Blog

New Joint Guide Advances Secure Integration of Artificial Intelligence in Operational Technology

CISA & ASD released a guide for secure AI integration in Operational Technology (OT), highlighting risks and principles to ensure safety in critical infrastructure. Key steps include: educate on AI, assess risks, establish governance, and embed security.

https://www.cisa.gov/news-events/news/new-joint-guide-advances-secure-integration-artificial-intelligence-operational-technology

CISOs Are Questioning What a Crisis Framework Should Look Like

CISOs expect future breaches and struggle with crisis frameworks. A Binalyze report reveals 84% believe breaches are inevitable, leading to rushed budgets and investigation delays, costing $114,000 per hour. Only half of CISOs can effectively answer key questions during incidents. Limited visibility into IT environments complicates investigations, which can cost over $1 million due to unclear information. Investigators are in short supply and face burnout, slowing down response efforts. Improved investigation readiness and clarity can reduce damage and enhance recovery from attacks.

https://www.helpnetsecurity.com/2025/12/03/binalyze-crisis-management-framework-report/

How Amazon Finds Its Cybersecurity Weak Spots

Amazon avoids typical cybersecurity benchmarks and instead monitors the introduction of new and old devices in its network in real time, believing these are key to spotting risks. The company leads with meticulously detailed metrics instead of using averages or simple dashboards and shares its findings with a specialized security board committee. This approach, guided by Chief Security Officer Stephen Schmidt, emphasizes outlier risks and continuous oversight, setting Amazon apart from peers.

https://www.wsj.com/articles/how-amazon-finds-its-cybersecurity-weak-spots-f932e836

Cloudflare’s 2025 Q3 DDoS Threat Report — Including Aisuru, the Apex of Botnets

Cloudflare's 2025 Q3 DDoS Threat Report reveals a significant rise in DDoS attacks, particularly from the Aisuru botnet, reaching peaks of 29.7 Tbps. Total DDoS attacks increased by 15% QoQ, with a notable 347% surge against AI companies in September. Network-layer attacks dominate at 71%, while HTTP attacks have decreased. Major attack sources include Indonesia and key industries like Automotive and Mining, attributed to geopolitical tensions. Regions like the Maldives and France experienced spikes in attacks due to protests. Cloudflare blocked over 8.3 million attacks in Q3 alone, highlighting an urgent need for robust anti-DDoS measures.

https://blog.cloudflare.com/ddos-threat-report-2025-q3/

The Cybersecurity And Resilience Bill Is Coming. Here’s What It Means

UK's Cyber Security and Resilience Bill introduced in November aims to enhance cyber defenses for essential services amid rising cyberattacks. It updates 2018 NIS regulations and imposes new reporting duties with stricter penalties. Broader scope includes managed service providers and critical suppliers. Implementation phases are planned post-approval, mandating organizations to assess compliance and strengthen cyber risk management before laws take effect.

https://insight.scmagazineuk.com/the-cybersecurity-and-resilience-bill-is-coming-heres-what-it-means

Turning AI From a Cost Into a Catalyst: Rethinking The CIO’s Role In The AI Era

CIOs are largely focused on AI governance and safe use, but struggle to show clear financial returns from AI. The traditional cost-based IT budget model limits the ability to use technology as a strategic driver of business transformation. True value from AI requires rethinking operating models across the whole organization, not just adding AI to old processes. CIOs need to shift from cost managers to value creators, measuring ROI with new approaches and working with business leaders to treat technology as a long-term investment and growth driver.

https://www.forbes.com/sites/peterbendorsamuel/2025/12/03/turning-ai-from-a-cost-into-a-catalyst-rethinking-the-cios-role-in-the-ai-era/

North Korea Lures Engineers to Rent Identities in Fake IT Worker Scheme

North Korea's Famous Chollima, linked to the Lazarus group, exploits developers by recruiting them to rent their identities for illicit purposes. This scheme involves deceiving engineers into acting as fronts for North Korean agents in high-profile companies, often using AI for interviews. Engineers provide sensitive personal information and use their computers as proxies, risking legal consequences. Recent findings include spamming job listings on GitHub to attract candidates. Researchers monitored these tactics using sandbox environments, discovering tools like AI for job applications and communication methods that help agents maintain anonymity.

https://www.bleepingcomputer.com/news/security/north-korea-lures-engineers-to-rent-identities-in-fake-it-worker-scheme/

You Can’t Fall Behind in AI if You Never Start

CISO Series discusses AI integration in organizations, highlighting the challenge of securing it and the need for AI expertise due to a scarcity of trained professionals. Host David Spark and CISO Mike Johnson emphasize building internal talent for AI roles rather than hiring externally. Guest John Barrow shares the importance of internal context and trust in cybersecurity roles, advocating for proactive communication and strategic GRC positioning within the boardroom to align security with business goals while managing budget constraints.

https://cisoseries.com/you-cant-fall-behind-in-ai-if-you-never-start/

Key Questions CISOs Must Ask Before Adopting AI-enabled Cyber Solutions

The article outlines crucial steps and questions for CISOs considering AI-powered security tools. Threats involving AI, like deepfakes and data leaks, are growing, making AI-driven defenses necessary. Organizations benefit from faster breach recovery and cost savings with AI, but also face risks from unmanaged shadow AI. Key uses of AI in security include threat detection, automated reporting, and alert management. CISOs should evaluate the organization’s risk tolerance, specific security needs, and regulatory environment, and consider whether to adopt platform-based or point solutions. When assessing vendors, focus on areas such as shadow AI identification, data protection, effectiveness metrics, workforce impact, tool integration, regulatory compliance, trust in AI decisions, scalability, vendor reliability, ongoing support, and total cost.

https://www.csoonline.com/article/4094763/key-questions-cisos-must-ask-before-adopting-ai-enabled-cyber-solutions.html

Scroll to Top