Top Reads in June: 6/9/2023

You already know that every day at?InformationWeek?there will be original reporting from our team of journalists and unique commentary you won’t see anywhere else. But in case you missed them, here are some of our favorites from June:

1. Cloud Security Solutions

Story by? Lookout

Key Points:

• Employees are no longer tied down to specific office locations or corporate-issued devices. Instead, they can be productive from anywhere, using all sorts of devices.
• Unfortunately, your legacy security tools simply aren't built for this kind of work environment.
• In the past, you may have used something like a virtual private network (VPN) or single sign-on (SSO) to grant access to those working offsite, but even though these tools can authenticate users at time of access, they can’t prevent malicious activities after access has been granted.

2. Future of Banking with AI

Story by?Joao-Pierre Ruth

Key Points:

• Nvidia shared insights at last week’s AWS Financial Services Cloud Symposium in New York that might show how financial services organizations can take advantage of such resources.
• There might be some sustainability benefits that come with the growth of AI and newer chipsets. On the hardware side, Nvidia’s development of DPUs (data processing units) in tandem with more efficient CPUs is, Malcom deMayo said, improving speed and performance while reducing power consumption.?
• If companies decide to use AI, they have choices, deMayo said, between using something already available such as ChatGPT, customizing a model, or developing something in-house -- an effort that could easily cost millions of dollars.

3. Protecting the Cloud

Story by? Lookout

Key Points:

• Without a defined perimeter, sensitive corporate data is now exposed to risks that never existed before.
• Cloud misconfigurations have quickly become the leading cause of breaches, and because cloud apps enable employees to work from anywhere on any device, there are also more opportunities for your workers to quickly share sensitive information.
• The adoption of cloud apps means that the perimeter as we knew it no longer exists.

4. IWK on AI Moving Forward

Story by Sara Peters

Key Points:

• As publications that cover technology, we examine both the opportunities that new technology offers and the?risks?that it presents.
• Within the closed doors of our newsrooms we discuss these developments regularly, thoughtfully, and passionately; but rarely do we feel compelled to issue public statements. In the case of generative AI, we do.
• We will continue to review this issue and post any revisions or updates to our policy as necessary here.

5. Digital Transformation Weaknesses

Story by? Lookout

Key Points:

• In an attempt to regain the control they used to have, many organizations have pieced together a system of standalone security products to address the individual security needs that have cropped up as they’ve modernized their infrastructure.
• In fact, organizations that used more than?50 security tools?ranked themselves lower in their ability to detect and respond to threats.
• As digital transformation continues and new use cases arise, it’s critical to resist the siren call of purpose-built standalone security tools.?

6. Uber Data Breach Aftermath

Story by?Carrie Pallardy

Key Points:

• The CSO community has been closely following Sullivan’s case, wondering what it means for their job roles and levels of personal?risk.
• In this two-part interview, Sullivan spoke with InformationWeek about the response to the incident at Uber, the outcome of his trial, and how he plans to work with the security community going forward.?
• Click the story above to read the full interview.

Latest Layoff Announcements

Original Story by?Jessica C. Davis, Updated by?Brandon J. Taylor

Key Points:

• As COVID drove everyone online, tech companies hired like crazy. Now we are hitting the COVID tech bust as tech giants shed jobs by the thousands.
• Updated Friday, June 2, 2023?with layoff announcements from?Haven Technologies,?Zendesk, and?ZipRecruiter.
• Check back regularly for updates to our IT job layoffs tracker.

REGISTER NOW:

"Identifying Blind Spots Through External Attack Surface Management" Webinar on 6/13 - Sponsored by?Bitsight

On Tuesday – June 13, beginning at 1pm ET – tune into our online webinar featuring?Olivia Bilodeau, Senior Product Marketing Manager and?Brian Mulligan?VP of Product, Security Performance at?Bitsight?- as our speakers. This live webinar will be moderated by our colleague?Terry Sweeney.?REGISTER now at the link above.

"Identifying Blind Spots Through External Attack Surface Management"

Did you know that 69% of organizations have experienced some type of cyber attack in which the attack itself started through the exploit of an unknown, unmanaged, or poorly managed internet-facing asset?

Understanding the scope of your organization’s external attack surface is essential. The key to protecting your digital footprint is to continuously manage it in order to identify risks and prioritize vulnerable areas. Make informed decisions to reduce exposure and empower the growth and success of your organization by gaining visibility into what an attacker sees.

In this webinar, you will learn how to:

• Identify and assess your evolving attack surface.
• Prioritize and remediate vulnerable areas of infrastructure.
• Monitor your digital footprint and protect for the future.

"The Right Approach to Zero-Trust for IoT Devices" Webinar on 6/22 - Sponsored by?Palo Alto Networks

On Thursday – June 22, beginning at 1pm ET – tune into our online webinar featuring?Qiang Huang, Senior Director, IoT Product Management at?Palo Alto Networks?as our Keynote Speaker. This live webinar will be moderated by our colleague?Peter Krass.?REGISTER now at the link above.

"The Right Approach to Zero-Trust for IoT Devices"

The traditional enterprise network perimeter is dissipating with work from home, BYOD, corporate resources shifting to the cloud, and Internet of Things (IoT) trends. The modern enterprise network now has to take into account all types of devices accessing the network, from conventional IT devices to non-conventional internet-enabled devices including security cameras, HVAC, smart lighting, smart blinds, infusion pumps, printers, smart coffee machines, smart TVs, virtual assistants, ATMs, and point-of-sale terminals, to name a few, comprising what is popularly called the Internet of Things (IoT).?

These devices create serious security concerns for enterprises as the IoT devices are often shipped with vulnerabilities, are difficult to patch, lack security controls, and significantly widen the threat surface, making the network more susceptible to lateral exploits.

The increase in the number of IoT devices and a reported 3 billion attacks on IoT devices in 2021 necessitates organizations to reassess their risk management strategy and move towards adopting a Zero Trust approach to include securing IoT devices.

In this webinar you will learn:

• What the principles of a Zero Trust cybersecurity strategy are and how they apply to securing IoT devices.
• How traditional network security strategies are inadequate for protecting IoTs.
• Why a practical life-cycle approach based on Zero Trust principles is the right methodology for securing IoT devices.

Treasures from the Archives...

Guest Commentary

Key Points:

• In a US survey,?8 in 10 manufacturing leaders?recently said that supply chain disruptions were their primary challenge in the third quarter of 2022, and one in 10 believe these issues will improve by year-end.
• Predictive asset maintenance (PAM) has delivered impressive gains over the past two decades.
• Some organizations may need help overcoming the limitations of legacy technology, while others will be ready to enable new use cases.
• Click the story above to learn how to reap value from PAM.

This is just a taste of what’s going on. If you want the whole scoop, then?register for one of our email newsletters,?but only if you’re going to read it.?We want to improve the sustainability of editorial operations, so we don’t want to send you newsletters that are just going to sit there unopened. If you're a subscriber already, please make sure Mimecast and other inbox bouncers know that we’re cool and they should let us through. And if you’re thinking about?subscribing,?then maybe start with the InformationWeek in Review; it only arrives on Fridays.