SEO AND AI – Today

While writing another piece about the future of AI and Large Language models for our blog, it hit me: I need to address today’s realities more. So here is a piece on what we have on the relationship between SEO and AI, today.

Even though AI models like ChatGPT are exceptional at generating statistically likely text, there may be better choices for creative storytelling. However, AI-generated content serves a valuable purpose in functional content creation, which can benefit industries such as e-commerce, reference materials, and more.

To effectively utilize AI-generated content, consider the following action plan:

    1. Identify functional content requirements: Understand the applicable content AI can efficiently generate, such as data-driven reports, event summaries, FAQ sections, how-to guides, news aggregation, job listings, legal documents, technical documentation, and directory listings. There are certain content types that AI excels at, and we recommend that you limit your functional content to the following:
        • Data-driven reports
        • Event summaries
        • FAQ sections
        • How-to guides and tutorials
        • Compiling and summarizing news
        • Job listings
        • Legal and policy documents
        • Technical documentation
        • Directory listings
    2. Kickstart large-scale content projects: Leverage AI-generated content to quickly create a critical mass of content for projects like recipe collections or travel guides. Building on AI content can help you reach your content goals more rapidly while maintaining quality through proper SEO and content management practices.
    3. Optimize keywords with AI: Use AI like ChatGPT to explore alternative keywords, questions, or concerns related to your content and rewrite sections accordingly. Using AI to optimize your long-chain keywords will help ensure your content is more engaging and relevant to your target audience.

For example, we worked with a startup founder to successfully use ChatGPT to generate his pitch outline to present his platform, resulting in a significant increase in interest and, finally, his crucial customer’s adoption of his platform.

In summary, to create a cohesive thought and action plan, you should focus on:

    • Identifying the correct type of content for AI-generated content creation
    • Utilizing AI-generated content to kickstart large-scale projects
    • Employing AI for keyword optimization and audience engagement

By following this action plan, you can make the most of AI-generated content to enhance your content strategy and achieve your goals.

The Future of SEO and Virtual Agents

This article is the fourth installment in our series discussing search and the increasing influence of artificial intelligence (AI) on the future of SEO (Search Engine Optimization). This installment delves into the evolution of the search function, the Intelligent Agents, and the interaction of goal-oriented search, Virtual Assistants (VA), end-users, and businesses.

The future of SEO means shifting to L2O.

Artificial intelligence is changing how we interact with the digital world. Soon, AI Assistants will collect and act on massive amounts of data on our behalf.  These assistants will force drastic changes in the search and search display definition.  In many instances, making the act of searching nearly undetectable. However, we have not reached the utopian society depicted in 24th-century Star Trek. So, the creators of these VAs will devise ways to keep their systems updated with the latest information. The updated content will be retrieved from public content.  The fresh content will be selected with a new type of SEO, L2O.

Virtual Assistant and the Future of Search

With the rapid advance of AI, bots can quickly process, analyze, and synthesize data and take action. Bots are transforming from our knowledge engines to our Virtual Assistants (VA). VAs predict our needs, desires, and preferences with unprecedented accuracy and will affect desired results. So, instead of googling and using phones or browsers, we interact with our VAs, state our goals, and watch it complete the task.

The shift towards proactive, predictive and personalized search will have profound implications for how we experience the internet. Traditional search engines will be replaced by AI Agents(1). The AI will operate seamlessly in the background, and take appropriate action for its user.

The Future of SEO craft

The need for a new approach to search engine optimization is apparent as the web is increasingly driven by AI. L2O, or LLM Optimization, ensures that AI-powered systems can easily access, understand, and use the latest information.

L2O helps optimize the content and improve the compatibility between human-generated content and the AI systems that will increasingly dominate our online experience. The future of SEO involves creating content easily digestible by AI systems and developing strategies to ensure that the most relevant and up-to-date information is readily accessible to these platforms.

If you own a Moroccan restaurant, you want to provide detailed dynamic content about the ambiance, experience, quality, availability, and the menu. Then when a VA tries to find the best North African Cuisine in Los Angeles, you are available. Finally, combined with your reviews and social information, the VA makes an informed yet biased decision and makes a reservation at your restaurant.

The future of SEO is about biasing the VAs rather than actively increasing the traffic to a website. But here is the funny thing, L2O involves most of the components of today’s SEO.

One key component of L2O involves creating structured data that AI systems can quickly process and interpret. L2O will include using metadata, semantic markup, and voice search optimization that help AI systems understand the context, the flavor, and the meaning of content more effectively. L2O also emphasizes the importance of maintaining a robust online presence through regular updates, high-quality content, and strategic partnerships with other reputable sources of information.

Challenges and Opportunities

Several challenges exist as we move toward a future where Virtual assistants dominate(2) the web. For one, the increased reliance on AI may exacerbate existing inequalities and social biases, as AI systems may be more likely to favor the freely available content overload from established or well-funded sources.

VAs may prove far more gullible because of the upcoming data privacy limitations. Social bias, knowledge overload, and data privacy concerns could limit the diversity of information available to the VAs and easily allow for Black Hat techniques.

However, the evolution of SEO to L2O presents numerous opportunities for businesses, content creators, and individuals. By embracing L2O strategies, organizations can position themselves at the forefront of this new digital landscape, ensuring that their content remains visible and relevant in the age of AI-driven search.

The rise of AI-powered Assistant Artifacts signals a fundamental shift in how we interact with the digital world. As search becomes increasingly predictive and personalized, the importance of L2O as a means of optimizing content for AI systems will only continue to grow.

By understanding and embracing this new paradigm, we can ensure that the internet remains a rich and diverse source of information, even as we navigate the uncharted territory of an AI-driven future.

Dream Warrior Group, a Los Angeles Based web design and digital marketing Company, providing solutions for your online marketing needs. Our expertise includes Search Engine Optimization (SEO), Social Media Posts & Marketing & Google PPC campaigns.  Call us now at 818.610.3316 or click here.

 

1- CMS Wire, What to Expect From the Future of Virtual Agents, Andie Burjek, 02/24/23

2- Data Driven Investor, AI Agent Companies, Harsha Angeri, 04/06/23

Leveraging SEO for Revenue Growth

Revenue growth through search engine optimization (SEO) necessitates a comprehensive approach beyond rankings and website traffic. It entails concentrating on content quality, comprehensiveness, and communication between marketing and sales departments. We’ll look at maximizing revenue development through SEO by developing focused content, integrating sales and marketing activities, and optimizing your website for conversions in this blog article.

Targeted Content That Aligns with Your Business Goals

Generating focused content corresponding to your business objectives is critical to achieving revenue growth through SEO. Revenue growth entails creating content that targets your target audience’s demands and interests while highlighting your products or services’ unique selling proposition (USP). Consider the following suggestions:

a. Conduct extensive keyword research to uncover high-value keywords related to your business and your target audience’s search intent.

b. Create content that meets the search intent behind these keywords, offering your audience insightful, engaging, and actionable insights.

c. Optimize your content for search engines by naturally including your goal keywords and ensuring it is well-structured and easy to navigate.

Align Sales and Marketing Efforts for a Unified Content Strategy

It is critical to link your sales and marketing teams for SEO to drive revenue development effectively. Therefore, it would be best to encourage collaboration across various divisions to create a single content strategy that satisfies client needs throughout the sales funnel. Consider the following steps to accomplish this alignment:

a. Promote open communication between your sales and marketing departments, fostering a shared knowledge of your company’s goals, target audience, and ideal customer profile.

b. Create a shared content calendar with input from both teams to ensure your content addresses consumer pain points and guides them through the sales funnel.

c. Put a mechanism for tracking and measuring content performance in place, and use data-driven insights to improve your content strategy and SEO efforts.

Optimize Your Website for Conversions

Maximizing revenue growth through SEO and funnel optimization go hand in hand. Optimizing conversion rates involves creating a seamless user experience that encourages visitors to take the desired actions, such as purchasing or signing up for a newsletter. Consider the following tips for optimizing your website for conversions:

a. Improve site speed and performance, ensuring your website loads quickly and functions smoothly on all devices.

b. Implement clear and compelling calls-to-action (CTAs) that guide users towards the desired actions.

c. Utilize conversion rate optimization (CRO) techniques, such as A/B testing and heatmap analysis, to identify all areas for improvement and optimize your website’s conversion potential.

Leverage Data-Driven Insights to Improve SEO Strategy

To generate long-term revenue growth through SEO, you must constantly modify and optimize your strategy based on data-driven insights. You can make informed judgments about your content, marketing, and sales activities by studying your website’s performance, user behavior, and search trends. Consider the following procedures:

a. Review your website’s analytics data regularly to find trends, patterns, and opportunities for improvement.

b. Monitor your website’s performance, check keyword ranks, and spot chances for optimization using tools like Google Search Console and Google Analytics.

c. Iterate on your content strategy regularly, including fresh insights and data to produce focused, high-quality content that supports revenue growth.

Utilize Topic Clusters to Improve SEO and Provide Comprehensive Information

Topic clusters can boost your website’s SEO while offering viewers detailed information. Make your website more organized and user-friendly by grouping relevant content around a core pillar page. Consider the following steps to put subject clusters in place:

a. Identify essential themes significant to your company and audience, and construct pillar pages that provide a high-level summary of these issues.

b. Create supporting content such as blog articles, videos, and infographics that go deeper into subtopics linked to your key topics.

c. Connect your supporting content to the pillar page and vice versa, forming a network of related content that improves SEO and delivers a consistent user experience.

Monitor Competitor Strategies and Adjust Your SEO Efforts Accordingly

Monitoring your competitors’ strategies and altering your optimization efforts is critical. By monitoring your competitors’ content, keywords, and website performance, you can spot gaps and openings that will allow you to exceed them in search results. Consider the following procedures:

a. Conduct regular competitor research to determine target keywords, content strategies, and website optimizations.

b. Use tools like SEMrush, Ahrefs, or Moz to compare the performance of your website to that of your competitors and identify areas for improvement.

c. Based on your results, adjust your SEO strategy, capitalizing on possibilities to generate better content, target new keywords, and optimize your website for enhanced performance.

In conclusion, increasing income through SEO requires a comprehensive approach incorporating targeted content, sales and marketing alignment, website optimization, and data-driven insights. By applying these strategies, you can improve your website’s visibility in search engines and ensure that your content resonates with your target audience and efficiently walks them through the purchasing process. This potent combination of SEO and revenue-focused content can help your company achieve long-term growth and success.

You can read about the latest changes in Google and SEO on our blog.

Dream Warrior Group, a Los Angeles Based web design and digital marketing Company, providing solutions for your online marketing needs. Our expertise includes Search Engine Optimization (SEO), Social Media Posts & Marketing & Google PPC campaigns.  Call us now at 818.610.3316 or click here.

Cybersecurity and the Arts

Working in the arts, DWG sometimes hears that they don’t need all of the security standards of large corporations. I am reminded of a non-profit executive telling me awhile back that they don’t need to be like the Pentagon when we recommended a two factor authentication system. This article was inspired by a genuine concern that many art organizations may not be fully aware of the consequences of the slippery security slope.  Our hearts sank as we heard of The Met’s ordeal and our minds were outraged.  DWG does not know the exact cause of The Met cyberattack so this is not meant to be in any way derogatory to the wonderful folks at The Met. References and articles are included below.

Beginning on December 6th, 2022, hackers started the process of breaching the Met Opera’s information infrastructure. By December 7th, a cyber attack against The Metropolitan Opera in New York was well underway. The attack affected the opera’s network systems, including its internal network, website, ticketing server, box office, and phone center. The Opera’s website was restored eight days later, on December 15.

During this period, the opera continued its performances, and the Lincoln Center for the Performing Arts supported ticket sales until the Met could recover from the attack (Kudos Lincoln Center!). While the exact magnitude of the damage has not been disclosed, the stoppage in ticket sales effected revenue. According to Peter Gelb, The Met’s general manager, the opera earns roughly $200,000 in ticket sales per day throughout this season. Because the malware impeded the opera’s ability to sell tickets, seats were temporarily sold for $50 on the Lincoln Center for the Performing Arts website.

The cyber attack on the Met is far from the first on a cultural institution. In 2019, ransomware attacked the Asian Art Museum in San Francisco. In 2020, hackers obtained access to personal information from hundreds of cultural institutions and NGOs.   I’m sure you all have heard plenty of stories of hacks and cyberattacks.

Hackers do not care whether a business is a Fortune 500 company, a small business, or not-for-profit cultural institution like The Met, all these institutions still make transactions and hold their customers information.

A month after the attack on Met Opera, the attackers have yet to be identified, but The New York Times underlined the opera’s vocal support for Ukraine amid the ongoing Russia-Ukraine conflict.

But whatever the motivation and tactics, the cyberattack on the Met should serve as a wake-up call to other cultural organizations. Anyone could be a target. “I usually warn clients that everyone, regardless of size or sector, is a target. It should not take an occurrence like this to wake up other cultural institutions to the fact that they are in grave danger,” says Richard Sheinis, partner and head of data privacy and cybersecurity at full-service legal firm Hall Booth Smith.

Cultural organizations, like performing arts centers, theaters, and museums, are typically attractive targets for cyberattacks since they may not always have the time, money, skill-set, or up-to-the-minute understanding to build a good cybersecurity strategy. Unlike many for-profit organizations, which are victims of zero-day* vulnerabilities, the bulk of security breaches in smaller enterprises and most non-profits are caused by preventable flaws in human/device interaction. The untold story of cybersecurity is how criminals leverage the imperfect nature of humans to further their own goals.

Finding funding for cybersecurity is often difficult at a non-profit but it is a worthy investment.  A good security posture today, can save hundreds of thousands later, but many people are hard pressed to believe that it could happen to them. Furthermore, many cultural institutions are still striving to recover from the COVID-19 pandemic and are not in a position to embrace the additional concerns brought about by cybersecurity.

So, bringing cybersecurity to the forefront in a cultural institutions is the first critical step. Subsequent evaluation of the infrastructure, and investment in prevention, detection, and response can help lower the likelihood of cyber attacks while also mitigating the damage of an attack if one occurs. It is always recommended that the evaluation phase be done by in-house IT team, then if company lacks the means to retain in-house cybersecurity personnel, it can turn to third-party cybersecurity firms.

Please remember until you get a cybersecurity firm to help:

  • Layered firewalls (one from your service provider, one for your institution, and if you are running your ticketing server in-house, one more for that)
  • Separation of subdomains for internal and external networks,
  • SSL
  • Two-factor authentication
  • And for goodness sake, we recommend your site should not be on the same operating system as your ticketing server (if one is on windows, the other should be on Linux) – make the hackers work more difficult (hardening). If they are the same, security should be monitored in real-time.

* The term “zero-day” refers to newly found security flaws that hackers can exploit to attack systems. The term “zero-day” alludes to the fact that the vendor or developer only recently discovered the fault, implying that they have “zero days” to repair it. A zero-day attack occurs when hackers exploit a weakness before engineers have time to fix it.

~Nami

Posted by The Met:

“After suffering a cyberattack that temporarily impacted our network systems, we’re pleased to announce that the Met is now able to process ticket orders through our website and in person at our box office. Based upon our ongoing investigations into the recent cyberattack, we would like to reassure our customers that ticketing customer data, including credit card information used when purchasing tickets, has not been stolen. We do not keep credit card information in the systems that were affected by the cyberattack. Thank you for your patience.”

Links:
https://www.nytimes.com/2022/12/07/arts/met-opera-cyberattack-website.html
https://www.reliasmedia.com/articles/commonspirit-ransomware-attack-holds-lessons-for-cybersecurity
https://amicusmsp.com/human-interaction-is-key-to-successful-cyberattacks/

 

Risk Management and the Arts

Risk Management and security are one of if not the biggest issue facing art organizations today. Unfortunately, it is not just because it may prove daunting but because it is rarely taken seriously within the organization until trouble arises.

Gone are the days when acquiring a HiTrust Certification, SOC2 type 2 auditor’s report, or an ISO 27001 accreditation was enough to defend your firm appropriately. Many seasoned practitioners knew that such a milestone was never a reliable indicator of an organization’s security posture or maturity. And it appears that the rest of the world has finally caught on.

The security threat environment is expanding in tandem with legislative and governance needs. Attacks have become more numerous and sophisticated, the number of attack channels has increased, the attack surface for businesses has increased substantially, and the complexity of our digital footprint has increased even further. In addition, the severe shortage of qualified and available workers to fill security tasks, including Governance, Risk, and Compliance (GRC), compounds the problem.
In short, GRC leaders face numerous hurdles in today’s firms. Yet, surprisingly, I hear little talk regarding the most efficient ways to run a modern GRC or risk management program. Because each firm is unique, there may be a variety of answers. There are, nevertheless, methods for modernizing your procedures.

  • Do you have a Risk Management Program in place?
  • How are you currently managing risk?
  • Why has technology changed so dramatically while GRC programs have remained the same?
  • Is there a more efficient way to manage today’s modern GRC program?

Before we begin discussing possible solutions, let’s review the basics:
Governance refers to an organization’s statutory or contractual obligations regarding security, risk, and privacy objectives. Noncompliance can result in severe fines and even criminal prosecution in some situations.
Risk refers to managing risk within an organization, focusing on security and privacy standards.

However, this merges with Enterprise Risk Management. Enterprise risk management (ERM) is detecting, analyzing, and treating a company’s risks based on an ongoing assessment by executive management. ERM includes examining the company’s exposures in financial, credit, fraud, strategic, and operational problems.

Compliance refers to an organization implementing security and privacy controls to meet governance standards and decrease risk. Internal and third-party external audits are a significant component of compliance.
My personal experience is firmly rooted in the NPO space, having spent the last 20 years helping many of our art clients with their IT audit and compliance. Based on that, I have some thoughts.

The sheer number of regulatory requirements a modern NPO must meet can be overwhelming. Similarly, managing organizational politics in an NPO is challenging, both for and against risk containment. Security, particularly GRC, has typically been viewed as a cost center rather than a value generator. And as I have stated in previous conversations, seen as a barrier to creativity.

Personnel shortages and burnout are at an all-time high, compounding the problem. According to industry analysis, this gap will continue to increase in the near term and will be a concern for quite some time.
Every day, we hear about one breach or another, and everyone is trying to move towards a more secure posture. However, these areas have financial consequences and criminal prosecutions due to a lack of monitoring and care.

In today’s environment, the message is clear: No matter what problems companies face, they must reasonably preserve the security and privacy of the data.

Running a Risk Management Program

A comprehensive alignment among the leadership is required to establish a more sustainable and scalable approach. Accepting “growing pains,” the additional initial costs, and facilitating cross-organizational working groups are all part of this. Everyone benefits from this arrangement, and key stakeholders must understand how they may help so that they can passionately buy in and be change champions.

To start the process, you must determine what regulatory obligations your firm should meet. The correct response would be, “Ask your auditors when they come in,” however, most auditors assign their most junior, fresh off-the-robe (just out of college) individuals to manage in-house audit interactions. So your best bet is for your Finance Officer to call one of your audit firm’s senior partners and obtain a summary of the regulations you must follow.

After defining the requirements, the hard work can begin, which begins with a thorough understanding of the organization’s environment. For example, what people, procedures, and technology does the organization have? What is the organization’s culture? What is the organization’s risk tolerance?

What is the organization’s risk tolerance? If you can’t answer these questions, you can’t assess compliance adequately. During this phase, we are attempting to piece together several essential views of the organization:

  • Purpose, vision, and operational needs
  • Lines of business
  • Organizational Structure
  • Key business processes
  • The digital and physical footprint
  • Assets
  • Data processing and storage

Traditionally, there are numerous emails, direct messages, and meetings. As a result, all parties involved experience duplicative manual processes, exhaustion, and dissatisfaction. It’s simple to “drop the ball” or “miss the mark” on even the tiniest of tasks in the traditional way.

You will need a SecOp person to gather the data and get the closest approximation of the organizational reality. This person must have sufficient power to assemble and distill the information for executive review.

SecOps is a relatively new concept that refers to security functions collaborating with DevOps teams (Development and IT) early and frequently and incorporating “paved roads” with “guardrails” into the process.

The teams that are continually maintaining the environment, deploying updates, and keeping the “lights on” are the stars of the show here (DevOps), and it is critical for modern GRC teams (SecOps) to collaborate and integrate with these teams. The most vital connection to cultivate for a modern GRC practitioner wanting to update their program is this one. Cross-training between GRC experts and technical teams is required. Both groups can be experts in the other’s field but must grasp how things function.

Gaining a rudimentary awareness of what tools and processes are in use with DevOps offers significant returns. When we understand how these tools interact, we benefit all parties involved. Therefore, in addition to our personal growth and development, we must teach these technical DevOps teams the fundamentals of GRC. The idea here is to keep it simple; just as a GRC practitioner can’t master complex deployment and troubleshooting, neither should our DevOps teams be expected to lead an audit.

At the very least, the audit should address any commerce, ticketing, change management, and collaboration systems utilized in the teams. A modern GRC practitioner benefits immensely from working with the tools that DevOps teams are already using. Working with DevOps provides those practitioners with the ideal perspective for evaluating organizational security and, as a result, compliance with your criteria.

At the same time, the DevOps teams need to gain an understanding of the following:

  • The forces influencing framework or standard requirements
  • The distinction between completing a requirement and meeting the requirement’s intent
  • How and why must we manage requirements from many frameworks and standards?

What happens during the audit process, why do we gather evidence, and what efficiencies can we put in place to make evidence collecting more consistent, trustworthy, and less impactful on engineering teams
Moving to the system(s) of the record is the final key in this method. Individual file sharing is a formula for disaster.

Can you envision a modern sales team organizing their activities through spreadsheets rather than a sophisticated Customer Relationship Management (CRM) system?

Certainly not! So, why do we handle our GRC initiatives in this manner regularly? First, however, it is critical to note that there will likely not be a single system of record. That is why your GRC software must integrate with other sources of a critical system of record.

Critical systems to integrate include change management systems, asset management systems, document management systems (for rules and procedures), and ticketing systems.

In short, make sure your IT and development crew know their systems, bring in an outside security person to lead the SecOps effort, and keep complete records of every process, discovery, and solution.

Sources:
GRC: The Definitive Guide (https://riskonnect.com/resources/grc-guide/)
THE ESSENTIAL GUIDE TO GRC (https://tallyfy.com/guides/governance-risk-management-compliance-grc/)
Risk and compliance management made easier (Hitrust- MyCSF)
(https://hitrustalliance.net/documents/mycsf/mycsf_information/MyCSFRiskAndComplianceManagement.pdf)

Behnam Ataee, DWG CTO, has completed the HITRUST CSF Assurance Program certification. Certified HITRUST CSF professionals can deliver simplified compliance assessments and report for HIPAA, HITECH, state, and business associate requirements.