September 7, 2022
Photo: Moodboard via Getty Images
Hello and welcome to Protocol Enterprise! Today: why GitHub’s Copilot coding tool could improve developer productivity at a price, CISA wants to hear what enterprise tech thinks about security reporting requirements and Iran draws the attention of the cybersecurity community.
Given the expense required to maintain a team of even halfway-competent software developers, enterprise companies are keenly interested in improving their productivity. While it’s still early, GitHub is starting to lay out a case that all those developers need is some good old-fashioned automation.
The ubiquitous code warehouse released a new study Wednesdayoutlining how 2,000 users of its Copilot product, first released last year, are finding the experience. Copilot allows developers to plug AI-generated snippets of code into their applications in order to avoid the drudgery of writing that one function over, and over, and over again.
But how well were they really doing? GitHub split a group of 95 developers into two groups — one that was allowed to use Copilot, and one that had to rely on their meager human brains — and gave them a task.
The results aren’t too surprising: AI will generate code faster than people, and assuming that code works, everybody likes to get the job done faster. The long-term questions for both GitHub and parent company Microsoft when it comes to Copilot are a lot trickier.
In other words, productivity might come at a price. The fastest way to get something done isn’t always the best.— Tom Krazit (email | twitter)
Why on-demand talent could be exactly what companies need right now: If you thought the rise of remote work, independent contractors and contingent workers rose sharply during the pandemic, just wait until the next few months when you see a higher uptick in the on-demand talent economy.
During its less-than-four-year history, CISA has had very little regulatory power. But as you've perhaps read in this newsletter, that's about to change.
CISA, the main U.S. cybersecurity agency, has been tasked with hammering out the specifics around mandatory reporting of critical infrastructure cyberattacks. Now, the chance for businesses to weigh in on the proposed reporting rules will begin within days, CISA Director Jen Easterly said at an event in D.C. today. As we previously reported, CISA will be issuing a public request for information and hosting a series of "listening sessions" to solicit feedback from industry.
The key elements of the regulations will require incidents to be reported to the government within 72 hours, and ransomware payments to be disclosed within 24 hours, by companies in 16 critical infrastructure sectors. (Unlike the SEC's controversial incident reporting proposal, however, details on cyberattacks disclosed to CISA would be anonymized before any public sharing.)
From a cybersecurity standpoint, one concern is that the final critical infrastructure rules aren't actually due for another three years. Shortening the time frame is worth exploring, some in the security industry have told me; the sooner CISA has more transparency about cyberattacks, the better off everyone will be on security, the reasoning goes.
The companies affected by the regulations are likely to have concerns of a different type, though. True, Easterly and CISA have generated a lot of goodwill through increased engagement with the cybersecurity community. But as Okta’s Marc Rogers told me previously, companies will still have questions like, "'How much do I want to share? What is risky for me to share? Is there a chance that a competitor could find out about this?'"
Those questions will need to be answered through extended discussion between CISA and the industry, Rogers said. In other words, if you are so inclined, this is your chance to be heard.— Kyle Alspach (email | twitter)
The mandate is clear. Modern businesses need to provide a seamless, tech-enabled, end-to-end customer experience across their organizations: to always be ready, no matter the time or the platform, to promptly address customer needs and provide a human connection. This requires eliminating silos, increasing automation and analytics and ensuring that the front end and the back end are aligned to deliver a positive experience for your customers and your team. But how do you achieve this in today’s digital landscape?
In this virtual Protocol event on Sept. 19, we will dive into the tech tools and tricks and real-life strategies that companies are using to build a CX tech ecosystem and prepare for an increasingly customer-first future. Please join Protocol Enterprise’s Aisha Counts in conversation with Lara Caimi, chief customer officer, ServiceNow; Glenn Weinstein, chief customer officer, Twilio; and Clara Shih, chief executive officer, Service Cloud, Salesforce. RSVP here.
Albania took what is believed to be unprecedented action following a cyberattack, cutting diplomatic ties with Iran and expelling its ambassadors.In a bid to cut costs, Netflix is considering reducing the scope of its long-running cloud-computing partnership with AWS, according to The Wall Street Journal.
Why on-demand talent could be exactly what companies need right now:The biggest benefit of leveraging on-demand talent is often tapping into the talent and skills that businesses can’t find elsewhere. Upwork’s recent report highlights that 53% of on-demand talent provide skills that are in short supply for many companies, including IT, marketing, computer programming and business consulting.
Thanks for reading — see you tomorrow!