Why It’s Time to Stop Blaming Staff for Breaches

By / Blog / , ,

Security awareness training has been widely adopted by companies but has not significantly reduced breaches, largely because it fails to keep pace with sophisticated, AI-driven, personalized phishing attacks. Experts argue that technology must do more to block threats before reaching employees, and training should be targeted, relevant, and supported by a positive security culture that encourages reporting mistakes rather than punishing them.

https://www.itweb.co.za/article/why-its-time-to-stop-blaming-staff-for-breaches/wbrpOqg2lYnMDLZn

Vercel’s Breach Is a Warning—”Shadow AI” Risks to CX Are Escalating

By / Blog / , ,

Enterprises' unmonitored use of “shadow AI” tools—where employees independently adopt AI solutions without centralized governance—is escalating security risks that can expose sensitive customer data and disrupt customer experience (CX). The recent Vercel breach, caused by a compromised third-party AI tool connected to an employee account, illustrates how shadow AI can serve as an unguarded access point for cyberattacks, emphasizing the need for enterprises to improve visibility, governance, and coordination between security and customer-facing teams to protect CX effectively.

https://www.cxtoday.com/security-privacy-compliance/vercels-breach-is-a-warning-shadow-ai-risks-to-cx-are-escalating/

Handling Shadow AI at the Source: Why the Browser Is the New Control Layer

By / Blog / , , ,

Shadow AI poses significant security risks as employees often use unauthorized public AI tools to boost productivity without realizing the potential for sensitive data exposure. A secure enterprise browser transforms the browser from a passive tool into an active control layer, enabling organizations to monitor AI usage, enforce policies, and prevent data loss by applying granular, context-aware controls that balance productivity with security.

https://www.scworld.com/resource/handling-shadow-ai-at-the-source-why-the-browser-is-the-new-control-layer

How the EU’s NIS2 Directive Is Changing How CIOs Think About Digital Infrastructure

By / Blog / , , , , ,

The EU’s NIS2 directive is prompting CIOs to rethink digital infrastructure by extending risk accountability beyond individual organizations to encompass the entire ecosystem of interconnected providers, including cloud platforms and network operators. This shift emphasizes designing resilient systems that can continue operating despite failures in any part of the network, moving resilience from a compliance exercise to a strategic priority focused on infrastructure architecture and connectivity.

https://www.cio.com/article/4162091/how-the-eus-nis2-directive-is-changing-how-cios-think-about-digital-infrastructure.html

Why Hiring ‘AI Engineers’ Won’t Work

By / Blog / , ,

The article argues that the role of an “AI engineer” is a myth because AI work encompasses diverse functions requiring different skills and mindsets. It outlines three essential AI engineering archetypes—prototypers, builders, and scalers—each focusing on distinct phases from rapid experimentation to production scaling, and emphasizes the need for companies to hire and assess talent based on these specific roles rather than expecting a single person to cover all AI responsibilities. This nuanced understanding is crucial for enterprises to build effective AI teams and avoid costly mismatches.

https://www.cio.com/article/4162080/why-hiring-ai-engineers-wont-work.html

Building an AI-Positive Work Culture

By / Blog / ,

Employer encouragement is the strongest predictor of AI adoption in the workplace, surpassing training and tool provision. To build an AI-positive culture, design leaders should grant clear permission for AI use, lead by example, and prioritize access to tools over training. Creating space for experimentation and allowing AI integration to emerge organically will foster innovation and adaptation.

https://jakobnielsenphd.substack.com/p/ai-work-culture

What It Actually Takes to Build a Security Team That Works

By / Blog / ,

In March 2026, six security leaders discussed on Reddit the key elements of building effective security teams, emphasizing the importance of fostering a collaborative culture where security is seen as a resource rather than a roadblock. They highlighted strategies such as positioning security as the “department of engagement,” making secure practices easy through platform-based models, hiring thoughtfully with a focus on culture fit, and ensuring smaller teams and vendors build trust through documented processes and demonstrated maturity.

https://cisoseries.com/what-it-actually-takes-to-build-a-security-team-that-works/

The 3 Trials of Leadership in the Age of AI

By / Blog / , ,

The article discusses three significant leadership challenges presented by the rise of AI in the workplace: the Leadership Trial of Identity, which requires leaders to prioritize soft skills like empathy and creativity over traditional hard skills; the Leadership Trial of Technique, focusing on managing blended teams of humans and AI with new performance metrics and organizational designs; and the Leadership Trial of Governance, emphasizing the need for boards to develop balanced, AI-literate oversight amidst evolving risks. These trials call for a fundamental transformation in leadership approaches to successfully integrate AI into organizations.

https://hrexecutive.com/the-3-trials-of-leadership-in-the-age-of-ai/

How 1Password CIO Jacob DePriest Thinks About Approving Internal AI Tools

By / Blog / , ,

1Password CIO and CISO Jacob DePriest emphasizes the need for faster evaluation and approval processes for internal AI tools to keep up with AI-driven cyber threats. To manage the rising number of employee “citizen developers,” 1Password is implementing expedited, limited experiments for AI tools alongside thorough onboarding and security controls that limit access based on need, ensuring both innovation and security.

https://www.itbrew.com/stories/2026/04/20/how-1password-cio-jacob-depriest-thinks-about-approving-internal-ai-tools

AI Doesn’t Create ROI. Organizations Do.

By / Blog / ,

Despite clear evidence of AI delivering task-level productivity gains, most organizations struggle to translate these improvements into measurable financial returns at the enterprise level. The article argues that AI itself does not create ROI; instead, capturing value requires organizations to redesign their structures, decision-making, governance, and performance metrics to overcome legacy systems and misaligned incentives, making organizational readiness the true barrier to scaling AI impact.

https://www.cio.com/article/4159823/ai-doesnt-create-roi-organizations-do.html

Scroll to Top