fit the tasks and a solid lead towards the ROI youre aiming for.SLM, LLM, and Hybrid ExamplesIf youre unsure of or have yet experimented with -- small language models, here are a few examples to give you a starting point.Horenshtien says SLM examples on her list include Mistral 7B, LLaMa 3, Phi 3, and Gemma. Top LLMs on her list are GPT-4, Claude 3.5, Falcon, Gemini, and Command R.Examples of SLM vs LLM use cases in the real-world that Horenshtien says her company sees include:In manufacturing, SLMs can predict equipment failures, while LLMs provide real-time insights from IoT data.In retail, SLMs personalize recommendations; LLMs power virtual shopping assistants.In healthcare, SLMs classify records, while LLMs summarize medical research for clinicians.Meanwhile, Eloshvili says that some of the more solid and affordable versions [of SLMs and other LLM alternatives], in my opinion, would include Google Nano, Meta Llama 3 Small, Mistral 7B and Microsoft Phi-3 Mini."But everyone understandably has their own list of SLMs based on varying criteria of importance to the beholder.For example, Joseph Regensburger, vice president of research at Immuta, says some cost-efficient SLM options include GPT-4o-mini, Gemini-flash, AWS Titan Text Lite, and Titan Text Express.""We use both LLMs and SLMs. The choice between these two models is use-case-specific. We have found SLMs are sufficiently effective for a number of traditional natural language processing tasks, such as sentence analysis. SLMs tend to handle the ambiguities inherent in language better than rule-based NLP approaches, at the same time offering a more cost-effective solution than LLMs. We have found that we need LLMs for tasks involving logical inference, text generation, or complex translation tasks," Regensburger explains.Rogers Jeffrey Leo John urges companies to consider SLM open-source models too. If you are looking for small LLMs for your task, here are some good open- source/open-weight models to start with: Mistral 7B, Microsoft Phi, Falcon 7B, Google Gemma, and LLama3 8B.And if youre looking for some novel approaches to SLMs or a few other alternatives, Anatolii Kasianov, CTO of My Drama, a vertical video platform for unique and original short dramas and films, recommends: DistilBERT, TinyBERT, ALBERT, GPT-Neo (smaller versions), and FastText.At the end of the day, the right LLM or SLM depends entirely on the needs of your projects or tasks. Its also prudent to remember that Generative AI doesnt have to be the hammer for every nail, says Sean Falconer, AI entrepreneur in residence at Confluent.Read more about:Cost of AIAbout the AuthorPam BakerContributing WriterA prolific writer and analyst, Pam Baker's published work appears in many leading publications. She's also the author of several books, the most recent of which are "Decision Intelligence for Dummies" and "ChatGPT For Dummies." Baker is also a popular speaker at technology conferences and a member of the National Press Club, Society of Professional Journalists, and the Internet Press Guild.See more from Pam BakerNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeWebinarsMore WebinarsReportsMore Reports

Cody Scott, Senior Analyst, ForresterFebruary 20, 20255 Min ReadParadee Kietsirikul via Alamy StockYour organizations single biggest risk is an ineffective risk management program. Organizations tend to focus on compliance objectives while inadvertently undervaluing or deprioritizing risks that could have significant impacts for many reasons. Compliance goals are prescriptive, with concrete actions to accomplish, making compliance a generally straightforward activity. Risk, on the other hand, is dynamic and complex.During the early 2000s, some of the largest financial scandals (Enron, WorldCom, Tyco) rocked the business world to its core, unleashing a new regulatory wave of corporate governance and internal controls requirements. In its wake, the three lines of defense (3LOD) were born. And when the Institute of Internal Auditors picked it up 10 years later, the industry branded and prescribed 3LOD as the cure to poor risk management. Yet, like prescription drugs, regulatory support doesnt guarantee effectiveness.Enter a More Modern Risk Approach: Continuous Risk ManagementHeres where we need the right prescription for managing risk. Continuous risk management is a modern approach to ensure that organizations not only take on the right risks in support of their strategic direction but also follow a holistic process to bring risk-based planning and mitigation oversight into the value chain -- a significant gap in the 3LOD approach and in most risk programs today. Continuous risk management unites the businesss strategic and operational sides under a common goal -- a pursuit of value -- and formalizes a process, key decision points, and opportunities to change course as project conditions and risk tolerances change over time.Related:Continuous risk management as a model has two main components:The first loop (identify, plan, analyze, and design) emphasizes strategic planning and the role of leaders in defining the pursuit of value to which risk and compliance projects will be aligned, ensuring that the pursuit is successful.The second loop (implement, respond, measure, and monitor) highlights the implementation work that control owners and operations teams perform to keep the pursuit of value on track and optimize mitigation strategies as new risks unfold. Importantly, the model features key inflection points as teams cycle through both loops that allow them to reevaluate decisions and escalate issues accordingly.Keys To Getting Continuous Risk Management RightFor organizations to get to continuous risk management, they must do these four things:1. Use the 3LOD model the right way to define roles and ensure segregation of duties. Contrary to popular belief, 3LOD is not a regulatory requirement. If your organization has adopted 3LOD for segregation of duties, you dont need to abandon it. Instead, use 3LOD for its intended purpose: to appropriately define roles and responsibilities. Use the model in combination with the 3LOD to answer the following: What work do we need to do? How should we do it? Who should be involved in the process?Related:2. Use the continuous risk model to identify gaps in your existing program and create a roadmap to improve the supporting processes, skills, and technology needed. Fortunately, you dont need to start from scratch to get to continuous risk management, as many pieces are likely already in place. For example, an organizations project management office might operate separately from its enterprise risk and compliance program, indicating a process and communication gap across multiple phases. A security program might operate an extensive tech stack but hasnt integrated the outputs to automatically measure and monitor the effectiveness of controls. Align the continuous risk management phases to your program, document how your current processes support these phases today, and prioritize pain points or disconnects that inhibit any phase.Related:3. Focus on the pursuit of value. A value is any goal, objective, regulatory requirement, or business outcome that the organization decides to pursue, such as acquiring a new company, entering a new market, or targeting a new customer segment. Value can be operational, like updating an internal process, changing critical suppliers, or maturing existing operational requirements. Value can also come from a technology initiative, such as launching a new application or service or modernizing legacy technology systems. Anchor risk management alongside and throughout the pursuit of value to establish the appropriate context, evaluate trade-offs, and support decision-making that accelerates, rather than impedes, growth, innovation, and resilience.4. Use the inflection points in the model as opportunities to accelerate governance reviews and approvals. When organizations plan a mitigation project, they might use an assessment to secure budget approval, but at this point, leaders and mitigation owners disconnect, assuming that theyll be informed if the effort is derailed. This reinforces a sunk cost scenario where controls are implemented with little regard to changing strategic or tactical situations until the end of the effort. Use the first infection point to decide which risks will be accepted or transferred -- and which will be controlled and mitigated throughout the lifecycle. Use the change management inflection point for ongoing feedback or to course-correct. Combined, the initial risk decision and ongoing change management ensure tight collaboration between stakeholders, provide assurance that the organization is managing risk acceptably, and confirm that mitigation and compliance activities fully align with the pursuit of value.Continuous risk management is conceptually simple yet requires organizations to interrogate their existing risk practices. This means thinking about which practices work well, which ones are lacking, which ones create unnecessary friction, and how technology can shift risk management to the left to accelerate business outcomes. Leave the side effects of poor risk management in the past and transform your program with a proactive solution.About the AuthorCody ScottSenior Analyst, ForresterCody is a senior analyst at Forrester covering cyber risk management with a focus on cyber risk quantification (CRQ), enterprise risk management (ERM), and governance, risk, and compliance (GRC). Prior to Forrester, Cody served as the first chief cybersecurity risk officer of the National Aeronautics and Space Administration (NASA). He holds a BA in international affairs from the George Washington University and is also a certified expert risk management framework professional.See more from Cody ScottNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeWebinarsMore WebinarsReportsMore Reports

Fully Async and RemoteOur team is 100% remote and distributed across the world. We have team members all over the world. It doesn't matter where you live or what time zone you're in.Your main responsibility will be to write high-quality technical long-form content. Documentation, tutorials, blog posts, and more. You don't need to know anything about SEO, we will take care of that. All you need to do is be an expert in WordPress and write engaging content.There is also an opportunity to create videos for our various YouTube channels.FlexibilityWe are a small team but we try to give everyone as much flexibility as possible. Flexibility means that you can work in the mornings, or the evenings, or both, or in the middle of the night, or whatever. It means you can take two weeks off to go on a trip. It means you can wake up and decide you don't feel like working and take the day off without telling anyone.ResponsibilitiesWrite, edit, and publish high-quality content written for a technical audience.Become an expert in the products you are writing about.Sometimes you will write the articles yourself. Sometimes you will write an outline and hand it off to another, less skilled writer and then edit their work. Sometimes you will simply edit articles that were outlined and written by someone else.The articles you are responsible for creating will at times requires a few days of prep and testing, gathering screenshots, deciding how to structure the article, etc.RequirementsThe only thing we really care about is the ability to write high-quality content. The more of these boxes you can tick the better, in descending order of importance:Available to work 20-30 hours per week.Flawless, native-speaker level written English. Able to explain complicated, technical topics in a simple and engaging manner.Expert-level knowledge of WordPress and its ecosystem, including but not limited to page builders, ACF, WooCommerce, and other more niche WordPress tools.You have worked in the WordPress space for many years and created and worked on many websites. You are skilled in troubleshooting, debugging, the WordPress database structure, and maybe even plugin development.At least intermediate-level PHP knowledge, with the ability to write PHP functions, create custom website components to spec, etc.Fast and hands-on learner. Able to quickly become familiar with new software and learn new things about WordPress, PHP, and related technologies.How To ApplyVisit https://www.wpallimport.com/hiring/#apply.Apply NowLet's start your dream job Apply now

This article is from The Spark, MIT Technology Reviews weekly climate newsletter. To receive it in your inbox every Wednesday, sign up here. Electricity demand rose by 4.3% in 2024 and will continue to grow at close to 4% annually through 2027, according to a new report from the International Energy Agency. If that sounds familiar, it may be because theres been a constant stream of headlines about energy demand recently, largely because of the influx of data centersespecially those needed to power the AI thats spreading seemingly everywhere. These technologies are sucking up more power from the grid, but theyre just a small part of a much larger story. Whats actually behind this demand growth is complicated. Much of the increase comes from China, India, and Southeast Asia. Air-conditioning, electric vehicles, and factories all play a role. And of course, we cant entirely discount the data centers. Here are a few key things to know about global electricity in 2025, and where things are going next. China, India, and Southeast Asia are the ones to watch. Between now and 2027, about 85% of electricity demand growth is expected to come from developing and emerging economies. China is an especially major force, having accounted for over half of global electricity demand growth last year. The influence of even individual sectors in China is staggering. For example, in 2024, about 300 terawatt-hours worth of electricity was used just to produce solar modules, batteries, and electric vehicles. Thats as much electricity as Italy uses in a year. And this sector is growing quickly. A boom in heavy industry, an increase in the number of air conditioners, and a robust electric-vehicle market are all adding to Chinas power demand. India and Southeast Asia are also going to have above-average increases in demand, driven by economic growth and increased adoption of air conditioners. And theres a lot of growth yet to come, as 600 million people across Africa still dont have access to reliable electricity. Data centers are a somewhat minor factor globally, but they cant be counted out. According to another IEA projection published last year, data centers are expected to account for less than 10% of global electricity demand growth between now and 2030. Thats less than the expected growth due to other contributors like electric vehicles, air conditioners, and heavy industry. However, data centers are a major storyline for advanced economies like the US and many countries in Europe. As a group, these nations have largely seen flat or declining electricity demand for the last 15 years, in part because of efficiency improvements. Data centers are reversing that trend. Take the US, for example. The IEA report points to other research showing that the 10 states hosting the most data center growth saw a 10% increase in electricity demand between 2019 and 2023. Demand in the other 40 states declined by about 3% over the same period. One caveat here is that nobody knows for sure whats going to happen with data centers in the future, particularly those needed to run AI. Projections are all over the place, and small changes could drastically alter the amount of energy required for the technology. (See the DeepSeek drama.) One bit I found interesting here is that China could see data centers emerge as yet another source of growing electricity demand in the future, with demand projected to double between now and 2027 (though, again, its all quite uncertain). What this all means for climate change is complicated. Growth in electricity demand can be seen as a good thing for our climate. Using a heat pump rather than a natural-gas heating system can help reduce emissions even as it increases electricity use. But as we add demand to the grid, its important to remember that in many places, its still largely reliant on fossil fuels. The good news in all this is that theres enough expansion in renewable and low-emissions electricity sources to cover the growth in demand. The rapid deployment of solar power alone contributes enough energy to cover half the demand growth expected through 2027. Nuclear power is also expected to see new heights soon, with recovery in France, restarts in Japan, and new reactors in China and India adding to a stronger global industry. However, just adding renewables to meet electricity demand doesnt automatically pull fossil fuels off the grid; existing coal and natural-gas plants are still chugging along all over the world. To make a dent in emissions, low-carbon sources need to grow fast enough not only to meet new demand, but to replace existing dirtier sources. It isnt inherently bad that the grid is growing. More people having air-conditioning and more factories making solar panels are all firmly in the positive column, Id argue. But keeping up with this breakneck pace of demand growth is going to be a challengeone that could have major effects on our ability to cut emissions. Now read the rest of The Spark Related reading Transmission equipment is key to getting more power to more people. Heres why one developer wont quit fighting to connect US grids, as reported by my colleague James Temple. Virtual power plants could help meet growing electricity demand for EVs in China, as Zeyi Yang lays out in this story. Power demand from data centers is rising, and so are emissions. Theyre set to climb even higher, as James ODonnell explains in this story from December. STEPHANIE ARNETT/MIT TECHNOLOGY REVIEW Another thing Competition is stiff in Chinas EV market, so some automakers are pivoting to humanoid robots. With profit margins dropping for electrified vehicles, financial necessity is driving creativity, as my new colleague Caiwei Chen explains in her latest story. Keeping up with climate The Trump administration has frozen funds and set hiring restrictions, and that could leave the US vulnerable to wildfire. (ProPublica) US tariffs on imported steel and aluminum are set to go into effect next month, and they could be a problem for key grid equipment. The metals are used in transformers, which are in short supply. (Heatmap) A maker of alternative jet fuel will get access to a $1.44 billion loan it was promised earlier this year. The Trump administration is exploring canceling promised financing, but this loan went ahead after a local representative pressured the White House. (Canary Media) A third-generation oil and gas worker has pivoted to focus on drilling for geothermal systems. This Q&A is a fascinating look at what it might look like for more workers to move from fossil fuels to renewables. (Inside Climate News) The Trump administration is working to fast-track hundreds of fossil-fuel projects. The US Army Corps of Engineers is speeding up permits using an emergency designation. (New York Times) Japans government is adopting new climate targets. The country aims to cut greenhouse-gas emissions by more than 70% from 2013 levels over the next 15 years and reach net zero by 2050. Expansion of renewables and nuclear power will be key in the plan. (Associated Press) A funding freeze has caused a whole lot of confusion about the state of federal financing for EV chargers in the US. But theres still progress on building chargers, both from government funds already committed and from the private sector. (Wired) The US National Oceanic and Atmospheric Administration (NOAA) is the latest target of the Trump administrations cuts. NOAA provides weather forecasts, and private industry is reliant on the agencys data. (Bloomberg)

It probably hasnt been long since you last slipped into something stretchy. From yoga pants to socks, stretch fabrics are everywhere. And theyre only getting more popular: The global spandex market, valued at almost $8 billion in December 2024, is projected to grow between 2% and 8% every year over the next decade. That might be better news for your comfort than for the environment. Most stretch fabrics contain petroleum-based fibers that shed microplastics and take centuries to decompose. And even a small amount of plastic-based stretch fiber in a natural garment can render it nonrecyclable. Alexis Pea and Lauren Blake, cofounders of Good Fibes, aim to tackle this problem with lab-grown elastics. Operating out of Tufts University and Argonne National Laboratory in Illinois, they are using a class of materials called silk elastin-like proteins (SELPs) to create biodegradable textiles. True circularity has to start with raw materials, says Pea. We talk about circularity across many industries, but for textiles, we must address what were using at the source. Engineered from recombinant DNA, SELPs are copycat proteins inspired by silk and elastin that can be customized for qualities like tensile strength, dye affinity, and elasticity. Silks amino acid sequenceslike glycine-alanine and glycine-serinegive fibers strength, while elastins molecular structure adds stretchiness. Combine these molecules like Lego blocks, and voil!at least theoretically, you have the ideal flexible fiber. An early-stage startup, Good Fibes creates its elastics with proteins from E. coli, a common bacterium. The process involves transforming the proteins into a gel-like material, which can then be made into fibers through wet-spinning. These fibers are then processed into nonwoven textiles or threads and yarns to make woven fabrics. Scaling, however, remains a challenge: To produce a single swatch of test fabric, Blake says, she needs at least one kilogram (approximately two pounds) of microbial material. The fibers must also be stretchy, durable, and resistant to moisture in all the right proportions. Were still solving these issues using various chemical additions, she says. For that reason, shes also experimenting with plant-based proteins like wheat gluten, which she says is available in larger quantities than bacteria. Timothy McGee, a biomaterials expert at the research lab Speculative Technologies, says manufacturing is the biggest hurdle for biotextile startups. Many labs and startups around the world successfully create recombinant proteins with amazing qualities, but they often struggle to turn those proteins into usable fibers, he says. One Japanese biomaterials company, Spiber, opened a commercial facility in 2022 to produce textiles from recombinant E. coli proteins using a fermentation process the company first developed in 2007. The following yearafter 16 years of prototypingThe North Face, Goldwin, Nanamica, and Woolrich became the first mass-market brands to sell garments using Spibers protein-based textiles. Good Fibes wants to do the same thing, but for stretchy fabrics. The company recently began experimenting with nonwoven versions of its textiles after Pea received a $200,000 US Department of Energy grant in 2024. The most popular nonwoven materials are those used in paperlike products, such as surgical masks and paper towels, but Pea envisions a softer, stretchier version thats almost more like a lightweight felt. She used the grant to buy the companys first 3D bioprinter, which arrived in January. With it, shell begin patterning nonwoven swatches. If its successful, McGee predicts, a nonwoven stretch fabric could be a more scalable option than wovens. But he adds: Nonwovens are not very structural, so theyre usually not very tough. The challenge [Good Fibes] will need to show is what level of strength and toughnessat what size and scalecan they produce, and at what cost? With additional funding, Pea and Blake plan to develop both woven and nonwoven textiles moving forward. Meanwhile, theyve already forged relationships with at least one major athletic apparel retailer eager to test their future fabric samples. Theyre like, When you get a swatch, send it to us! Blake says, adding that she believes Good Fibes will be ready to commercialize in two years. Until then, their fashion innovation will continue taking shape in the lab. As Blake puts it: Were thinking big by thinking smalldown to the molecular level. Megan DeMatteo is a journalist based in New York City.

Newport Active Travel Bridge by GrimshawSource: Hufton + CrowNewport Active Travel Bridge by GrimshawSource: Hufton + CrowHafod Morfa Copperworks Distillery & Visitor Centre by GWP Architecture & Archer HumphryesSource: Taran WilkhuHafod Morfa Copperworks Distillery & Visitor Centre by GWP Architecture & Archer HumphryesSource: Taran WilkhuCroes Fach by Hall + Bednarczyk ArchitectsSource: Matt CantDelfyd Farm by Rural OfficeSource: Building NarrativesDelfyd Farm by Rural OfficeSource: Building NarrativesNyth by Manalo & WhiteSource: Morgan ODonovanNyth by Manalo & WhiteSource: Morgan ODonovan1/9show captionFive projects including a railway bridge by Grimshaw have been shortlisted for the Royal Society of Architects in Wales (RSAW) Awards 2025.Grimshaws Newport Active Travel Bridge is joined on the list by a transformation of a Victorian power facility into a whisky distillery by GWP Architecture and Archer Humphryes and the conversion of a church into a Welsh language theatre by Manalo & White.The shortlist is rounded off by a pair of family homes in the Welsh countryside by Hall + Bednarczyk Architects and Rural Office.RSAW jury chair Ian Chalk, director of Ian Chalk architects, said: This years shortlist features a diverse range of projects - widely dispersed across North and South Wales, from Bangor to the Gower Peninsular - set within both rural landscapes and urban centres.Ranging from domestic extensions to a community arts centre and a distillery, each project shares a common thread - to think beyond the immediate confines of the site boundaries and enrich the lives of the people and places which they inhabit.All five shortlisted projects will be visited by a regional jury before a winner is announced later this spring.The winning scheme will then be considered for several RIBA Special Awards, including the RIBA Sustainability Award and RIBA Building of the Year, before being considered for a RIBA National Award, which will be announced in summer.The shortlist for the RIBA Stirling Prize will be drawn from the RIBA National Award-winning projects and announced in September, with a winner to be announced in October.The full RSAW Awards shortlistCroes Fach by Hall + Bednarczyk ArchitectsDelfyd Farm by Rural OfficeHafod Morfa Copperworks Distillery & Visitor Centre by GWP Architecture & Archer HumphryesNewport Active Travel Bridge by GrimshawNyth by Manalo & White

Apple released iOS 18.3 in January, and that update brought some bug fixes to all iPhones. But when Apple releasediOS 18in September, the company made it easy to keep your Notes app more organized with collapsible sections.There are other ways to keep Notes organized, like with tags, but those usually apply to the whole note and not the content with the note. With collapsible sections, you can keep the content within individual notes organized and tidy so you can easily find what you're looking for.Read more:iOS 18 Brings These New Features to Your iPhoneHere's how to create collapsible sections in Notes to keep the app organized.How to create collapsible sections Tap the gray arrows on the left side of the screen to collapse and expand sections. Apple/CNET Upgrade your inbox Get cnet insider From talking fridges to iPhones, our experts are here to help make the world a little less complicated. 1. Open Notes.2. Tap the new note button the square with a pen in the bottom right corner of your screen.3. Add a title to the note, like weeks of the month.4. Tap the Aa in the toolbar across the top of your keyboard. You might have to tap the plus (+) sign over the top right corner of your keyboard to open the toolbar.5. Tap Heading or Subheading to name your sections, like the days of the week.6. Fill out information under your headings and subheadings.7. Tap the space just in front of your headings or subheadings, and a down arrow will appear to the left of them.8. Tap that arrow and everything under the heading or subheading will collapse.It's important to note that headings won't collapse into each other, and same with subheadings and titles. But if you put a subheading under a heading, the subheading can collapse into the heading. And everything will collapse under a title if there's more than one title in a note.Now you can keep your Notes organized and tidy. I've used the feature to keep track of my work week, as well as meetings, that way I can easily look back on what I was working on earlier in the week or remind myself what I have upcoming in the week.For more on iOS 18, here's what you need to know aboutiOS 18.3.1andiOS 18.3. You can also check out ouriOS 18 cheat sheet. Watch this: Apple's Vision Pro Problem, Zoox Taxicab Confessions and more | Tech Therapy 28:24

When is the 4 Nations Face-Off final between USA vs. Canada?Thursday, Feb. 20, at 8 p.m. ET (5 p.m. PT).Where to watch Team USA vs. Canada?The game will air on ESPN and stream on ESPN Plus. See at ESPN Plus Championship game for $11 per month ESPN Plus See at ESPN Plus See more details See at Sling TV Carries ESPN for $46 per month Sling TV See at Sling TV See more details See at YouTube TV Carries ESPN for $83 per month YouTube TV See at YouTube TV See more details See at Hulu Carries ESPN for $83 per month Hulu Plus Live TV See at Hulu See more details See at Fubo Carries ESPN for $85 per month Fubo See at Fubo See more details See at DirecTV Stream Carries ESPN for $87 per month DirecTV Stream See at DirecTV Stream See more details See at ExpressVPN Best VPN for streaming ExpressVPN See at ExpressVPN See more details Table of Contents Hockey fans are getting what they wanted: a rematch between the US and Canada in the NHL's 4 Nations Face-Off final. Team USA won the round-robin match-up between the two hockey rivals that featured three fights in the first 9 seconds of the game. Now, the two will meet again for the championship of the 4 Nations Face-Off tournament, which is taking the place of the NHL All-Star game this year.It's the first time since 2016 that the two nations have played in a "best-on-best" international tournament with NHL players, and the rivalry certainly hasn't cooled over that time. The first, fisticuffs-filled game between the US and Canada was played in Montreal in front of a raucous Canadian crowd, but the rematch will be played on American ice. The final is set for TD Garden in Boston.The puck (and gloves?) drop for the rematch between Team USA and Canada tonight at 8 p.m. ET (5 p.m. PT) on ESPN and ESPN Plus. USA and Canada will renew their intense rivalry in the final of the 4 Nations Face-Off tonight on ESPN and ESPN Plus. Minas Panagiotakis/Getty ImagesHow to Watch Canada vs. USA in the 4 Nations Face-Off finalAll five major live TV streaming services in the US include ESPN for the championship game. You could also use the ESPN Plus streaming services to watch the game.In Canada, the game will be broadcast in English on Sportsnet (SN) and in French on TVA Sports (TVAS). Sarah Tew/CNET ESPN Plus costs $11 a month (or $110 a year) and will show the 4 Nations Face-Off final between the US and Canada.Read our full review of ESPN Plus. See at ESPN Plus Sling TV/CNET Sling TV's Sling Orange plan costs $46 a month and includes ESPN. Read our Sling TV review. See at Sling TV Sarah Tew/CNET YouTube TV costs $83 a month and includes ESPN. Right now, the first six months are discounted to $70 a month. There is a 10-day free trial. Read our YouTube TV review. See at YouTube TV Hulu Plus Live TV costs $83 a month and includes ESPN. Read our Hulu with Live TV review. See at Hulu Fubo Fubo's Essential plan costs $85 a month and includes ESPN. Fubo is currently offering the first month for $60. Read our Fubo review. See at Fubo Directv stream DirecTV Stream's basic $87-a-month plan includes ESPN. Read our DirecTV Stream review. See at DirecTV Stream All of the live TV streaming services above allow you to cancel anytime and require a solid internet connection. Looking for more information? Check out ourlive TV streaming services guide.How to Watch Canada vs. USA in the 4 Nations Face-Off final with a VPNIf no convenient opportunities exist to watch the game where you live, then using a VPN with US-based server should provide access to the ESPN broadcast. With a VPN, you're able to virtually change your location on your phone, tablet or laptop to get access to the game. So if your internet provider or mobile carrier has stuck you with an IP address that incorrectly shows your location in a blackout zone, a VPN can correct that problem by giving you an IP address in your correct, non-blackout area. Most VPNs, like ourEditors' Choice, ExpressVPN, are very easy to use.Using a VPN to watch or stream sports is legal in any country where VPNs are legal, including the US and Canada, as long as you've got a legitimate subscription to the service you're streaming. You should be sure your VPN is set up correctly to prevent leaks: Even where VPNs are legal, the streaming service may terminate the account of anyone it deems to be circumventing correctly applied blackout restrictions. ExpressVPN isour current best VPN pickfor people who want a reliable and safe VPN, and it works on a variety of devices. It's normally $13 a month, but if you sign up for an annual subscription for $100 you'll get three months free and save 49%. That's the equivalent of $6.67 a month.Note that ExpressVPN offers a 30-day money-back guarantee. See at ExpressVPN USA 4 Nations Face-Off schedule and resultsThe USA punched its ticket to the final by beating both Finland and Canada in its first two round-robin games. It lost to Sweden in a game that didn't factor into the standings.Canada 4 Nations Face-Off schedule and resultsCanada needed a win in its final round-robin game against Finland to earn a rematch against the US in the final.USA vs. Canada 4 Nations Face-Off oddsThe Americans are slight favorites in the final. Here are the latest odds, according to Fanduel.Puck line: USA (-1.5 at +235), Canada (+1.5 at -300)Moneyline: USA (-110); Canada (-110)Over/under: 5.5 goals

Obsidian's modest ambition with Avowed is just what Game Pass, Xbox, and the wider industry needs - but will Microsoft let them stick to it?Keeping Grounded.Image credit: Eurogamer Opinion by Chris Tapsell Deputy Editor Published on Feb. 20, 2025 I'm having a lovely time in Avowed, a game about bonking little lizard men on the head, skipping through classic, florid fantasy countryside, and walking up to NPCs to receive vast dumps of expository dialogue. It's a game that's less interested in doing something radical with the structure - this is a pretty straight-ahead, sword-n-spells, skill-and-dialogue-tree action adventure - than it is the sheer vividity of its delivery.Avowed is vibrant and alive, a game made with a kind of committed, full-hearted dedication to a simple, clear idea, and to then just doing it right. As evidenced by all the small, playful or just downright sensible twists on the basics - from a function that lets you pause mid-conversation to look up who or what exactly the latest proper noun is, to just a well worded explanation of shader compilation before the game itself starts. In fact the only thing that's been nicer than playing a bit of Avowed, over the past week, was hearing what its developers at Obsidian had to say about making more games like it.Get a load of this: the studio just wants to make games on the assumption they will be a "mild success"; it wants to do that at a pace of releases that is "not rushed, but often"; it wants to maintain its team's institutional knowledge by having "the lowest turnover rate in the industry"; and it is "not trying to grow aggressively, expand our team size, or make super profitable games".To see this content please enable targeting cookies. Alternatively, as Jim puts it: Avowed is the antidote to live service slop.Watch on YouTubeThis is all from a somewhat scantly reported PC Gamer article, based on Obsidian bosses Marcus Morgan and Justin Britch's talk at the DICE Summit last week, which Eurogamer didn't attend - so fair warning we are missing some wider context here. Morgan might've said all that and then immediately taken it back, after, say, locking eyes with a lurking Satya Nadella. Who could, for all we know, have been standing at the back of the room miming a big "snip, snip" motion with a pair of comedy-sized scissors.But taken at face value, this kind of chatter is incredibly refreshing, if for no other reason than the sheer sensibleness of it. Releasing games of broadly the same scope and ambition, at a reasonable pace, with reasonable expectations for their success, and in doing so hoping to retain and build your staff's expertise so you can maintain that reasonable success over time, is a philosophy at odds with almost the entirety of this industry (or at least with its leadership). We know that because we're still in the middle of two years and counting's worth of brutal, relentless layoffs, even at the studios behind games that have done incredibly well.In actuality, this kind of sentiment has been voiced before. More or less any developer you speak to in person will tell you as much, but you also just have to look at Larian, Obsidian's cousins in developing excellent, writerly RPGs, as an example. This time last year its boss, Swen Vincke, was on stage collecting one of many, many awards for Baldur's Gate 3 when he railed against the exact same short-termism. "Greed has been fucking this whole thing up for so long, since I started," he said. "I've been fighting publishers my entire life and I keep on seeing the same, same, same mistakes over, and over and over."It's always the quarterly profits," he continued, "the only thing that matters are the numbers, and then you fire everybody and then next year you say 'shit I'm out of developers' and then you start hiring people again, and then you do acquisitions, and then you put them in the same loop again, and it's just broken"He echoed that in an interview with Eurogamer, a few days later: "I know it's being looked at in an Excel file, right, and the person that makes a decision with that Excel file does not understand what they just lost. And it's going to cost them way more, long term - they just don't realise it yet. But it will cost them a lot. I'll give you an example: I heard of a group of technical artists being fired. I can tell you, I'm a developer: if you fire your Technical Artist, you're an idiot anyway, we're hiring them to come work for us."Perhaps the most relevant point here is the one about Vincke saying all this while collecting yet another award. This way lies success! And Xbox, proud owner of Obsidian, is in dire need of a few development success stories. Really, Avowed is just the ticket. In business terms for one - a game of moderate scope, that can be turned around in moderate time (depending on your definition of "moderate" - Avowed was first teased way back in the summer of 2020), and be mildly successful for a catalogue offering that depends on exactly that. And a game that comes from a stable developer that has room to flex its creative muscles, to tinker and noodle on the side with such wonderful results as Pentiment, as well as chipping away at Avowed and another The Outer Worlds game at once. Any excuse to mention this absolute gem.It's also just what Xbox needs because it is a good first-party video game, and not one from an ailing franchise of the 360 era. It's a game with personality and soul, with a beating heart of invention and storytelling behind it. With, in other words, a team that has clearly worked together before, which knows what it wants, what works, or how they really ought to work by now. It's a game defined by attention to little details - how its secrets are hidden and breadcrumbed, how its world feels bright and beating with positive energy, how your mace lands with a tasty little hit-pause or spells crackle and snap like a whip from the end of your wand. The closest analogy I have for it, of all games, is really Helldivers 2. Not because its mechanics are even remotely similar, but because that was another game defined by the kind of medium scope and expert, long-running development team that gives lie to this kind of incredible luxury - clear ideas, distinct personality, craft.The question now is whether Xbox, or really Microsoft, can tolerate this kind of sensible thinking. Just yesterday we got another baffling announcement from the company about generative AI, this time in the form of Muse, which may or may not be remotely useful to actual development - and may or may not be another announcement, after a near equivalent from Google in its Genie tool last year, designed purely to appease that great stock ticker in the sky.But there are, actually, some quite promising signs. Grim as it may be to chalk this one up as a win, it's worth noting that many expected a rough ride for Xbox studios such as Ninja Theory after the release of another mid-sized entry in Hellblade 2. Likewise, the other day Phil Spencer came out and made some very encouraging noises about Everwild, another long-dormant venture - and perhaps folly - from another studio of British veterans. "It has been [a while]," he said, referring to its nearly six years and counting since the first reveal. "And we've been able to give those teams time in what they're doing, which is good, and still have a portfolio like we have It's like a dream that Matt [Booty] and I have had for a long time, so it's finally good to be there. We can give those teams time."The problem of course is that Xbox's bosses have made lots of encouraging noises before - as we've already argued before as well. There's a good chance the cuts and the short-termism are out of their hands anyway, a symptom of the publicly-traded system at large, in which video games continue to have no real place. "Are we serious? Yes," Obsidian's Marcus Morgan reportedly said in that talk, of its stated 100-year goal for longevity. And, cor. Imagine this. Imagine a world where their ultimate owners were just as serious too.