Category: Technology

SEO AND AI – Today

While writing another piece about the future of AI and Large Language models for our blog, it hit me: I need to address today’s realities more. So here is a piece on what we have on the relationship between SEO and AI, today.

Even though AI models like ChatGPT are exceptional at generating statistically likely text, there may be better choices for creative storytelling. However, AI-generated content serves a valuable purpose in functional content creation, which can benefit industries such as e-commerce, reference materials, and more.

To effectively utilize AI-generated content, consider the following action plan:

    1. Identify functional content requirements: Understand the applicable content AI can efficiently generate, such as data-driven reports, event summaries, FAQ sections, how-to guides, news aggregation, job listings, legal documents, technical documentation, and directory listings. There are certain content types that AI excels at, and we recommend that you limit your functional content to the following:
        • Data-driven reports
        • Event summaries
        • FAQ sections
        • How-to guides and tutorials
        • Compiling and summarizing news
        • Job listings
        • Legal and policy documents
        • Technical documentation
        • Directory listings
    2. Kickstart large-scale content projects: Leverage AI-generated content to quickly create a critical mass of content for projects like recipe collections or travel guides. Building on AI content can help you reach your content goals more rapidly while maintaining quality through proper SEO and content management practices.
    3. Optimize keywords with AI: Use AI like ChatGPT to explore alternative keywords, questions, or concerns related to your content and rewrite sections accordingly. Using AI to optimize your long-chain keywords will help ensure your content is more engaging and relevant to your target audience.

For example, we worked with a startup founder to successfully use ChatGPT to generate his pitch outline to present his platform, resulting in a significant increase in interest and, finally, his crucial customer’s adoption of his platform.

In summary, to create a cohesive thought and action plan, you should focus on:

    • Identifying the correct type of content for AI-generated content creation
    • Utilizing AI-generated content to kickstart large-scale projects
    • Employing AI for keyword optimization and audience engagement

By following this action plan, you can make the most of AI-generated content to enhance your content strategy and achieve your goals.

The Future of SEO and Virtual Agents

This article is the fourth installment in our series discussing search and the increasing influence of artificial intelligence (AI) on the future of SEO (Search Engine Optimization). This installment delves into the evolution of the search function, the Intelligent Agents, and the interaction of goal-oriented search, Virtual Assistants (VA), end-users, and businesses.

The future of SEO means shifting to L2O.

Artificial intelligence is changing how we interact with the digital world. Soon, AI Assistants will collect and act on massive amounts of data on our behalf.  These assistants will force drastic changes in the search and search display definition.  In many instances, making the act of searching nearly undetectable. However, we have not reached the utopian society depicted in 24th-century Star Trek. So, the creators of these VAs will devise ways to keep their systems updated with the latest information. The updated content will be retrieved from public content.  The fresh content will be selected with a new type of SEO, L2O.

Virtual Assistant and the Future of Search

With the rapid advance of AI, bots can quickly process, analyze, and synthesize data and take action. Bots are transforming from our knowledge engines to our Virtual Assistants (VA). VAs predict our needs, desires, and preferences with unprecedented accuracy and will affect desired results. So, instead of googling and using phones or browsers, we interact with our VAs, state our goals, and watch it complete the task.

The shift towards proactive, predictive and personalized search will have profound implications for how we experience the internet. Traditional search engines will be replaced by AI Agents(1). The AI will operate seamlessly in the background, and take appropriate action for its user.

The Future of SEO craft

The need for a new approach to search engine optimization is apparent as the web is increasingly driven by AI. L2O, or LLM Optimization, ensures that AI-powered systems can easily access, understand, and use the latest information.

L2O helps optimize the content and improve the compatibility between human-generated content and the AI systems that will increasingly dominate our online experience. The future of SEO involves creating content easily digestible by AI systems and developing strategies to ensure that the most relevant and up-to-date information is readily accessible to these platforms.

If you own a Moroccan restaurant, you want to provide detailed dynamic content about the ambiance, experience, quality, availability, and the menu. Then when a VA tries to find the best North African Cuisine in Los Angeles, you are available. Finally, combined with your reviews and social information, the VA makes an informed yet biased decision and makes a reservation at your restaurant.

The future of SEO is about biasing the VAs rather than actively increasing the traffic to a website. But here is the funny thing, L2O involves most of the components of today’s SEO.

One key component of L2O involves creating structured data that AI systems can quickly process and interpret. L2O will include using metadata, semantic markup, and voice search optimization that help AI systems understand the context, the flavor, and the meaning of content more effectively. L2O also emphasizes the importance of maintaining a robust online presence through regular updates, high-quality content, and strategic partnerships with other reputable sources of information.

Challenges and Opportunities

Several challenges exist as we move toward a future where Virtual assistants dominate(2) the web. For one, the increased reliance on AI may exacerbate existing inequalities and social biases, as AI systems may be more likely to favor the freely available content overload from established or well-funded sources.

VAs may prove far more gullible because of the upcoming data privacy limitations. Social bias, knowledge overload, and data privacy concerns could limit the diversity of information available to the VAs and easily allow for Black Hat techniques.

However, the evolution of SEO to L2O presents numerous opportunities for businesses, content creators, and individuals. By embracing L2O strategies, organizations can position themselves at the forefront of this new digital landscape, ensuring that their content remains visible and relevant in the age of AI-driven search.

The rise of AI-powered Assistant Artifacts signals a fundamental shift in how we interact with the digital world. As search becomes increasingly predictive and personalized, the importance of L2O as a means of optimizing content for AI systems will only continue to grow.

By understanding and embracing this new paradigm, we can ensure that the internet remains a rich and diverse source of information, even as we navigate the uncharted territory of an AI-driven future.

Dream Warrior Group, a Los Angeles Based web design and digital marketing Company, providing solutions for your online marketing needs. Our expertise includes Search Engine Optimization (SEO), Social Media Posts & Marketing & Google PPC campaigns.  Call us now at 818.610.3316 or click here.

 

1- CMS Wire, What to Expect From the Future of Virtual Agents, Andie Burjek, 02/24/23

2- Data Driven Investor, AI Agent Companies, Harsha Angeri, 04/06/23

Cybersecurity and the Arts

Working in the arts, DWG sometimes hears that they don’t need all of the security standards of large corporations. I am reminded of a non-profit executive telling me awhile back that they don’t need to be like the Pentagon when we recommended a two factor authentication system. This article was inspired by a genuine concern that many art organizations may not be fully aware of the consequences of the slippery security slope.  Our hearts sank as we heard of The Met’s ordeal and our minds were outraged.  DWG does not know the exact cause of The Met cyberattack so this is not meant to be in any way derogatory to the wonderful folks at The Met. References and articles are included below.

Beginning on December 6th, 2022, hackers started the process of breaching the Met Opera’s information infrastructure. By December 7th, a cyber attack against The Metropolitan Opera in New York was well underway. The attack affected the opera’s network systems, including its internal network, website, ticketing server, box office, and phone center. The Opera’s website was restored eight days later, on December 15.

During this period, the opera continued its performances, and the Lincoln Center for the Performing Arts supported ticket sales until the Met could recover from the attack (Kudos Lincoln Center!). While the exact magnitude of the damage has not been disclosed, the stoppage in ticket sales effected revenue. According to Peter Gelb, The Met’s general manager, the opera earns roughly $200,000 in ticket sales per day throughout this season. Because the malware impeded the opera’s ability to sell tickets, seats were temporarily sold for $50 on the Lincoln Center for the Performing Arts website.

The cyber attack on the Met is far from the first on a cultural institution. In 2019, ransomware attacked the Asian Art Museum in San Francisco. In 2020, hackers obtained access to personal information from hundreds of cultural institutions and NGOs.   I’m sure you all have heard plenty of stories of hacks and cyberattacks.

Hackers do not care whether a business is a Fortune 500 company, a small business, or not-for-profit cultural institution like The Met, all these institutions still make transactions and hold their customers information.

A month after the attack on Met Opera, the attackers have yet to be identified, but The New York Times underlined the opera’s vocal support for Ukraine amid the ongoing Russia-Ukraine conflict.

But whatever the motivation and tactics, the cyberattack on the Met should serve as a wake-up call to other cultural organizations. Anyone could be a target. “I usually warn clients that everyone, regardless of size or sector, is a target. It should not take an occurrence like this to wake up other cultural institutions to the fact that they are in grave danger,” says Richard Sheinis, partner and head of data privacy and cybersecurity at full-service legal firm Hall Booth Smith.

Cultural organizations, like performing arts centers, theaters, and museums, are typically attractive targets for cyberattacks since they may not always have the time, money, skill-set, or up-to-the-minute understanding to build a good cybersecurity strategy. Unlike many for-profit organizations, which are victims of zero-day* vulnerabilities, the bulk of security breaches in smaller enterprises and most non-profits are caused by preventable flaws in human/device interaction. The untold story of cybersecurity is how criminals leverage the imperfect nature of humans to further their own goals.

Finding funding for cybersecurity is often difficult at a non-profit but it is a worthy investment.  A good security posture today, can save hundreds of thousands later, but many people are hard pressed to believe that it could happen to them. Furthermore, many cultural institutions are still striving to recover from the COVID-19 pandemic and are not in a position to embrace the additional concerns brought about by cybersecurity.

So, bringing cybersecurity to the forefront in a cultural institutions is the first critical step. Subsequent evaluation of the infrastructure, and investment in prevention, detection, and response can help lower the likelihood of cyber attacks while also mitigating the damage of an attack if one occurs. It is always recommended that the evaluation phase be done by in-house IT team, then if company lacks the means to retain in-house cybersecurity personnel, it can turn to third-party cybersecurity firms.

Please remember until you get a cybersecurity firm to help:

  • Layered firewalls (one from your service provider, one for your institution, and if you are running your ticketing server in-house, one more for that)
  • Separation of subdomains for internal and external networks,
  • SSL
  • Two-factor authentication
  • And for goodness sake, we recommend your site should not be on the same operating system as your ticketing server (if one is on windows, the other should be on Linux) – make the hackers work more difficult (hardening). If they are the same, security should be monitored in real-time.

* The term “zero-day” refers to newly found security flaws that hackers can exploit to attack systems. The term “zero-day” alludes to the fact that the vendor or developer only recently discovered the fault, implying that they have “zero days” to repair it. A zero-day attack occurs when hackers exploit a weakness before engineers have time to fix it.

~Nami

Posted by The Met:

“After suffering a cyberattack that temporarily impacted our network systems, we’re pleased to announce that the Met is now able to process ticket orders through our website and in person at our box office. Based upon our ongoing investigations into the recent cyberattack, we would like to reassure our customers that ticketing customer data, including credit card information used when purchasing tickets, has not been stolen. We do not keep credit card information in the systems that were affected by the cyberattack. Thank you for your patience.”

Links:
https://www.nytimes.com/2022/12/07/arts/met-opera-cyberattack-website.html
https://www.reliasmedia.com/articles/commonspirit-ransomware-attack-holds-lessons-for-cybersecurity
https://amicusmsp.com/human-interaction-is-key-to-successful-cyberattacks/

 

Risk Management and the Arts

Risk Management and security are one of if not the biggest issue facing art organizations today. Unfortunately, it is not just because it may prove daunting but because it is rarely taken seriously within the organization until trouble arises.

Gone are the days when acquiring a HiTrust Certification, SOC2 type 2 auditor’s report, or an ISO 27001 accreditation was enough to defend your firm appropriately. Many seasoned practitioners knew that such a milestone was never a reliable indicator of an organization’s security posture or maturity. And it appears that the rest of the world has finally caught on.

The security threat environment is expanding in tandem with legislative and governance needs. Attacks have become more numerous and sophisticated, the number of attack channels has increased, the attack surface for businesses has increased substantially, and the complexity of our digital footprint has increased even further. In addition, the severe shortage of qualified and available workers to fill security tasks, including Governance, Risk, and Compliance (GRC), compounds the problem.
In short, GRC leaders face numerous hurdles in today’s firms. Yet, surprisingly, I hear little talk regarding the most efficient ways to run a modern GRC or risk management program. Because each firm is unique, there may be a variety of answers. There are, nevertheless, methods for modernizing your procedures.

  • Do you have a Risk Management Program in place?
  • How are you currently managing risk?
  • Why has technology changed so dramatically while GRC programs have remained the same?
  • Is there a more efficient way to manage today’s modern GRC program?

Before we begin discussing possible solutions, let’s review the basics:
Governance refers to an organization’s statutory or contractual obligations regarding security, risk, and privacy objectives. Noncompliance can result in severe fines and even criminal prosecution in some situations.
Risk refers to managing risk within an organization, focusing on security and privacy standards.

However, this merges with Enterprise Risk Management. Enterprise risk management (ERM) is detecting, analyzing, and treating a company’s risks based on an ongoing assessment by executive management. ERM includes examining the company’s exposures in financial, credit, fraud, strategic, and operational problems.

Compliance refers to an organization implementing security and privacy controls to meet governance standards and decrease risk. Internal and third-party external audits are a significant component of compliance.
My personal experience is firmly rooted in the NPO space, having spent the last 20 years helping many of our art clients with their IT audit and compliance. Based on that, I have some thoughts.

The sheer number of regulatory requirements a modern NPO must meet can be overwhelming. Similarly, managing organizational politics in an NPO is challenging, both for and against risk containment. Security, particularly GRC, has typically been viewed as a cost center rather than a value generator. And as I have stated in previous conversations, seen as a barrier to creativity.

Personnel shortages and burnout are at an all-time high, compounding the problem. According to industry analysis, this gap will continue to increase in the near term and will be a concern for quite some time.
Every day, we hear about one breach or another, and everyone is trying to move towards a more secure posture. However, these areas have financial consequences and criminal prosecutions due to a lack of monitoring and care.

In today’s environment, the message is clear: No matter what problems companies face, they must reasonably preserve the security and privacy of the data.

Running a Risk Management Program

A comprehensive alignment among the leadership is required to establish a more sustainable and scalable approach. Accepting “growing pains,” the additional initial costs, and facilitating cross-organizational working groups are all part of this. Everyone benefits from this arrangement, and key stakeholders must understand how they may help so that they can passionately buy in and be change champions.

To start the process, you must determine what regulatory obligations your firm should meet. The correct response would be, “Ask your auditors when they come in,” however, most auditors assign their most junior, fresh off-the-robe (just out of college) individuals to manage in-house audit interactions. So your best bet is for your Finance Officer to call one of your audit firm’s senior partners and obtain a summary of the regulations you must follow.

After defining the requirements, the hard work can begin, which begins with a thorough understanding of the organization’s environment. For example, what people, procedures, and technology does the organization have? What is the organization’s culture? What is the organization’s risk tolerance?

What is the organization’s risk tolerance? If you can’t answer these questions, you can’t assess compliance adequately. During this phase, we are attempting to piece together several essential views of the organization:

  • Purpose, vision, and operational needs
  • Lines of business
  • Organizational Structure
  • Key business processes
  • The digital and physical footprint
  • Assets
  • Data processing and storage

Traditionally, there are numerous emails, direct messages, and meetings. As a result, all parties involved experience duplicative manual processes, exhaustion, and dissatisfaction. It’s simple to “drop the ball” or “miss the mark” on even the tiniest of tasks in the traditional way.

You will need a SecOp person to gather the data and get the closest approximation of the organizational reality. This person must have sufficient power to assemble and distill the information for executive review.

SecOps is a relatively new concept that refers to security functions collaborating with DevOps teams (Development and IT) early and frequently and incorporating “paved roads” with “guardrails” into the process.

The teams that are continually maintaining the environment, deploying updates, and keeping the “lights on” are the stars of the show here (DevOps), and it is critical for modern GRC teams (SecOps) to collaborate and integrate with these teams. The most vital connection to cultivate for a modern GRC practitioner wanting to update their program is this one. Cross-training between GRC experts and technical teams is required. Both groups can be experts in the other’s field but must grasp how things function.

Gaining a rudimentary awareness of what tools and processes are in use with DevOps offers significant returns. When we understand how these tools interact, we benefit all parties involved. Therefore, in addition to our personal growth and development, we must teach these technical DevOps teams the fundamentals of GRC. The idea here is to keep it simple; just as a GRC practitioner can’t master complex deployment and troubleshooting, neither should our DevOps teams be expected to lead an audit.

At the very least, the audit should address any commerce, ticketing, change management, and collaboration systems utilized in the teams. A modern GRC practitioner benefits immensely from working with the tools that DevOps teams are already using. Working with DevOps provides those practitioners with the ideal perspective for evaluating organizational security and, as a result, compliance with your criteria.

At the same time, the DevOps teams need to gain an understanding of the following:

  • The forces influencing framework or standard requirements
  • The distinction between completing a requirement and meeting the requirement’s intent
  • How and why must we manage requirements from many frameworks and standards?

What happens during the audit process, why do we gather evidence, and what efficiencies can we put in place to make evidence collecting more consistent, trustworthy, and less impactful on engineering teams
Moving to the system(s) of the record is the final key in this method. Individual file sharing is a formula for disaster.

Can you envision a modern sales team organizing their activities through spreadsheets rather than a sophisticated Customer Relationship Management (CRM) system?

Certainly not! So, why do we handle our GRC initiatives in this manner regularly? First, however, it is critical to note that there will likely not be a single system of record. That is why your GRC software must integrate with other sources of a critical system of record.

Critical systems to integrate include change management systems, asset management systems, document management systems (for rules and procedures), and ticketing systems.

In short, make sure your IT and development crew know their systems, bring in an outside security person to lead the SecOps effort, and keep complete records of every process, discovery, and solution.

Sources:
GRC: The Definitive Guide (https://riskonnect.com/resources/grc-guide/)
THE ESSENTIAL GUIDE TO GRC (https://tallyfy.com/guides/governance-risk-management-compliance-grc/)
Risk and compliance management made easier (Hitrust- MyCSF)
(https://hitrustalliance.net/documents/mycsf/mycsf_information/MyCSFRiskAndComplianceManagement.pdf)

Behnam Ataee, DWG CTO, has completed the HITRUST CSF Assurance Program certification. Certified HITRUST CSF professionals can deliver simplified compliance assessments and report for HIPAA, HITECH, state, and business associate requirements.

Search Optimization Changes: Artificial Intelligence and Search Engines – Part 2

In my previous article, I promised more specifics regarding the steps you can take to improve your search optimization for the age of AI. The funniest part of the whole process has been the repetition.

For the past several years, I have been describing  Google’s shift towards better, more accurate search results. Currently Google Search algorithm seems to contain everything desirable for an AI-driven search optimization.

So, unlike my conclusions in 2021, and early 2022, they were most likely thinking about more than just accuracy. It appears that Google’s data engineers were also thinking about AI and the future of search.

The coming 18 months AI will permanently change how search engines employ and interact with us to rank content. Artificial intelligence has already altered the SEO environment, but we should expect more substantial developments in the coming months. There will be more frequent Google SERP updates as Google fends off other search engines trying to gain market share.

Here are some of the expected effects of these changes:

Voice search will become increasingly significant.

Voice search is getting more popular as smart speakers, and other voice-activated devices become more widespread. As AI advances, we should expect search engines to understand the natural language better. Such improvements mean that content authors must optimize their content for voice search by utilizing conversational language and focusing on answering particular inquiries that consumers may have. To gain more insight, refer to our article on Voice optimization.

Natural language processing (NLP) will become pervasive.

The use of NLP helps search engines grasp the intent underlying the search request far more clearly than today. Search engines should interpret natural language far better as AI advances. Extensive use of NLP means that content providers must concentrate on producing high-quality, natural-sounding information that answers particular issues that users may have.

The importance of user experience will be greater than ever.

As search engines improve their knowledge of user intent, they will likewise enhance their ability to measure user experience. As a result, page load speed, mobile friendliness, and ease of navigation will become even more vital for SEO. Therefore, content providers must produce material that answers user inquiries and creates a positive user experience.

Technical SEO will be even more critical.

Technical SEO (efforts that focus on enhancing the technical features of websites) will become increasingly important. Search engines will incentivize site owners to produce better user experiences: more robust UX will result in higher rankings on search engine results pages (SERPs). As technical SEO continues to influence the user experience—and searchers’ expectations rise—technical SEO will continue to be one of the most critical factors for organizations to consider when developing their overall SEO strategy and investments.

Personalization will become more critical.

Artificial intelligence (AI) already helps tailor search results based on user behavior and interests. However, personalization will play an even more significant role in SEO. Content makers will need to focus on developing material that is targeted to specific audiences and takes characteristics like location, device, and search history into account. Increased personalization also means a greater need for second and first-party user data gathering.

Visual search will become increasingly prevalent.

Visual search is currently a popular feature on several search engines, and we anticipate it to become considerably more ubiquitous in the next 18 months. In addition, as AI advances, search engines will better detect images and videos. Therefore, visual content optimization (for search) by employing descriptive filenames, alt tags, and captions will be vital.

SEO will see an increase in the use of video marketing.

The coming year will undoubtedly be the year of video. Companies will put out more video content as they seek to garner audiences on more visual and video-based platforms, such as TikTok and Instagram; at the same time, more video and content teams will use search data to guide their tactics. This transition will also benefit people in Google’s ecosystem, as searchers pay more attention to video results.

As audience tastes alter, brands prioritize content quality over production quality (such as effects, lighting, etc.). Straightforward, mobile-recorded videos will likely be a focus because good content does not require large production.

In the next 18 months, AI will substantially impact SEO. As a result, content providers must focus on developing tailored, high-quality, natural-sounding material that answers particular user inquiries while offering a fantastic user experience across all platforms.

Companies must also optimize their content for voice, visual, and video search and consider issues like technical SEO, personalization, and natural language processing. Content providers may remain ahead of the curve by following these trends and ensuring their content is discoverable and exciting for their target audience.

Dream Warrior Group, a Los Angeles Based web design and digital marketing Company, providing solutions for your online marketing needs. Our expertise includes Search Engine Optimization (SEO), Social Media Posts & Marketing & Google PPC campaigns.  Call us now at 818.610.3316 or click here.