Quote for the day:
"Build your own dreams, or someone else will hire you to build theirs." -- Farrah Gray
Agentic AI adoption in application security sees cautious growth
The study highlights a considerable proportion of the market preparing for
broader adoption, with nearly 50% of respondents planning to integrate agentic
AI tools within the next year. The incremental approach taken by organisations
reflects a degree of caution, particularly around the concept of granting AI
systems the autonomy to make decisions independently. ... The survey
results illustrate the impact agentic AI could have on software development
pipelines. Thirty percent of respondents believe integrating agentic AI into
continuous integration and continuous deployment (CI/CD) pipelines would
significantly enhance the process. The increased speed and frequency of code
deployment-termed "vibe coding" in industry parlance-has led to faster
development cycles. This acceleration does not necessarily alter the ratio of
application security personnel to developers, but it can create the impression
of a widening gap, with security teams struggling to keep up. ... Key findings
from the survey reveal varied perceptions on the utility of agentic AI for
security teams. Forty-four percent of those surveyed believe agentic AI's
greatest benefit lies in supporting the identification, prioritisation, and
remediation of vulnerabilities. Why Conventional Disaster Recovery Won’t Save You from Ransomware
Cyber incident recovery planning means taking measures that mitigate the
unique challenges of ransomware recovery, such as: Immutable, offsite backups.
These backups are stored offsite to minimise the risk that threat actors will
be able to destroy backup data. While clean-room recovery environments serve
as a secondary environment where workloads can be spun back up following a
ransomware attack. This makes it possible to keep the original environment
intact for forensics purposes while still performing rapid recovery. Finally,
to avoid replicating the malware that led to the ransomware breach, cyber
incident recovery must include a process for finding and extricating malware
from backups prior to recovery. The unpredictable nature of ransomware attacks
means that cyber incident recovery operations must be flexible enough to
enable a nimble reaction to unexpected circumstances, like redeploying
individual applications instead of simply replicating an entire server image
if the server was compromised but the apps were not. ... Maintaining these
capabilities can be challenging, even for organisations with extensive IT
resources. In addition to the operational complexity of having to manage a
secondary, clean-room recovery site and formulate intricate ransomware
recovery plans, it’s costly to acquire and maintain the infrastructure
necessary to ensure successful recovery.Cybersecurity takes a big hit in new Trump executive order
Specific orders Trump dropped or relaxed included ones mandating (1) federal
agencies and contractors adopt products with quantum-safe encryption as they
become available in the marketplace, (2) a stringent Secure Software
Development Framework (SSDF) for software and services used by federal
agencies and contractors, (3) the adoption of phishing-resistant regimens such
as the WebAuthn standard for logging into networks used by contractors and
agencies, (4) the implementation new tools for securing Internet routing
through the Border Gateway Protocol, and (5) the encouragement of digital
forms of identity. ... Critics said the change will allow government
contractors to skirt directives that would require them to proactively fix the
types of security vulnerabilities that enabled the SolarWinds compromise.
"That will allow folks to checkbox their way through 'we copied the
implementation' without actually following the spirit of the security controls
in SP 800-218," Jake Williams, a former hacker for the National Security
Agency who is now VP of research and development for cybersecurity firm Hunter
Strategy, said in an interview. "Very few organizations actually comply with
the provisions in SP 800-218 because they put some onerous security
requirements on development environments, which are usually [like the] Wild
West."Mitigating AI Threats: Bridging the Gap Between AI and Legacy Security
AI systems, particularly those with adaptive or agentic capabilities, evolve dynamically, unlike static legacy tools built for deterministic environments. This inconsistency renders systems vulnerable to AI-focused attacks, such as data poisoning, prompt injection, model theft, and agentic subversion—attacks that often evade traditional defenses. Legacy tools struggle to detect these attacks because they don’t followpredictable patterns, requiring more adaptive, AI-specific security solutions. Human flaws and behavior only worsen these weaknesses; insider attacks, social engineering, and insecure interactions with AI systems leave organizations vulnerable to exploitation. ... AI security frameworks like NIST’s AI Risk Management Framework incorporate human risk management to ensure that AI security practices align with organizational policies. Also modeled on the fundamental C.I.A. triad, the “manage” phase specifically includes employee training to uphold AI security principles across teams. For effective use of these frameworks, cross-departmental coordination is required. There needs to be collaboration among security staff, data scientists, and human resource practitioners to formulate plans that ensure AI systems are protected while encouraging their responsible and ethical use.Modernizing your approach to governance, risk and compliance
Historically, companies treated GRC as an obligation to meet–and if legacy
solutions were effective enough in meeting GRC requirements, organizations
struggled to make a case for modernization. A better way to think about GRC is a
means of maximizing the value for your company by tying out those efforts to
unlock revenue and increased customer trust, and not simply by reducing risks,
passing audits, and staying compliant. GRC modernization can open the door to a
host of other benefits, such as increased velocity of operations and an enhanced
team member (both GRC team members and internal control / risk owners alike)
experience. For instance, for businesses that need to demonstrate compliance to
customers as part of third-party or vendor risk management initiatives, the
ability to collect evidence and share it with clients faster isn’t just a step
toward risk mitigation. These efforts also help close more deals and speed up
deal cycle time and velocity. When you view GRC as an enabler of business value
rather than a mere obligation, the value of GRC modernization comes into much
clearer focus. This vision is what businesses should embrace as they seek to
move away from legacy GRC strategies that don’t waste time and resources, but
fundamentally reduce their ability to stay competitive.
What is Cyberespionage? A Detailed Overview
Cyber espionage involves the unauthorized access to confidential information, typically to gain strategic, political, or financial advantage. This form of espionage is rooted in the digital world and is often carried out by state-sponsored actors or independent hackers. These attackers infiltrate computer systems, networks, or devices to steal sensitive data. Unlike cyber attacks, which primarily target financial gain, cyber espionage is focused on intelligence gathering, often targeting government agencies, military entities, corporations, and research institutions. ... One of the primary goals of cyber espionage is to illegally access trade secrets, patents, blueprints, and proprietary technologies. Attackers—often backed by foreign companies or governments—aim to acquire innovations without investing in research and development. Such breaches can severely damage a competitor’s advantage, leading to billions in lost revenue and undermining future innovation. ... Governments and other organizations often use cyber espionage to gather intelligence on rival nations or political opponents. Cyber spies may breach government networks or intercept communications to secretly access sensitive details about diplomatic negotiations, policy plans, or internal strategies, ultimately gaining a strategic edge in political affairs.European Commission Urged to Revoke UK Data Adequacy Decision Due to Privacy Concerns
The items in question include sweeping new exemptions that allow law enforcement
and government agencies to access personal data, loosening of regulations
governing automated decision-making, weakening restrictions on data transfers to
“third countries” that are otherwise considered inadequate by the EU, and
increasing the possible ways in which the UK government would have power to
interfere with the regular work of the UK Data Protection Authority. EDRi also
cites the UK Border Security, Asylum and Immigration Bill as a threat to data
adequacy, which has passed the House of Commons and is currently before the
House of Lords. The bill’s terms would broaden intelligence agency access to
customs and border control data, and exempt law enforcement agencies from UK
GDPR terms. It also cites the UK’s Public Authorities (Fraud, Error and
Recovery) Bill, currently scheduled to go before the House of Lords for review,
which would allow UK ministers to order that bank account information be made
available without demonstrating suspicion of wrongdoing. The civil society group
also indicates that the UK ICO would likely become less independent under the
terms of the UK Data Bill, which would give the UK government expanded ability
to hire, dismiss and adjust the compensation of all of its board members.
NIST flags rising cybersecurity challenges as IT and OT systems increasingly converge through IoT integration
Connectivity can introduce significant challenges for organizations attempting
to apply cybersecurity controls to OT and certain IoT products. OT equipment may
use modern networking technologies like Ethernet or Wi-Fi, but is often not
designed to connect to the internet. In many cases, OT and IoT systems
prioritize trustworthiness aspects such as safety, resiliency, availability, and
cybersecurity differently than traditional IT equipment, which can complicate
control implementation. While IoT devices can sometimes replace OT equipment,
they often introduce different or significantly expanded functionality that
organizations must carefully evaluate before moving forward with replacement.
Organizations should consider how other aspects of trustworthiness, such as
safety, privacy, and resiliency, factor into their approach to cybersecurity. It
is also important to address how they will manage the differences in expected
service life between IT, OT, and IoT systems and their components. The agency
identified that federal agencies are actively deploying IoT technologies to
enhance connectivity, security, environmental monitoring, transportation,
healthcare, and industrial automation.
How Organizations Can Cross the Operational Chasm
A fundamental shift in operational capability is reshaping the competitive
landscape, creating a clear distinction between market leaders and laggards.
This growing divide isn’t merely about technological adoption — it represents a
strategic inflection point that directly affects market position, customer
retention and shareholder value. ... The message is clear: Organizations must
bridge this divide to remain competitive. Crossing this chasm requires more than
incremental improvements. It demands a fundamental transformation in operational
approach, embracing AI and automation to build the resilience necessary for
today’s digital landscape. ... Digital operations resiliency is a proactive
approach to safeguarding critical business services by reducing downtime and
ensuring seamless customer experiences. It focuses on minimizing operational
disruptions, protecting brand reputation and mitigating business risk through
standardized incident management, automation and compliance with service-level
agreements (SLAs). Real-time issue resolution, efficient workflows and
continuous improvement are put into place to ensure operational efficiency at
scale, helping to provide uninterrupted service delivery.
7 trends shaping digital transformation in 2025 - and AI looms large
Poor integration is the common theme behind all these challenges. If agents are
unable to access the data and capabilities they need to understand user queries,
find a solution, and resolve these issues for them, their impact is severely
limited. As many as 95% of IT leaders claim integration issues are a key factor
that impedes AI adoption. ... The surge in demand for AI capabilities will
exacerbate the problem of API and agent sprawl, which occurs when different
teams and departments build integrations and automations without any centralized
management or coordination. Already, an estimated quarter of APIs are
ungoverned. Three-fifths of IT and security practitioners said their
organizations had at least one data breach due to API exploitation, according to
a 2023 study from the Ponemon Institute and Traceable. ... Robotic process
automation (RPA) is already helping organizations enhance efficiency, cut
operational costs, and reduce manual toil by up to two hours for each employee
every week in the IT department alone. These benefits have driven a growing
interest in RPA. In fact, we could see near-universal adoption of the technology
by 2028, according to Deloitte. In 2025, organizations will evolve their use of
RPA technology to reduce the need for humans at every stage of the operational
process.
