Here we take a look at cyber security, why you may decide you need it, how much it costs, and where to get it.

What Is Cyber Insurance? 

Cyber insurance is a type of insurance policy designed to protect businesses and individuals from internet-based risks, and more generally from risks relating to IT infrastructure and activities. It provides coverage for financial losses that result from cyber incidents such as data breaches, network damage, and cyber extortion. For example, businesses may face costs resulting from data/security breaches, media content liability (e.g. intellectual property infringement), GDPR defence costs or paying GDPR fines, credit/debit card breaches, data breach response services, data breach notification, legal fees, system repairs, and more.

Why Would Your Business Need Cyber Insurance? 

Just as we need to ensure our most valuable and valued physical-world possessions are protected (e.g. our homes and cars), we now live in a digital age where people and businesses now rely heavily on technology and online platforms to operate efficiently. However, this dependence makes businesses vulnerable to a range of cyber-threats, including data-breaches, ransomware attacks, and hacking incidents. Even a single cyber-attack can result in substantial financial losses, legal liabilities, and reputational damage. Cyber insurance, therefore, provides a safety net, so that businesses can recover financially and operationally from these incidents. By covering costs such as data-breach notification, legal fees, and system repairs, cyber insurance helps mitigate the financial burden of cyber-attacks.

Risk Management Too 

Cyber insurance can also play a crucial role in risk management. For example, it encourages businesses to assess their cyber vulnerabilities and implement robust security measures.

Insurers often require policyholders to adhere to specific security protocols, which enhances overall cybersecurity standards. This proactive approach not only reduces the likelihood of an attack but also ensures businesses are better prepared to respond effectively if one occurs. Therefore, having cyber insurance is not just about financial protection, but it’s also about fostering a culture of cybersecurity within the organisation.

Not Forgetting Regulatory Compliance 

In addition to financial and security benefits, cyber insurance is essential for regulatory compliance. Many industries are subject to strict data protection regulations, such as the General Data Protection Regulation (GDPR) in Europe and non-compliance can, of course, result in hefty fines and legal consequences.

Cyber insurance policies, therefore, often include support for regulatory compliance, helping businesses navigate complex legal requirements and avoid penalties. By providing resources for legal counsel and regulatory guidance, cyber insurance ensures that businesses can meet their obligations and maintain trust with customers and stakeholders.

What Kind Of Things Does It Cover?

As mentioned above, broadly speaking, cyber insurance aims to provide financial cover for things like data breaches, network damage, and cyber extortion. Cyber insurance for UK businesses actually provides comprehensive coverage for various cyber-related incidents. Here are some examples of what it typically covers:

Data Breach Response 

– Notification Costs: Covering the expenses of notifying customers and affected individuals after a data breach.

– Credit Monitoring Services: Providing credit monitoring to those whose personal information has been compromised.

Business Interruption 

– Loss of Income: Reimbursement for lost revenue due to a cyber-attack that disrupts normal business operations.

– Extra Expenses: Covering additional costs incurred to keep the business running while dealing with the cyber incident.

Cyber Extortion 

– Ransom Payments: Payments made to cybercriminals to regain access to data or systems.

– Negotiation Costs: Expenses related to negotiating with extortionists and managing ransom demands.

Legal Fees and Defence Costs 

– Third-Party Claims: Legal expenses arising from lawsuits due to a data breach or security failure.

– Regulatory Fines and Penalties: Coverage for fines and penalties imposed by regulators for data protection breaches, such as those related to GDPR.

Crisis Management 

– Public Relations: Costs associated with managing and repairing the company’s reputation after a cyber incident.

– Forensic Investigation: Expenses for investigating the cause and extent of the cyber-attack.

Network Security Liability

– Liability Claims: Coverage for claims arising from failure to protect data, resulting in data theft or corruption.

– Defence Costs: Legal defence costs for claims related to network security breaches.

Media Liability

– Defamation and Infringement: Coverage for claims of libel, slander, copyright infringement, or defamation resulting from digital content.

Technology and Data Recovery 

– Data Restoration: Costs of restoring and recovering lost or corrupted data.

– System Repair: Expenses for repairing or replacing damaged hardware and software

You may be thinking after looking at this list that there are many more costs than you may have thought associated with dealing with the results of a data breach, cyber-attack, or serious and disruptive network issue. These costs, plus the high levels of ever-more sophisticated cyber-crime, may be the arguments behind many businesses now having cyber insurance.

What Proportion of Businesses Now Have Cyber Insurance? 

Considering the large potential costs of dealing with a serious cyber / network incident (as shown above) it may be a surprise to know that the proportion of businesses with cyber insurance in the UK is still relatively modest. For example, the latest data shows that only 43 per cent (UK Home Office 2024) of UK businesses have a cyber insurance policy in place and within this group, a small fraction, around 5 per cent (Insurance Business UK), have specialised cyber insurance policies tailored to their specific needs. Most companies rely on broader policies that include some form of cyber risk coverage as part of their overall insurance package.

This may be particularly surprising given that according to the Cyber Security Breaches Survey 2024 by the Department for Science, Innovation and Technology (DSIT):

– 32 per cent of businesses and 24 per cent of charities experienced a cyber security breach or attack in the past 12 months.

– Among larger businesses, the figures are higher, with 45 per cent of medium businesses and 58 per cent of large businesses have reported cyber-crimes.

– The average short-term direct cost for businesses dealing with a cyber incident was £1,650, which increases to £6,490 for medium and large companies.

– Long-term direct costs, which include expenses incurred after the initial breach, averaged £782 for all businesses but reached £6,010 for larger firms.

Who Provides It? 

Several examples of the well-known insurers in the UK market that offer cyber security insurance include:

– AXA provides comprehensive cyber insurance that covers a range of cyber risks, including data breaches, business interruption, and cyber extortion.

– Aviva offers cyber insurance policies that can be tailored to businesses of all sizes. Their coverage includes protection against data breaches, cyber extortion, and business interruption caused by cyber incidents, and there is access to a 24/7 cyber incident helpline and expert support.

– Hiscox provides coverage which includes costs associated with data breaches, cyber extortion, and third-party liability, and it offers risk management tools and resources to help businesses improve their cyber security posture.

– Zurich’s offers cyber insurance policies covering a wide range of cyber risks, including data breaches, network security failures, and cyber extortion. Zurich also provides access to a global network of cyber experts and offers pre-breach services to help businesses mitigate their cyber risks.

There are, of course, many other companies that offer cyber insurance. For example, even Amazon now offers it with AWS Cyber Insurance Competency Partners, and through a partnership with Superscript is offering cyber insurance to small and medium-sized businesses in the UK. For example, Amazon Business Prime users can access it product by logging in to Superscript using their Amazon account.

How Much Does It Cost?

Obviously, the price of cyber insurance varies according to factors like the size of the business, the level of coverage, and the industry. However, as a very general guide:

– Small businesses in the UK may expect to pay around £115 per month for cyber insurance / £1,380 annually (Insureon), which can fluctuate depending on the specific risks associated with the business and the amount of sensitive data handled.

– Medium-sized businesses may see premiums ranging from £1,500 to £5,000 per year, with the variation being due to the higher risk and more significant potential losses associated with larger volumes of data and more complex IT systems.

– For large businesses, cyber insurance costs can range from £10,000 to £50,000 annually and can include higher coverage limits and broader protection against various cyber threats (reflecting the greater complexity and risk involved).

What Does This Mean For Your Business? 

The rising tide of cyber threats highlights the urgent necessity for businesses to not just strengthen their cyber security measures, but also to consider adopting comprehensive cyber insurance policies. Cyber-attacks are not only becoming more frequent but also increasingly sophisticated, posing severe risks to financial stability and operational continuity. For businesses, this means that traditional security measures alone may no longer be sufficient. Cyber insurance provides a critical safety net, offering financial protection against the costs associated with data breaches, business interruptions, and other cyber incidents.

Investing in cyber insurance can significantly mitigate the financial and operational impacts of cyber-attacks. Policies typically cover a range of expenses, from data breach notifications and legal fees to system repairs and business interruption losses. This ensures that businesses can recover more swiftly and maintain their operations with minimal disruption. Also, cyber insurance often includes access to expert support and resources, helping businesses to manage incidents more effectively and reduce the risk of recurrence.

In addition to financial protection, it’s important to remember that cyber insurance also plays a crucial role in regulatory compliance. For example, many industries are subject to stringent data protection regulations, such as the GDPR in Europe, and non-compliance can result in hefty fines and legal consequences. Cyber insurance policies frequently offer support for navigating these complex legal requirements, helping businesses to avoid penalties and maintain trust with customers and stakeholders.

For businesses evaluating their need for cyber insurance, it’s important to consider the broader benefits. Beyond immediate financial coverage, having a cyber insurance policy can drive improvements in overall cyber security practice. For example, insurers often require policyholders to implement robust security protocols, fostering a culture of proactive risk management within the organisation. This not only reduces the likelihood of successful cyber-attacks but also ensures that businesses are better prepared to respond effectively when incidents do occur.

Given the substantial costs associated with cyber incidents, the investment in cyber insurance becomes a strategic decision. Whether you are a small business, medium-sized or a large corporation, the protection and peace of mind offered by cyber insurance can be invaluable.

The evolving landscape of cyber threats, therefore, appears to necessitate a multifaceted approach to cyber security and you may decide, for all the reasons mentioned above, that cyber insurance should be a cornerstone of this strategy for your business.

Although cyber security insurance may be all very well for after the event, keeping your software and drivers up to date is crucial for helping to prevent security issues in the first place, and for maintaining the security and performance of your Windows device. Updates often include security patches that protect against newly discovered vulnerabilities. Here’s how to make sure your security is up to date:

Go to Settings > Update & Security > Windows Update.

Click ‘Check for updates’ to see if there are any new updates available.

Install any available updates to ensure your system is protected.

Additionally, check for updates for your installed applications and hardware drivers through their respective software or the manufacturer’s website.

The new AI-powered Windows ‘Recall’ feature that takes 5-second screenshots to generate a searchable timeline of everything a user has interacted with has prompted security and privacy concerns.

What Is Recall? 

The Recall feature for Windows (currently in preview status) is a new feature that’s exclusive to Microsoft’s forthcoming Copilot+ PCs. Recall takes snapshots of whatever is on your screen every five seconds (e.g. emails, and photos), while content on the screen is different from the previous snapshot. These snapshots are then stored (encrypted) and analysed using optical character recognition (OCR), which uses AI, locally on the user’s PC. The collection of snapshots is designed to give users not only a timeline of everything they’ve done and seen, but they can use voice commands to search through it for what they need, e.g. for any content (text and images) they may have been working on or seen. Microsoft says the functionality will be improved “over time” to enable users to open the actual source document, website, or email in a screenshot.

When Recall opens the snapshot a user has requested, it enables ‘screenray’.  This runs at the top of the snapshot and allows the user to interact with any of the elements in the snapshot, so for instance, the user can copy text from the snapshot or send pictures from the snapshot (to an app that supports jpeg files).

Won’t It Just Fill Up The PC’s Storage Space With Snapshots? 

With different screen snapshots (captured every-five-seconds having to be stored locally on the PC) you may be wondering what this will do to the storage space. Microsoft says the minimum hard drive space needed to run Recall is 256 GB (whereby 50 GB of space must be available) and that the default allocation for Recall on a device with 256 GB will be 25 GB, which can store approximately 3 months of snapshots. Users can increase the storage allocation for Recall in the PC Settings and old snapshots are deleted when the allocated storage is used, allowing new ones to be stored.

Why Use Recall?

According to Yusuf Mehdi, Microsoft’s executive vice president and consumer chief marketing officer, with Recall, Microsoft “set out to solve one of the most frustrating problems we encounter daily — finding something we know we have seen before on our PC”. 

Broadly speaking therefore, Recall is essentially a productivity and user experience-enhancing feature. Microsoft hopes that Recall will transform how users interact with their digital content by providing powerful, AI-driven tools for retrieving and managing past activities while maintaining a high level of control and (hopefully) privacy too.

Privacy Concerns 

While on the face of it, it’s possible to see how useful this feature could be, Recall has set privacy alarm bells ringing for some users. For example, it’s been reported that the Information Commissioner’s Office (ICO) is contacting Microsoft for more information on the safety of the product and that Recall has been described as a “privacy nightmare” by some privacy watchdogs. Examples of some of the key concerns about the potential privacy issues of Recall include:

– Since the feature doesn’t moderate what it records, very sensitive information including snapshots of passwords, financial account numbers, medical or legal information (and more) could be accessed and taken, presenting an obvious risk. Microsoft says: “Recall does not perform content moderation. It will not hide information such as passwords or financial account numbers. That data may be in snapshots that are stored on your device, especially when sites do not follow standard internet protocols like cloaking password entry.”

– With gaining initial access to a device being one of the easier elements of an attack, this is all that would be needed to potentially access the screenshots and steal sensitive information or business trade secrets.

– Anyone who knows a user’s password could access that user’s history in more detail.

– Recall is currently at the preview stage, but unless Microsoft assesses the data protection, and peoples’ rights and freedoms before the feature is released to the wider market, there may be some serious legal issues and consequences.

Elon Musk also posted about the feature on his X platform saying: “This is a Black Mirror episode. Definitely turning this ‘feature‘ off.” 

What Does Microsoft Say? 

In defence of Recall and to allay the privacy concerns expressed, Microsoft points out that:

– Recall is not enabled by default – it is an opt-in feature. Users must manually activate it to use it and can configure its settings to control what data it captures and stores.

– Microsoft says it built privacy into Recall’s design “from the ground up”.

– By clicking on the Recall taskbar icon after user’s first activate their Copilot+ device, they can choose what snapshots Recall collects and stores on their device. For example, users can select specific apps or websites visited in a supported browser to filter out of snapshots, snapshots on demand from the Recall icon in the system tray, clear some or all snapshots that have been stored, or delete all the snapshots from the device.

– Microsoft says: “For enterprise customers, IT administrators can disable automatically saving snapshots using group policy or mobile device management policy. If a policy is used to disable saving snapshots, all saved snapshots from users’ devices will be deleted, and device users can’t enable saving snapshots.” 

– The snapshots captured by Microsoft’s Recall feature are stored locally on the PC but are encrypted and protected using BitLocker encryption.

– Recall data is only stored locally and isn’t accessed by Microsoft or anyone who does not have device access.

What Does This Mean For Your Business? 

It’s possible to see the value of the Recall feature (in the forthcoming Copilot+ PCs) in terms of offering UK businesses a potential boost in productivity and efficiency. Being able to search by voice and quickly find (and eventually click through to) anything you’ve been looking at could make it much faster and easier to retrieve and manage digital content. This could, of course, save valuable time and reduce frustration, leading to more streamlined workflows and increased operational efficiency.

However, the elephant in the room with this feature which has piqued the attention of many commentators and the ICO is the significant risk to privacy that it could seemingly pose to businesses and individual users. For example, the unmoderated collection of everything (which could include sensitive information such as passwords, financial data, and confidential business details), raises substantial security and privacy risks. For example, if these snapshots were to be accessed and fall into the wrong hands, the consequences could be severe, including data breaches and the exposure of proprietary information. It appears, therefore, that the only thing standing between a potential bad actor and your personal/sensitive/business information is knowledge of the password for the PC.

Microsoft’s assertion that Recall is an opt-in feature, with snapshots stored locally and protected by BitLocker encryption, may, however, provide some reassurance, as may the fact that users can control what data is captured and stored, plus enterprise customers can disable automatic snapshot saving through group policy or mobile device management. Nevertheless, despite these measures, the potential for misuse remains, especially if a device is compromised or accessed by an unauthorised individual.

To address these privacy concerns, Microsoft will need to provide comprehensive transparency and robust security assurances to the ICO, businesses, and privacy advocates too. Demonstrating that Recall complies with data protection regulations and adequately safeguards user data will be crucial. Clearly, even though Recall is still just at the preview stage, there are serious concerns, and failure to address these could result in significant backlash, legal challenges, and a loss of trust among users.

If / when Recall is thought to be suitable for wider release for businesses, the decision to implement it will require a careful evaluation of the trade-offs between increased productivity and potential privacy risks. Companies will need to establish clear policies and provide training to ensure that employees understand how to use the feature securely. IT departments will also need to remain vigilant, continually monitoring and managing the feature’s settings to maintain data protection standards.

While Recall offers exciting possibilities for enhancing business efficiency, its success will depend on Microsoft’s ability to address privacy concerns and provide robust security measures, so it remains to be seen how Recall progresses though this preview stage and whether risks can be mitigated to an acceptable level.

In this insight, we look at the implications of Microsoft’s announcement that the Windows 11 24H2 update is being tested in a pre-release stage and the deprecation of VBScript is being initiated by making it an optional feature.

What Did Microsoft Say? 

Microsoft has announced that it is making this year’s annual feature update Windows 11, version 24H2 (Build 26100.712) available in the Release Preview Channel for customers to preview ahead of general availability later this year.

Microsoft says that Windows 11, version 24H2 includes a range of new features like “the HDR background support, energy saver, Sudo for Windows, Rust in the Windows kernel, support for Wi-Fi 7, voice clarity” and more.

Improvements Across Windows 

The update also includes many improvements across Windows, such as:

– A scrollable view of the quick settings flyout from the taskbar.

– The ability to create 7-zip and TAR archives in File Explorer (in addition to ZIP). 7-Zip is a free, open-source file archiver that compresses files into various archive formats, notably its own 7z format, and TAR (Tape Archive) – a widely used format for combining multiple files into a single archive file (typically without compression).

– Improvements for connecting Bluetooth® Low Energy Audio devices, i.e. to enhance audio quality, reduce latency, and improve power efficiency for supported devices.

Copilot Pinned To The Taskbar 

Microsoft has also said that in response to feedback from users, the update will also mean that Copilot on Windows as an app will be pinned to the taskbar. This means users can get the benefits of a traditional app experience (e.g. it can be resized, moved, and snapped to the window).

More Details To Come 

Microsoft says although Windows Insiders in the Release Preview Channel can install Windows 11, version 24H2 via its “seeker” experience, the rest of us will have to wait for more details in the coming months of the new features and improvements included as part of Windows 11, version 24H2 leading up to general availability.

The Deprecation of VBScript 

One other significant announcement from Microsoft was the sharing of a timeline for the deprecation (phasing out) of Visual Basic Scripting Edition, commonly referred to as VBScript. Last October, Microsoft announced that VBScript, first introduced in 1996, would be gradually deprecated.

The latest timeline news is that beginning with the new OS release later this year, VBScript will be available as features on demand (FODs). Microsoft says the feature will finally be completely retired from future Windows OS releases “as we transition to the more efficient PowerShell experiences.”  A diagram of the timeline states that VBScript FODs will be completely disabled by default in 2027.

Why Is VBScript Going? 

Microsoft says VBScript (VBS) is finally going because there are more versatile scripting languages (e.g. JavaScript and PowerShell) that offer “broader capabilities and are better suited for modern web development and automation tasks.” 

However, it should also be noted that VBS was a popular tool for cyber-criminals and the fact that VBScript was integrated into the Windows environment meant that it could be exploited to create VBS malware. For example, the highly destructive “ILOVEYOU” worm (2000) was VBS malware. Increased security by closing another door for cyber-criminals is apparently therefore another reason why Microsoft’s getting rid of VBS.

What Does This Mean For Your Business? 

The forthcoming Windows 11 24H2 update looks like it will bring several key benefits for UK businesses, promising to enhance productivity, security, and overall user experience. Key improvements, such as support for HDR backgrounds, energy-saving features, and the integration of Sudo for Windows and Rust in the Windows kernel, will provide businesses with more robust and efficient systems. The introduction of support for Wi-Fi 7 and improved voice clarity may also enhance connectivity and communication within the workplace, which would be helpful for maintaining seamless operations in today’s ‘digital-first’ business environment.

Also, the update’s enhancements for Bluetooth Low Energy Audio devices could be particularly advantageous for businesses relying on audio devices for communication and collaboration.

The news of the inclusion of a scrollable quick settings flyout and the ability to create 7-Zip and TAR archives directly in File Explorer may simplify business file management and streamline workflows. Such improvements could help make everyday tasks more intuitive and less time-consuming, allowing employees to focus on more critical business activities.

However, it’s worth noting for balance that, as with other updates, some businesses may face compatibility issues with legacy systems or software that has not yet been optimised for the new features. There may also be a learning curve associated with the new functionalities, i.e. perhaps requiring additional training time to fully utilise the update’s benefits.

As for the deprecation of VBScript, considering how long it’s been around, the timeline for its demise marks a significant shift for businesses still relying on this scripting language. While moving to more modern and secure scripting languages like PowerShell and JavaScript offers improved capabilities and security, the transition may necessitate some adjustments. Businesses may need to update or replace legacy systems and scripts that depend on VBScript, which could involve some time and resource investments.

On the positive side, phasing out VBScript should reduce some Windows security risks, as VBS has historically been exploited for malware attacks. The phasing out of VBS, therefore, should enhance the overall security posture of Windows environments, thereby helping businesses protect their data and operations from cyber threats.

In summary, while the Windows 11 24H2 update promises enhancements that can drive efficiency and security, businesses must prepare for potential compatibility issues and the need to transition away from VBScript. Armed with this knowledge, proactive planning for the changes can help UK businesses to maximise the benefits of the new update and maintain a secure, modern, and efficient IT environment.

After an Ofcom investigation that found BT didn’t give clear and simple information to customers who signed up to deal with its subsidiaries EE and Plusnet, BT has been told it must refund early exit fees and let existing affected customers walk away penalty-free.

What Happened? 

Under new consumer protection rules, known as ‘General Conditions’ (GCs), that came into force in June 2022, phone and broadband companies, of which BT is both, must give consumers and small businesses the details of a contract, as well as a summary of its key terms, before they sign up. These details must include the price, the length of the contract, the speed of the service, and any early exit fees.

UK Telecoms regulator, Ofcom, says that it opened an investigation into BT after it received information that two of BT’s wholly-owned subsidiaries, EE and Plusnet, may not have been providing the required documents to some customers.

The Findings 

Ofcom says its investigation revealed that since the introduction of the new rules on 17 June 2022, EE and Plusnet made more than 1.3 million sales without providing customers with the required contract summary and information documents. Ofcom found evidence that 1.1 million customers were affected by this between 26 June and 30 September 2023, i.e. they were not given contract information before they signed up as is required under the new rules.

Other key findings by Ofcom were that:

– Despite telling Ofcom in February 2022 that it was confident the deadline to meet the new rules would be met, evidence showed that BT knew as early as January 2022 that some of its sales channels would not meet the deadline.

– In some cases, BT deliberately chose not to comply with the rules on time.

– Ofcom says that whereas other providers dedicated the resources required to meet the implementation deadline for the new rules, BT may have saved costs by not doing so.

– Some sales channels are still non-compliant, and BT is still not providing the required information at the right time to some customers.

The Outcome 

The outcome of Ofcom’s findings in this case are that:

– Ofcom has issued a £2.8 million fine to BT, although this includes a 30 per cent discount as a result of BT’s admission of liability and its completion of Ofcom’s settlement process.

– The 1.1 million customers affected have been given the opportunity to request the information and/or cancel their contract without charge.

– For those customers who left BT before the end of their contract and were charged an early exit fee, BT must refund those early exit fees, and let existing affected customers walk away penalty-free.

Other Action 

Other actions that BT has been instructed to take by Ofcom in relation to this case include:

– Identifying and refunding any affected customers who may have been charged for leaving before the end of their contract period, within five months of Ofcom’s decision.

– Within three months, contacting the remaining affected customers who are still with BT and have not already been contacted, to offer them their contract information and/or the right to cancel their contract without charge.

– Amending remaining sales processes that are still non-compliant within three months of Ofcom’s decision.

Unacceptable 

Ofcom’s Enforcement Director, Ian Strawhorne, said: “When we strengthened our rules to make it easier for consumers to compare deals, we gave providers a strict timeline by which to implement them. It’s unacceptable that BT couldn’t get its act together in time, and the company must now pay a penalty for its failings.”  

Also, Rocio Concha, Director of Policy and Advocacy for consumer organisation ‘Which?’ said: “It’s absolutely right that Ofcom is fining BT for not providing EE and Plusnet customers with clear contract information before they signed up – as some people will have been hit with pricey exit fees they never should have faced.” 

What Does BT Say? 

BT has been reported as saying that it is sorry, will “implement the remedial actions” required by Ofcom and has “taken steps to proactively contact affected customers and arrange for them to receive the information and be refunded where applicable.” 

What Does This Mean For Your Business? 

Ofcom’s ruling against BT is a reminder to telecoms companies and service providers about the importance of compliance with the latest regulatory requirements. For BT, this incident highlights the critical need for transparency and accountability in customer communications, especially in a competitive market where trust is paramount. The £2.8 million fine (which some commentators say should have been higher) and the mandated refunds are examples of the financial and reputational risks associated with non-compliance.

For other providers, this case is a cautionary tale that emphasises the need to adhere to consumer protection rules and the potential consequences of failing to do so. It also shows that companies that decide to push boundaries in their marketing campaigns must think more carefully about these strategies, ensuring that their promotional activities do not leave customers in the dark about what they are signing up for. In an industry where bundling services into complex contracts is common, maintaining clarity and simplicity within customer interactions is still essential to avoid regulatory scrutiny and potential penalties.

For customers, this case may see them benefit (a little) from increased regulatory oversight and assurances that providers must comply with clear guidelines, thereby helping them make more informed decisions about their service contracts. Also, the knowledge that you can exit contracts without penalty in cases of non-compliance should be reassuring and help consumers from being unfairly trapped in agreements they did not fully understand.

A new partnership means that Truecaller’s AI Assistant can use Microsoft Azure AI Speech technology to enable Truecaller to answer your phone (via the Truecaller app) using an authentic AI version of your voice.

Truecaller 

Truecaller is a mobile app, available on iOS and Android, that offers caller identification, call blocking, and spam filtering services. It also provides features like call recording, chat, and contact management. Truecaller is based in Stockholm and was founded in 2009 and is now believed to have over 383 million users globally.

Microsoft’s Speech Technology – Answers In Your Voice 

The Microsoft Azure AI Speech technology (that as part of the new partnership enables Truecaller to answer the phone using an AI version of the user’s voice) is Microsoft’s ‘Personal Voice’. Launched in November 2023 and updating the existing ‘Custom neural voice’, the new ‘Personal Voice’ feature means that paid users of Truecaller’s Assistant (AI) “can get AI replicating their voice in a few seconds by providing a 1-minute speech sample as the audio prompt, and then use it to generate speech in any of the 100 languages supported”. 

Integrated With The Truecaller Assistant – How It Works 

Microsoft describes how ‘Personal Voice’ works when integrated with Truecaller’s Assistant, saying: “The Truecaller Assistant answers users’ calls and asks questions for the users, detecting spam and letting the users know if the call is worth answering.” 

Truecaller’s Product Director & General Manager, Raphael Mimoun, explains that “The personal voice feature allows our users to use their own voice, enabling the digital assistant to sound just like them when handling incoming calls.”

Why? 

Truecaller says being able to use an AI version of the user’s voice “adds a touch of familiarity and comfort for the user”, and Microsoft says it “provides a fully personalised voice experience” and it will “will revolutionise the way our users manage their calls and elevate their overall experience with Truecaller Assistant”. 

Limitations 

It’s been reported that although Truecaller’s Assistant usually gives the option to edit the introductory greeting template for callers, this option will be restricted if users opt for their personal voice instead of a system-generated one. That said, it’s understood that follow-up responses can be customised, based on user preferences.

Introduced in China Too 

Microsoft’s Personal Voice feature was developed with Haier, a leading IoT Smart Living brand in China, and the new Personal Voice feature has now been added to Haier’s service so that its users can create AI versions of their family’s voices to control and use home appliances via intelligent speakers.

Truecaller – More In Future 

Truecaller has indicated that it intends to work with Microsoft in future to enhance its products with AI. For example, Truecaller’s Raphael Mimoun said: “We look forward to further exploring the potential of AI-powered voice technologies in partnership with Microsoft and delivering even more innovative solutions to our global user base.”   

What Does This Mean For Your Business? 

The collaboration between Truecaller and Microsoft to integrate Azure AI Speech technology into Truecaller’s app can be seen as a significant advancement in AI-driven customer interaction tools. For Truecaller, this partnership enhances its service offering by leveraging cutting-edge AI to create a more personalised and seamless experience for users. The ability to replicate a user’s voice with AI not only adds a unique touch of familiarity but also sets Truecaller apart from its competitors in the call management and spam detection market. This innovation also aligns with Truecaller’s commitment towards continually improving its user experience and expanding its global reach.

For Microsoft, this partnership underscores the versatility and power of its Azure AI Speech technology. By enabling Truecaller to offer AI-generated voice capabilities, Microsoft showcases its ability to provide scalable, advanced AI solutions that can be integrated into various applications. This collaboration not only strengthens Microsoft’s position in the AI market but also opens up new avenues for the deployment of its technology across different industries and usage cases.

For businesses using Truecaller, the integration of AI-generated personal voices could transform how they manage incoming calls. For example, this technology allows for a more efficient and personalised customer interaction, potentially reducing the burden on customer service teams and improving the overall customer experience. By ensuring that calls are answered in a familiar voice, businesses can also maintain a personal touch, even when calls are handled by an AI. Also, the continued partnership between Truecaller and Microsoft hints at the possibility of even more sophisticated AI-driven features in the future, which could further streamline communication processes and enhance business operations.

Looking ahead, the potential for further AI integrations is vast. Businesses might see developments such as AI-driven analytics providing deeper insights into call patterns and customer behaviour, or enhanced automation features that could seamlessly integrate with other business systems. The ongoing advancements in AI technology promise to bring about more intelligent and adaptive solutions, helping businesses stay ahead in an increasingly competitive landscape. As Truecaller and Microsoft continue to innovate, businesses can look forward to leveraging these technologies to enhance efficiency, improve customer engagement, and drive growth.