Aline Lerner
|
It’s tough for a job-seeker out there. Stories of interviewers demanding ever-increasing scores on coding tests or even asking candidates to complete hours-long demonstration projects are becoming routine as companies offer potential staff to the altar of efficiency.
Interviewing.io founder and CEO Aline Lerner, whose platform pairs job applicants with industry veterans for mock interviews, said its data shows the trend is much more than anecdotal. For example, Interviewing.io users training for jobs at top-tier companies like FAANG firms needed to score in the 83rd percentile on coding tests in December 2023, up from the 65th percentile in early 2022.
Lerner sat down with IT Brew to explain why technical interviews are out of control, warn firms about cheating, and relay advice for applicants.
This interview has been edited for length and clarity.
What does the intensification of these interviews look like for the applicant?
It’s not necessarily harder questions, but people are expecting you to solve them faster, and they’re expecting you to have pretty much an optimal solution. It’s kind of sad, because the purpose of these interviews is to see if you can think.
Read more here.—TM
Do you work in IT or have information about your IT department you want to share? Email [email protected]. Want to go encrypted? Ask Tom for his Signal.
|
|
|
Wondering if generative AI will be your cybersecurity ally—or enemy? Surprise, surprise: IT security leaders think the answer is…both.
Splunk breaks down the deets in their new article, How CISOs are (and aren’t) using generative AI. Their article lays out tons of practical advice and actionable insights about the intersection of AI and security, such as:
- advice and opinions on industry trends and best practices
- leadership guidance from fellow leaders
- digestible research curated specifically for the C-suite
Read the whole article to see how your new frenemy, generative AI, can help you manage the more mundane (while still important) parts of cybersecurity—and how to prepare for potential attacks that come with using AI.
Learn from the leaders.
|
|
Illustration: Dianna “Mick” McDougall, Photo: Getty Images
|
What makes China’s cyber activity unique? According to Dave Luber, the incoming director of cybersecurity at the NSA—who started his new role March 31—it comes down to three things: “scope, scale, and sophistication.”
Speaking about Volt Typhoon and similar APT groups, Luber told IT Brew in an email that “the idea that these actors are attempting to evade common detection techniques, get persistent access, and preposition themselves to exploit our critical infrastructure is a significant concern.”
Double down. As threat actors in China continue to pose a threat, Luber noted they have become “more brazen.”
“When new vulnerabilities are disclosed, rather than stop exploitation, they double down and hack more broadly,” he said.
Read more here.—AF
Do you work in IT or have information about your IT department you want to share? Email [email protected].
|
|
Francis Scialabba
|
Red team, go—with help from AI.
In February, Microsoft and OpenAI introduced a new open automation framework to assist security professionals in managing risk. The Python Risk Identification Toolkit, or PyRIT, provides AI for red teaming, by leveraging the generative capabilities of the technology to expose vulnerabilities.
Steve Winterfeld, advisory CISO with Akamai Technologies, told IT Brew that the new tools are helpful for filling in the gaps for organizations that need assistance with cybersecurity. It’s difficult to find someone who has skill in attacking webpages, social engineering, hacking, and more.
“The thought process is now that a generative AI can do that,” Winterfeld said.
Open source-a-me. In a blog post announcing PyRIT, Microsoft said the system provides a more probabilistic result than traditional red-teaming: “Put differently, executing the same attack path multiple times on traditional software systems would likely yield similar results. However, generative AI systems have multiple layers of non-determinism; in other words, the same input can provide different outputs.”
Keep reading here.—EH
Do you work in IT or have information about your IT department you want to share? Email [email protected].
|
|
|
Adios, audit woes. Wherever you are in your audit journey, it’s safe to say the compliance process can be a touch overwhelming. Enter Thoropass. Whether it’s SOC 2, SOC 1, ISO 27001, HITRUST, or more, Thoropass can unlock multi-framework compliance for your company and provide full visibility—all in one place. Get started.
|
|
Francis Scialabba
Today’s top IT reads.
Stat: 301,000,000 megabits per second. That’s the speed of an ultra-high-bandwidth fiber-optic cable developed by researchers at the UK’s Aston University. (Popular Science)
Quote: “Our findings revealed that several large companies either use or recommend this package in their repositories.”—Bar Lanyado, Lasso Security engineer, on a recent study involving a hallucinated software package (The Register)
Read: In a possible omen for other industries, advertisers are quickly learning how to polish and use generative AI. (the Wall Street Journal)
Friend or foe: It can be hard to know how generative AI and security systems fit together. Hear what CISOs think about embracing AI (and what to be careful of) in Splunk’s latest article.* *A message from our sponsor.
|
|
|
When’s the last time you landed a job by applying cold? We’ve partnered with CollabWORK, the first community-powered hiring platform, to bring curated jobs from companies looking to connect with IT Brew readers. Apply below and join CollabWORK for free.
|
|
|
Share IT Brew with your coworkers, acquire free Brew swag, and then make new friends as a result of your fresh Brew swag.
We’re saying we’ll give you free stuff and more friends if you share a link. One link.
Your referral count: 2
Click to Share
Or copy & paste your referral link to others:
itbrew.com/r/?kid=9ec4d467
|
|
|
