Top 5 Must Reads: 7/28/2023

You already know that every day at InformationWeek there will be original reporting from our team of journalists and unique commentary you won’t see anywhere else. But in case you missed them, here are some of our favorites from this week:

1. Cyber Risk Special Report

Behind the budget dollars allocated to cybersecurity defense and recovery efforts lies the question of where to spend them.

Cyberattacks and other threats to an organization’s ability to do business remain a top concern across all industries. Ransomware tops the list of threats, and it’s just getting worse as the operators succeed in getting more and more ransom payments. But ransomware is not the only threat. Many others come from outside as well as inside the organization and are both man-made and naturally formed. On top of all that comes the long-foretold AI wars – not yet here, but close.

Find Out: 

• Top Threats and Disruptions to Businesses
• Defense Versus Recovery Spending
• Frequency of Testing IR Procedures
• Cybersecurity Staffing
• Cyber Liability Insurance
• Ransom Payments

Against this backdrop companies try to battle and win against an onslaught of attackers. Don't miss out on this critical research data!

2. Generative AI Best Practices

Story by Joao-Pierre Ruth

Key Points:

• Back in April, Samsung staffers put some of the company’s proprietary code into ChatGPT, later realizing the generative AI retains what it gets fed in order to train itself up.
• The idea is simple enough -- let AI create some code while developers focus on other tasks that require their attention.
• As the allure of AI continues to grow, IT leaders will need to be vigilant about how their teams use it.

3. ChatGPT and IoT

Story by  Pam Baker

Key Points:

• Now comes ChatGPT to sit atop most IoT and edge devices, effectively adding a welcome beacon -- or even a helping hand -- to threat actors everywhere.
• Despite variances in vulnerabilities and diverse efforts to exploit them, threats from the edge originate from one of two IoT realms: home IoT and enterprise IoT.
• IoT and edge computing spawn vulnerabilities elsewhere, too. For example, an ever-expanding edge-computing space compounds security problems for enterprises -- especially on the border between enterprise and consumer usage.

4. U.S. Data Privacy

Story by  Shane Snider

Key Points:

• Data privacy concerns have woven a complicated global web of laws for businesses to navigate -- and until a federal law establishing concrete guidelines is passed, companies will need to continue to hopscotch through different guidelines to meet compliance standards for domestic and international laws.
• The American Data Privacy and Protection Act (ADPPA) is a bill that if passed would become the first set of federal privacy regulations that would supersede state laws.
• Arlo Gilbert, CEO of data privacy software company Osano, says while some states have good data privacy laws, an overarching federal law would help businesses streamline data privacy standards.

5. AI & Finances

Story by  Nathan Eddy

Key Points:

• With the breakneck speed of development continuing apace amid a period of economic volatility -- most recently underscored by the collapse of banks in the United States and the rescue of major financial institutions abroad -- there are growing concerns over the role AI could play in further destabilization.
• For example, financial institutions will gain efficiency and competitiveness, insights for better decisions, and improve client experience that will help them stay ahead in the game if they learn how to leverage AI.
• Meanwhile, ethical concerns around AI deployment remain unsolved, as regulators work through how AI systems can be held accountable for bias.

Latest Major Tech Layoff Announcements

Original Story by Jessica C. Davis, Updated by Brandon J. Taylor

Key Points:

• As COVID drove everyone online, tech companies hired like crazy. Now we are hitting the COVID tech bust as tech giants shed jobs by the thousands.
• Updated Monday, July 24, 2023 with layoff announcements from Viaplay Group , Microsoft and Binance.
• Check back regularly for updates to our IT job layoffs tracker.

REGISTER NOW:

"IT Security Master Class: Phishing Mitigation Techniques" LIVE webinar on 8/1 - Presented by  InformationWeek  &  KnowBe4

On Tuesday – August 1, beginning at 1pm ET – tune into our free online webinar featuring  Roger Grimes  - Data-Driven Defense Evangelist at  KnowBe4 , as our keynote speaker! This live virtual event will be moderated by our colleage  Peter Krass . REGISTER now at the link above.

"IT Security Master Class: Phishing Mitigation Techniques"

Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago.

Now they’re more targeted, cunning, and dangerous. And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware, and more.

Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist where he’ll share a comprehensive strategy for phishing mitigation. With 30+ years experience as a computer security consultant, instructor, and award-winning author, Roger has dedicated his life to making sure you’re prepared to defend against ever-present IT security threats like phishing.

In this webinar, you’ll learn:

• Creating a strong defense-in-depth plan to combat phishing.
• Implementing immediate security policies.
• Essential technical controls for all organizations.
• Avoid pitfalls with cybersecurity insurance.
• Why it’s critical to develop your organization's human firewall.

Get the details you need to know now to protect your organization from phishing and social engineering attacks.

"Cyber Resiliency 2023: How to Keep IT Operations Running, No Matter What" LIVE webinar on 8/24 - a co-branded presentation between InformationWeek  &  ITPro Today

On Thursday – August 24, beginning at 11am ET – tune into our free online webinar featuring Candy Alexander, CISSP CISM  - CISO & Cyber Practice Lead at NeuEon Inc. , and Christian Hyatt - CEO & Co-Founder risk3sixty as our keynote speakers! This live virtual event will be moderated by our colleague Steven Hill . REGISTER now at the link above.

"Cyber Resiliency 2023: How to Keep IT Operations Running, No Matter What"

It’s clear that IT needs fewer bells and whistles in cybersecurity and operational alerts, and more business bounce-back from attacks and outages.

Resiliency means your business must be able to take the punches and remain in full operation. There are plentiful options but no guarantee that any single solution can provide resilience against onslaughts that vary from sudden cloud outages to prolonged ransomware attacks. A layered plan, however, could be just the thing. During this event, we share what you need to consider.

Topics Include:

• Challenges in Keeping Up With Cyber Resiliency
• Ransomware Preparedness for Enterprises
• Preparing for Cloud Service Outages

Treasures from the Archives...

Report by  Brian T. Horowitz

Key Points:

• The bleeding in the tech industry continued last week as SAP announced that it would eliminate up to 3,000 jobs, which will comprise approximately 2.5% of its total workforce.
• SAP also announced it will explore selling its stake in Qualtrics, a customer experience software company it acquired for $8 billion in November 2018.
• The SAP cuts follow other tech industry layoffs that are part of the COVID tech bubble bursting. Companies grew at an aggressive pace during the pandemic. But then in November Meta revealed it would lay off more than 11,000 employees, on Jan. 18 Microsoft said it would cut 10,000 jobs or less than 5% of its workforce, and on Jan. 20 Google announced it would trim 12,000 jobs.

This is just a taste of what’s going on. If you want the whole scoop, then register for one of our email newsletters, but only if you’re going to read it. We want to improve the sustainability of editorial operations, so we don’t want to send you newsletters that are just going to sit there unopened. If you're a subscriber already, please make sure Mimecast and other inbox bouncers know that we’re cool and they should let us through. And if you’re thinking about subscribing, then maybe start with the InformationWeek in Review; it only arrives on Fridays.