IT OPERATIONS

Rough return

Return-to-office mandates don’t actually appear to improve business performance—and the data suggests they actually help execs at ailing companies scapegoat employees, according to a new study.

Mark Ma, an assistant professor at the University of Pittsburgh, and Yuye Ding, a student at its Katz Graduate School of Business, analyzed the performance of 137 firms on the S&P’s 500 index that had imposed return-to-office mandates.

The findings come at a time when many tech companies, including Amazon, Apple, AT&T, Google, and others, have tried to force workers back into the office on a regular basis. Dell and IBM notably cracked down on remote work earlier this year, despite surveys showing many CEOs regret such mandates and have begun to de-prioritize the issue.

The researchers found no “significant changes in firm performance in terms of profitability and stock market valuation after the RTO mandates.” Instead, study found evidence of the opposite: That RTO mandates do little to fix the situation at ailing firms, and may be making employees miserable in the process.

The research also sheds doubt that managers actually believe the RTO mandates will fix anything broken at a firm in the first place, Ma told IT Brew. He explained that while corporate leaders should have access to data showing that the impact of remote work on productivity is unclear at best, and plenty of evidence of backlash from employees, the researchers didn’t find any evidence CEOs with big stakes in a firm were any more likely to demand staff return.

Read more here.—TM

Do you work in IT or have information about your IT department you want to share? Email [email protected]. Want to go encrypted? Ask Tom for his Signal.

PRESENTED BY SPLUNK

Perspective is served

Tech leaders are feeling the pinch. They’re dealing with uncertainty around generative AI, cybersecurity threats, automation—the kind of challenges that weigh on ya.

That’s where Splunk can help. Their newsletter shares insights that keep you informed on how security, IT, and engineering decision-makers are thinking about the industry’s top topics.

Wondering how chief information security officers (CISOs) are (and aren’t) using generative AI? Or what lessons technical leaders can learn from Formula 1 pit crews? Splunk has you covered.

As the experts in unified security and observability, Splunk connects with tech leaders all the time, and their content is specifically curated for C-suite technical execs (think: CISOs, CTOs, and CIOs).

Stay informed with Splunk.

CYBERSECURITY

Preparing is caring

Lisa Plaggemier hadn’t written code before, but her years in the marketing department taught her how to get people thinking about it.

The then-director of security culture at ADP Dealer Services (now CDK Global) had the task of getting the organization’s seasoned developers to enroll in application-security courses.

Her 2017 presentation, titled “They’re Just Like Us,” highlighted tech pros with impressive résumés—technical and language backgrounds not all that different from coders in the room. The only difference: Plaggemier’s examples were ones of criminals—a way to tell programmers that their adversaries had equal skills.

“Two of the other guys that I had picked, they actually had a company that was a DDoS-mitigation company by day, but then by night, they DDoS you,” Plaggemier told IT Brew.

Plaggemier, a former marketing pro at Ford Motor Company, knows the value of a good hook. Before pivoting to security at ADP, she was a marketing manager at the company. For under-the-radar but high stakes threats like cyberattacks, the ability to capture attention is especially important to Plaggemier, who is currently the executive director of the National Cybersecurity Alliance.

“Too many security people assume that because they’re passionate about security, and they care about this stuff, that everybody else cares,” Plaggemier said.

Read more here.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

SOFTWARE

Security summit

Open source is on notice.

That’s the word from CISA, which introduced new efforts to secure the software on March 7, after hosting its two-day Open Source Software (OSS) Security Summit.

During the conference, top-level officials like Office of National Cyber Director (ONCD) Assistant National Cyber Director for Technology Security Anjana Rajan, CISA Open Source Security Section Chief Aeva Black, and CISA Director Jen Easterly met with OSS professionals and stakeholders to discuss how to strengthen open source infrastructure. The summit also included smaller organizations, something that Open Source Initiative US Policy Director Deb Bryant highlighted.

“Including less represented, small open-source nonprofits into the discussion will facilitate workable, practical policies and practices, building upon the strength of the collaborative model of Open Source,” Bryant said.

Keep reading here.—EH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

PATCH NOTES

JOBS