AI Just Solved the Wrong Half of Cybersecurity

By / Blog / ,

The article discusses how AI, exemplified by Anthropic's Claude Mythos, has revolutionized cybersecurity by autonomously discovering thousands of vulnerabilities, including a 27-year-old bug in OpenBSD, but highlights a critical issue: while detection has dramatically improved, the capacity to patch and remediate these vulnerabilities remains severely lagging. This “discovery-to-patch gap” presents a major security challenge, especially for open-source projects maintained by small teams, necessitating urgent industry focus on prioritization, remediation speed, and treating AI models themselves as part of the security threat landscape.

https://hackernoon.com/ai-just-solved-the-wrong-half-of-cybersecurity

EY/IIF Third Annual Global Insurance Risk Management Survey

By / Blog / , , ,

The EY/IIF Global Insurance Risk Management Survey reveals a shift in insurance risk management, emphasizing its role as a strategic driver of transformation and growth. Key themes include the dominance of cyber risk, the importance of resilience, and the evolving role of CROs as strategic partners.

https://www.iif.com/Publications/ID/6532/EYIIF-Third-Annual-Global-Insurance-Risk-Management-Survey

Why It’s Time to Stop Blaming Staff for Breaches

By / Blog / , ,

Security awareness training has been widely adopted by companies but has not significantly reduced breaches, largely because it fails to keep pace with sophisticated, AI-driven, personalized phishing attacks. Experts argue that technology must do more to block threats before reaching employees, and training should be targeted, relevant, and supported by a positive security culture that encourages reporting mistakes rather than punishing them.

https://www.itweb.co.za/article/why-its-time-to-stop-blaming-staff-for-breaches/wbrpOqg2lYnMDLZn

Vercel’s Breach Is a Warning—”Shadow AI” Risks to CX Are Escalating

By / Blog / , ,

Enterprises' unmonitored use of “shadow AI” tools—where employees independently adopt AI solutions without centralized governance—is escalating security risks that can expose sensitive customer data and disrupt customer experience (CX). The recent Vercel breach, caused by a compromised third-party AI tool connected to an employee account, illustrates how shadow AI can serve as an unguarded access point for cyberattacks, emphasizing the need for enterprises to improve visibility, governance, and coordination between security and customer-facing teams to protect CX effectively.

https://www.cxtoday.com/security-privacy-compliance/vercels-breach-is-a-warning-shadow-ai-risks-to-cx-are-escalating/

Handling Shadow AI at the Source: Why the Browser Is the New Control Layer

By / Blog / , , ,

Shadow AI poses significant security risks as employees often use unauthorized public AI tools to boost productivity without realizing the potential for sensitive data exposure. A secure enterprise browser transforms the browser from a passive tool into an active control layer, enabling organizations to monitor AI usage, enforce policies, and prevent data loss by applying granular, context-aware controls that balance productivity with security.

https://www.scworld.com/resource/handling-shadow-ai-at-the-source-why-the-browser-is-the-new-control-layer

How the EU’s NIS2 Directive Is Changing How CIOs Think About Digital Infrastructure

By / Blog / , , , , ,

The EU’s NIS2 directive is prompting CIOs to rethink digital infrastructure by extending risk accountability beyond individual organizations to encompass the entire ecosystem of interconnected providers, including cloud platforms and network operators. This shift emphasizes designing resilient systems that can continue operating despite failures in any part of the network, moving resilience from a compliance exercise to a strategic priority focused on infrastructure architecture and connectivity.

https://www.cio.com/article/4162091/how-the-eus-nis2-directive-is-changing-how-cios-think-about-digital-infrastructure.html

Why Hiring ‘AI Engineers’ Won’t Work

By / Blog / , ,

The article argues that the role of an “AI engineer” is a myth because AI work encompasses diverse functions requiring different skills and mindsets. It outlines three essential AI engineering archetypes—prototypers, builders, and scalers—each focusing on distinct phases from rapid experimentation to production scaling, and emphasizes the need for companies to hire and assess talent based on these specific roles rather than expecting a single person to cover all AI responsibilities. This nuanced understanding is crucial for enterprises to build effective AI teams and avoid costly mismatches.

https://www.cio.com/article/4162080/why-hiring-ai-engineers-wont-work.html

Building an AI-Positive Work Culture

By / Blog / ,

Employer encouragement is the strongest predictor of AI adoption in the workplace, surpassing training and tool provision. To build an AI-positive culture, design leaders should grant clear permission for AI use, lead by example, and prioritize access to tools over training. Creating space for experimentation and allowing AI integration to emerge organically will foster innovation and adaptation.

https://jakobnielsenphd.substack.com/p/ai-work-culture

What It Actually Takes to Build a Security Team That Works

By / Blog / ,

In March 2026, six security leaders discussed on Reddit the key elements of building effective security teams, emphasizing the importance of fostering a collaborative culture where security is seen as a resource rather than a roadblock. They highlighted strategies such as positioning security as the “department of engagement,” making secure practices easy through platform-based models, hiring thoughtfully with a focus on culture fit, and ensuring smaller teams and vendors build trust through documented processes and demonstrated maturity.

https://cisoseries.com/what-it-actually-takes-to-build-a-security-team-that-works/

The 3 Trials of Leadership in the Age of AI

By / Blog / , ,

The article discusses three significant leadership challenges presented by the rise of AI in the workplace: the Leadership Trial of Identity, which requires leaders to prioritize soft skills like empathy and creativity over traditional hard skills; the Leadership Trial of Technique, focusing on managing blended teams of humans and AI with new performance metrics and organizational designs; and the Leadership Trial of Governance, emphasizing the need for boards to develop balanced, AI-literate oversight amidst evolving risks. These trials call for a fundamental transformation in leadership approaches to successfully integrate AI into organizations.

https://hrexecutive.com/the-3-trials-of-leadership-in-the-age-of-ai/

Scroll to Top