Hey, Alexa: How do I ward off a cyberattack?

As internet-connected and “smart” devices proliferate in the business world, many organizations are sleeping on best practices that could protect their network from being one of this year’s top hacking targets.

According to a new study by IoT security firm Keyfactor and market research firm Vanson Bourne, “There is a marked sense of complacency with product security regionally for those that operate and use IoT and connected devices.”

The study, released Oct. 10, found 94% of surveyed North American IoT professionals agreed they could improve IoT security, while nearly two-thirds said they’re “as protected as they could be” from attacks on their connected devices.

Read more here.—KG

The secret to unlocking sustainable, impactful growth is…compliance?

It’s true. Achieving (and maintaining) SOC 2 compliance can help you boost sales velocity, access new enterprise markets, and reduce internal resource constraints.

And Thoropass put together a comprehensive SOC 2 guide with research and insights for everyone from the decision-makers to the tech pros. Read it to learn all about:

• SOC 2 time and cost expectations
• how to leverage your SOC 2 report
• multi-framework considerations
• continuous monitoring and maintenance of your SOC 2 report
• the answer to the question “Is SOC 2 compliance enough?”

Interested in more than just a guide? Check out the Thoropass platform to see how they’re changing compliance.

Get the SOC 2 guide + demo the platform.

If you want something done right and you can’t do it yourself, leverage the power of the consumer to make it happen.

At least that’s the message from the Cybersecurity and Infrastructure Security Agency (CISA)’s updated guidelines for software manufacturers, released Monday.

The guidance expands on CISA’s April “Secure by Design” framework, which called for manufacturers to take responsibility for the security of their products, communicate transparently about vulnerabilities, and prioritize security in product development from the C-suite down.

The updated guidelines advise software manufacturers on how they can “demonstrate these principles to their customers and the public, emphasizing that software manufacturers must be able to compete on the basis of security,” according to a press release.

Manufacturers should clearly state how they’re weaving security into their business models, while software-buying enterprise customers should ask “hard questions” about their vendors’ security practices and demand clear documentation, CISA advised in its report.

Keep reading here.—TK

Microsoft is hiring a human to lead the robot revolution...in data center automation.

As reported by The Register, Microsoft posted a job listing in the second week of October for a hardware robotics team manager in its automation department. Qualifications for the position include standard program management experience in engineering or product, as well as “3+ years professional hands-on experience working on automation and robotics for hardware equipment.”

Microsoft’s senior director of data center research, Sean James, posted on LinkedIn that he was “creating a team dedicated to the automation of data center operations,” adding, “We want our data centers to be safe and efficient!”

Vlad Galabov, Omdia’s director of Cloud and Data Center Research, told The Register he had seen “a proof-of-concept of robots for data hall inspection at a Telehouse data center in London years ago,” adding that Microsoft is likely looking into similar technology. He also noted that data center operators’ interest in robotics may be related to the ongoing shortage of qualified staff, which can drive up costs.

Read more here.—TM

Today’s top IT reads.

Stat: $1.3 billion. That’s how much RTX, formerly known as Raytheon, is selling its Virginia-based cybersecurity business for. (Boston Business Journal)

Quote: “What we’re really trying to figure out is whether AI could replicate human nature and whether in the future, [when] we’ll be living among AI—whether or not AI is going to be used to help us or harm us.”—Sarah Kidwai, a first-year student, on a Fordham University philosophy class that explores AI and human nature (Fordham News)

Read: A team of hackers think they’ve figured out how to crack a tech exec’s IronKey USB drive containing $235 million in bitcoin, but there’s a catch. (Wired)

Partner in compliance: Download Thoropass’ new SOC 2 guide for a deep dive on SOC 2 time and cost expectations, multi-framework considerations, and a whole lot more. Get the guide.*

^{*A message from our sponsor.}