|
IT OPERATIONS
|
Yahoo chose the path where no one goes—they lost one-quarter of the company’s cybersecurity team.
According to TechCrunch, the web services provider cut roughly one-fourth of “The Paranoids,” as its cybersecurity team is known, over the past year. The members who were either let go or lost by attrition included the entire red team unit. Job cuts at the company reportedly affected employees across Yahoo’s technology units.
“Outsourcing cybersecurity seems like the least secure thing a company can do,” a user on a Yahoo thread on website The Layoff commented.
Dogs of doom. In an emailed statement, Yahoo spokesperson Erin Miller told IT Brew that the cuts were part of a plan to transition the company’s security posture, which she claimed is “widely recognized as a world-class, industry-leading operation.”
“As part of this evolution, we’ve made strategic adjustments, including transitioning offensive security operations to an outsourced model,” Miller said. “This change reflects the sophistication of our program and enables us to concentrate resources on critical security priorities, maintaining the highest standards of protection for our users and platforms.”
Read the rest here.—EH
|
|
|
|
|
|
Presented By Akamai
|
API risks are top of mind for security teams. To get some specifics, Akamai surveyed over 1,200 leaders and professionals. And the respondents revealed (and agreed on) a few key points.
Check out the full report to learn what security pros are experiencing in terms of:
- the frequency of API security incidents and why they occur
- the average costs to address and recover from the incidents
-
the gaps in API inventories, testing, and risk assessment
Here’s one spoiler: Respondents agreed that the human toll of API incidents—stress, reputational damage, and added scrutiny—ranks even higher than the cost to resolve them. And that’s saying something because these incidents ain’t cheap.
Learn how leaders are adapting and evolving their API security. Grab your copy of the report.
|
|
|
CYBERSECURITY
|
Perhaps you wouldn’t expect the CEO of a password-management provider to say they want a future without passwords—isn’t that like the Container Store wishing for a future without boxes?—but that’s what Dashlane’s chief exec John Bennett said when he visited Morning Brew HQ this month.
“We’ve always been about wanting to eliminate passwords,” Bennett told us during a Dec. 4 meeting, “because we recognize inherently, just how insecure they are.”
While password behaviors have improved, according to the company’s own password health scores, classic bad habits continue. The National Cybersecurity Alliance, in its annual study, found that 35% of 7,012 global respondents said they did not use separate, unique passwords all or most of the time. (Also: 46% admitted to never using a password manager.)
So, if passwords disappear on the Post-it note they came in on, what’s left for a credential manager to manage? Bennett spoke with us about the emergence of another authenticator: the passkey.
Below are edited responses from the 30-minute conversation.
How have authentication habits changed since the company was founded in 2009?
In the last three years, there is really this emergence of this new cryptography, which is passkeys. These passkeys are bound to a specific site. They’re very, very hard to phish. The second authentication is through this biometric component that’s done on the device. I see the change now: On the consumer side and on the business side, people recognize that they want an easier and more secure way [to authenticate]. Passkeys are showing up in mainstream publications. I think it’s still nascent, though.
Read more here.—BH
|
|
|
|
|
|
IT OPERATIONS
|
Steady as she goes.
That was the message from the tech sector economy as employment in the industry stayed stable while overall jobs numbers increased.
Data from the Bureau of Labor Statistics released Dec. 6 showed an increase of 227,000 jobs in the total economy in November. While the national unemployment rate bumped up to 4.2%, that likely means the Fed will lower rates later this month—and boost the economy, Ellen Zentner, Morgan Stanley Wealth Management chief economic strategist, told CNBC.
“A further increase in the unemployment rate tempers some of the shine in the labor market and gives the Fed what it needs to cut rates in December,” Zentner said.
Rack ’em. In the tech sector, however, numbers remained virtually unchanged. A CompTIA analysis of the tech jobs data showed a 1,636 decline in positions, a change of 0% in an industry with 5.6 million jobs. In the broader economy, tech professions dropped by a total of 6,000 in a pool of 6.5 million workers.
Tech sector employment increased by between 1,000 and 1,200 jobs in the following subsectors: telecommunications; cloud infrastructure, data processing, and hosting; other information services, search, and platforms; and IT and custom software services. Conversely, PC, semiconductor, and components manufacturing dropped by 4,000 positions. Tim Herbert, CompTIA chief research officer, said in a statement accompanying the report that the numbers shouldn’t be taken as a sign of industry weakness.
Keep reading here.—EH
|
|
|
|
|
|
A message from IBM
Can data make a difference? Only if you know how to use it. Learn how to use your proprietary data to customize AI models to help unlock your full potential in this video series from Business Insider that’s sponsored by IBM. Tune in for insights from Maryam Ashoori, director of product management for watsonx.ai at IBM. |
|
|
PATCH NOTES
Today’s top IT reads.
Stat: 390,000. That’s roughly the amount of credentials stolen in an ongoing supply-chain attack targeting security pros. (Ars Technica)
Quote: “WordPress is the most used CMS on the web, and we have a responsibility to act like professionals.”—Francesa Marano, head of partnerships at Patchstack, on trolling and conflict in the WordPress community (404 Media)
Read: Investment firm SoftBank says it will create 100,000 AI jobs in the US over the next four years with $100 billion of its own investments…But is that even possible? (Barron’s)
Real API talk: Learn how security leaders are handling API risks. Akamai’s recent study offers insights on API security incidents—why they occur, how much they cost, and their internal + external impact. Take a look.* *A message from our sponsor.
|
|
|
|
JOBS
|
Ready to move your career forward without endless scrolling? CollabWORK connects you with jobs in the communities you’re already part of—like IT Brew. Experience community-powered hiring and discover the opportunities that suit you best. Click this link to browse jobs hand-selected for IT Brew!
|
|
|
|
SHARE THE BREW
|
Share IT Brew with your coworkers, acquire free Brew swag, and then make new friends as a result of your fresh Brew swag.
We’re saying we’ll give you free stuff and more friends if you share a link. One link.
Your referral count: 2
Click to Share
Or copy & paste your referral link to others:
itbrew.com/r/?kid=9ec4d467
|
|
|
ADVERTISE
//
CAREERS
//
SHOP
//
FAQ
Update your email preferences or unsubscribe
.
View our privacy policy
.
Copyright ©
2024
Morning Brew. All rights reserved.
22 W 19th St, 4th Floor, New York, NY 10011
|
|
