Quote for the day:
"We don't grow when things are easy. We grow when we face challenges." -- Elizabeth McCormick
AI Rapidly Rendering Cyber Defenses Obsolete
“Most organizations still don’t have a complete inventory of where AI is running
or what data it touches,” he continued. “We’re talking millions of unmanaged AI
interactions and untold terabytes of potentially sensitive data flowing into
systems that no one is monitoring. You don’t have to be a CISO to recognize the
inherent risk in that.” “You’re ending up with AI everywhere and controls
nowhere,” added Ryan McCurdy ... “The risk is not theoretical,” he declared.
“When you can’t inventory where AI is running and what it’s touching, you can’t
enforce policy or investigate incidents with confidence.” ... While AI security
discussions often focus on hypothetical future threats, the report noted,
Zscaler’s red team testing revealed a more immediate reality: when enterprise AI
systems are tested under real adversarial conditions, they break almost
immediately. “AI systems are compromised quickly because they rely on multiple
permissions working together, whether those permissions are granted via service
accounts or inherited from user-level access,” explained Sunil
Gottumukkala ... “We’re seeing exposed model endpoints without proper
authentication, prompt injection vulnerabilities, and insecure API integrations
with excessive permissions,” he said. “Default configurations are being shipped
straight to production. Ultimately, it’s a fresh new field, and everyone’s
rushing to stake a claim, get their revenue up, and get to market fastest.”Offensive Security: A Strategic Imperative for the Modern CISO
Rather than remaining in a reactive stance focused solely on known threats,
modern CISOs are required to adopt a proactive and strategic approach. This
evolution necessitates the integration of offensive security as an essential
element of a comprehensive cybersecurity strategy, rather than viewing it as a
specialized technical activity. Boards now expect CISOs to anticipate emerging
threats, assess and quantify risks, and clearly demonstrate how security
investments contribute to safeguarding revenue, reputation, and organizational
resilience. ... Offensive security takes a different approach. Rather than
simply responding to threats, it actively replicates real-world attacks to
uncover vulnerabilities before cybercriminals exploit them. ... Offensive
security is crucial for today’s CISOs, helping them go beyond checking boxes
for compliance to actively discover, confirm, and measure security risks—such
as financial loss, damage to reputation, and disruptions to operations. By
mimicking actual cyberattacks, CISOs can turn technical vulnerabilities into
business risks, allowing for smarter resource use, clearer communication with
the board, and greater overall resilience. ... Chief Information Security
Officers (CISOs) are frequently required to substantiate their budget requests
with clear, empirical data. Offensive security plays a critical role in
demonstrating whether security investments effectively mitigate risk. CISOs
must provide evidence that tools, processes, and teams contribute measurable
value.Cyber Insights 2026: Cyberwar and Rising Nation State Threats
While both cyberwar and cyberwarfare will increase through 2026, cyberwarfare
is likely to increase more dramatically. The difference between the two should
not be gauged by damage, but by primary intent. This difference is important
because criminal activity can harm a business or industry, while nation state
activity can damage whole countries. It is the primary intent or motivation
that separates the two. Cyberwar is primarily motivated by financial gain.
Cyberwarfare is primarily motivated by political gain, which means it could be
a nation or an ideologically motivated group. ... The ultimate purpose of
nation state cyberwarfare is to prepare the battlefield for kinetic war. We
saw this with increased Russian activity against Ukraine immediately before
the 2022 invasion. Other nations are not yet (at least we hope not) generally
using cyber to prepare the battlefield. But they are increasingly
pre-positioning themselves within critical industries to be able to do so.
This geopolitical incentive together with the cyberattack and cyber stealth
capabilities afforded by advanced AI, suggests that nation state
pre-positioning attacks will increase dramatically over the next few years.
Pre-positioning is not new, but it will increase. ... “Geopolitics aside, we
can expect acts of cyberwar to increase over the coming years in large part
thanks to AI,” says Art Gilliand, CEO at Delinea. Cybersecurity planning keeps moving toward whole-of-society models
Private companies own and operate large portions of national digital
infrastructure. Telecommunications networks, cloud services, energy grids,
hospitals, and financial platforms all rely on private management. National
strategies therefore emphasize sustained engagement with industry and civil
society. Governments typically use consultations, working groups, and sector
forums to incorporate operational input. These mechanisms support realistic
policy design and encourage adoption across sectors. Incentives, guidance, and
shared tooling frequently accompany regulatory requirements to support
compliance. ... Interagency coordination remains a recurring focus. Ownership
of objectives reduces duplication and supports faster response during
incidents. National strategies frequently group objectives by responsible
agency to support accountability and execution. International coordination
also features prominently. Cyber threats cross borders with ease, leading
governments to engage through bilateral agreements, regional partnerships, and
multilateral forums. Shared standards, reporting practices, and norms of
behavior support interoperability across jurisdictions. ... Security
operations centers serve as focal points for detection and response. Metrics
tied to detection and triage performance support accountability and
operational maturity. Should I stay or should I go?
In the big picture, CISO roles are hard, and so the majority of CISOs switch
jobs every two to three years or less. Lack of support from senior leadership
and lack of budget commensurate with the organization’s size and industry are
top reasons for this CISO churn, according to The life and times of
cybersecurity professionals report from the ISSA. More specifically, CISOs
leave on account of limited board engagement, high accountability with
insufficient authority, executive misalignment, and ongoing barriers to
implementing risk management and resilience, according to an ISSA
spokesperson. ... A common red flag and reason CISO’s leave their jobs is
because leadership is paying “lip service” to auditors, customers and
competitors, says FinTech CISO Marius Poskus, a popular blogger on security
leadership who posted an essay about resigning from “security‑theater roles.”
... the biggest red flag is when leadership pushes against your professional
and personal ethics. For example, when a CEO or board wants to conceal
compliance gaps, cover up reportable breaches, and refuse to sign off on
responsibility for gaps and reporting failures they’ve been made aware of. ...
“A lot of red flags have to do with lack of security culture or mismatch in
understanding the risk tolerance of the company and what the actual risks are.
This red flag goes beyond: If they don’t want to be questioned about what
they’ve done so far, that is a huge red flag that they’re covering something
up,” Kabir explains.Preparing for the Unpredictable and Reshaping Disaster Recovery
When desktops live on physical devices alone, recovery can be slow. IT teams must reimage machines, restore applications, recover files, and verify security before employees can resume work. In industries where every hour of downtime has financial, operational, or even safety implications, that delay is costly. DaaS changes the equation. With cloud-based desktops, organizations can provision clean, standardized environments in minutes. If a device is compromised, employees can simply log in from another device and get back to work immediately. This eliminates many of the bottlenecks associated with endpoint recovery and gives organizations a faster, more controlled way to respond to cyber incidents. ... However, beyond these technical benefits, the shift to DaaS encourages organizations to adopt a more proactive, strategic mindset toward resilience. It allows teams to operate more flexibly, adapt to hybrid work models, and maintain continuity through a wider range of disruptions. ... DaaS offers a practical, future-ready way to achieve that goal. By making desktops portable, recoverable, and consistently accessible, it empowers organizations to maintain operations even when the unexpected occurs. In a world defined by unpredictability, businesses that embrace cloud-based desktop recovery are better positioned not just to withstand crises, but to move through them with agility and confidence.From Alert Fatigue to Agent-Assisted Intelligent Observability
/articles/agent-assisted-intelligent-observability/en/smallimage/agent-assisted-intelligent-thumbnail-1769595476571.jpg)
The maintenance burden grows with the system. Teams spend significant time
just keeping their observability infrastructure current. New services need
instrumentation. Dashboards need updates. Alert thresholds need tuning as
traffic patterns shift. Dependencies change and monitoring needs to adapt. It
is routine, but necessary work, and it consumes hours that could be used
building features or improving reliability. A typical microservices
architecture generates enormous volumes of telemetry data. Logs from dozens of
services. Metrics from hundreds of containers. Traces spanning multiple
systems. When an incident happens, engineers face a correlation problem. ...
The shift to intelligent observability changes how engineering work gets done.
Instead of spending the first twenty minutes of every incident manually
correlating logs and metrics across dashboards, engineers can review
AI-generated summaries that link deployment timing, error patterns, and
infrastructure changes. Incident tickets are automatically populated with
context. Root cause analysis, which used to require extensive investigation,
now starts with a clear hypothesis. Engineers still make the decisions, but
they are working from a foundation of analyzed data rather than raw signals.
... Systems are getting more complex, data volumes are increasing, and
downtime is getting more expensive. Human brains aren't getting bigger or
faster.AI is collapsing the career ladder - 5 ways to reach that leadership role now
Barry Panayi, group chief data officer at insurance firm Howden, said one of
the first steps for would-be executives is to make a name for themselves. ...
"Experiencing something completely different from the day-to-day job is about
understanding the business. I think that exposure is what gives me confidence
to have opinions on topics outside of my lane," he said. "It's those kinds of
opinions and contributions that get you noticed, not being a great data
person, because people will assume you're good at that area. After all, that's
why the board hired you." ... "Show that you understand the organization's
wider strategy and how your role and the team you lead fit within that
approach," he said. "It's also about thinking commercially -- being able to
demonstrate that you understand how the operational decisions you make, in
whatever aspect you're leading, impact top and bottom-line business value.
Think like a business shareholder, not just a manager of your team." ...
"Paying it forward is really important for the next generation," she said.
"And as a leader, if you're not creating the next generation and the
generation after that, what are you doing?" McCarroll said Helios Towers has a
strong culture of promoting and developing talent from within, including
certifying people in Lean Six Sigma through a leadership program with
Cranfield University, partnering closely with the internal HR department, and
developing regular succession planning opportunities. Leadership Is More Than Thinking—It's Doing
Leadership, at its core, isn't a point of view; it's a daily practice. Being
an effective leader requires more than being a thinker. It's also about being
a doer—someone willing to translate conviction into conduct, values into
decisions and belief into behavior. ... It's often inconsistency, not
substantial failure, that erodes workplace culture. Employees don't want to
hear from leaders only after a decision has already been made. Being a true
leader requires knowing what aspects of our environment we're willing to risk
before making any decision at all. ... Every time leaders postpone necessary
conversations, tolerate misaligned behavior or choose convenience over
courage, they incur what I call leadership debt. Like financial debt, it
compounds quietly, and it's always paid—but rarely by the leader who incurred
it. ... thinking strategically has never been more important. But it's not
enough to thrive. Organizations with exceptional strategic clarity can still
falter because leaders underestimate the "doing" aspect of change. They may
communicate the vision eloquently, then fail to stay close to employees' lived
experience as they try to deliver that vision. Meanwhile, teams can rise to
meet extraordinary challenges when leaders are present. Listening deeply,
acknowledging uncertainty and acting with transparency foster confidence and
reassurance in employees.
