Security awareness training (SAT) is ineffective despite significant investment, as it focuses on knowledge rather than behavior. Human risk management (HRM), which focuses on changing employee behavior, is a more effective approach. HRM uses AI to personalize training, identify risky users, and provide targeted interventions, ultimately improving cybersecurity behavior and reducing incidents.
AI code generation governance is lagging, creating security and compliance risks. Only 23% of IT leaders manage AI governance effectively, risking a 30% rise in legal disputes by 2028. The increase in AI-generated code without proper oversight may introduce security vulnerabilities. To address this, governance must become continuous and integrated into the development workflow, allowing for instant checks on security and compliance. Embedding automated governance practices reduces risks, simplifies compliance, and enables productive use of AI tools, turning governance from a hindrance into a facilitator of innovation.
Microsoft Purview has launched an AI-driven data investigation tool that reduces risk identification time from weeks to hours, integrating discovery, analysis, and remediation. It features AI capabilities for detecting sensitive data and offers flexible pricing models for accessibility.
https://petri.com/microsoft-purview-ai-data-breach-investigations/
Microsoft Purview Data Security Investigations launched, enabling efficient security investigations (e.g., data breaches, internal fraud). Integrates across Microsoft 365, uses GenAI for data analysis, offers natural language search, and includes mitigation actions. Usage-based pricing for storage and analysis.
https://www.helpnetsecurity.com/2026/01/27/microsoft-purview-data-security-investigations/
Cybersecurity vendors often misalign their marketing, promoting features that buyers don't value. This disconnect complicates the purchasing process, as buyers seek clear problem-solving capabilities over buzzwords. The discussion, led by David Spark and colleagues, emphasizes the need for vendors to genuinely address specific business needs rather than just showcase trendy technologies like AI. Authentic engagement and pragmatic approaches in marketing are crucial, as is understanding the actual value and impacts of a product on existing workflows. The conversation highlights an ongoing need for clearer communication between vendors and customers to bridge gaps in understanding.
https://cisoseries.com/how-best-to-prepare-your-data-for-your-tools/
An AI-assisted workflow is proposed for transforming threat reports into structured analysis, enhancing efficiency in identifying coverage gaps and ensuring better detection accuracy. The importance of human validation remains critical to confirm AI-generated insights. Overall, the approach aims to streamline the detection process while leveraging both AI's speed and human expertise.
Cybersecurity threats are evolving into collaborative operations among attackers, resembling a “boy band” model where different groups share resources and intelligence for more effective, coordinated attacks. This shift creates challenges for defenders, who are often fragmented and unable to respond quickly enough due to siloed threat intelligence. As the line blurs between criminal and state-sponsored activities, defenders must adapt by enhancing intelligence sharing, validating defenses, and fostering curiosity in threat detection. The combined insights from attackers can lead to faster, more damaging campaigns, indicating that cybersecurity strategies must evolve to confront this new landscape of collaboration.
The Cisco 2026 Data and Privacy Benchmark Study reveals that AI is driving the expansion of privacy programs, with 90% of companies investing more to keep pace with AI growth and regulatory expectations. While AI enables innovation, it also exposes data hygiene issues and challenges in maintaining customer trust. CIOs must balance enabling AI innovation with maintaining data integrity and transparency to build customer confidence.
https://www.bankinfosecurity.com/privacy-fueling-cios-ai-agenda-a-30610
Ransomware tactics have evolved from simple file encryption to complex extortion schemes, leveraging stolen data, legal threats, and psychological pressure. The ecosystem is fragmented, with various groups sharing tools and methods, making response and attribution difficult. Security strategies must adapt: prepare for reputation and legal risks, enhance cyber hygiene, focus on exploited vulnerabilities, and optimize configuration management. Today's ransomware operates on human and legal manipulation rather than just malware, necessitating a proactive approach to risk management.
TLDR: Project Zero's blog discusses Windows 11's new Administrator Protection feature, intended to enhance security over the old UAC system. Despite improvements, vulnerabilities allowing bypass of this protection were identified by security researcher James Forshaw during initial testing. He discovered multiple means to gain administrative privileges, attributing the flaws to the interrelated behaviors of Windows security mechanisms. Ultimately, a fix was issued by Microsoft to mitigate these bypasses, but the analysis suggests a more radical overhaul of Windows security measures may be needed to truly address longstanding issues.
https://projectzero.google/2026/26/windows-administrator-protection.html
