Quote for the day:
"Courage doesn't mean you don't get afraid. Courage means you don't let fear stop you." -- Bethany Hamilton
The first three things you’ll want during a cyberattack
The first wave of panic a cyberattack comes from uncertainty. Is it ransomware?
A phishing campaign? Insider misuse? Which systems are compromised? Which are
still safe? Without clarity, you’re guessing. And in cybersecurity, guesswork
can waste precious time or make the situation worse. ... Clarity transforms
chaos into a manageable situation. With the right insights, you can quickly
decide: What do we isolate? What do we preserve? What do we shut down right now?
The MSPs and IT teams that weather attacks best are the ones who can answer
those questions without delays. ... Think of it like firefighting: Clarity tells
you where the flames are, but control enables you to prevent the blaze from
consuming the entire building. This is also where effective incident response
plans matter. It’s not enough to have the tools; you need predefined roles,
playbooks and escalation paths so your team knows exactly how to assert control
under pressure. Another essential in this scenario is having a technology stack
with integrated solutions that are easy to manage. ... Even with visibility and
containment, cyberattacks can leave damage behind. They can encrypt data and
knock systems offline. Panicked clients demand answers. At this stage, what
you’ll want most is a lifeline you can trust to bring everything back and get
the organization up and running again.Emotional Blueprinting: 6 Leadership Habits To See What Others Miss
Most organizations use tools like process mapping, journey mapping, and service
blueprinting. All valuable. But often, these efforts center on what needs to
happen operationally—steps, sequences, handoffs. Even journey maps that include
emotional states tend to track generalized sentiment (“frustrated,” “confused”)
at key stages. What’s often missing is an observational discipline that reveals
emotional nuance in real time. ... People don’t just come to get things done.
They come with emotional residue—worries, power dynamics, pride, shame, hope,
exhaustion. And while you may capture some of this through traditional tools,
observation fills in what the tools can’t name. ... Set aside assumptions and
resist the urge to explain. Just watch. Let insight come without forcing
interpretation. ... Focus on micro-emotions in the moment, then pull back to
observe the emotional arc of a journey. ... Observe what happens in
thresholds—hallways, entries, exits, loading screens. These in-between moments
often hold the strongest emotional cues. ... Track how people react, not just
what they do. Does their behavior show trust, ease, confusion, or hesitance? ...
Trace where momentum builds—or breaks. Energy flow is often a more reliable
signal than feedback forms.Cloud security gaps widen as skills & identity risks persist
According to the report, today's IT environment is increasingly complicated. The
data shows that 82% of surveyed organisations now operate hybrid environments,
and 63% make use of multiple cloud providers. As the use of cloud services
continues to expand, organisations are required to achieve unified security
visibility and enforce consistent security policies across fragmented platforms.
However, the research found that most organisations currently lack the necessary
controls to manage this complexity. This deficiency is leading to blind spots
that can be exploited by attackers. ... The research identifies identity
management as the central vulnerability in current cloud security practices. A
majority of respondents (59%) named insecure identities and permissions as their
primary cloud security concern. ... "Identity has become the cloud's weakest
link, but it's being managed with inconsistent controls and dangerous
permissions. This isn't just a technical oversight; it's a systemic governance
failure, compounded by a persistent expertise gap that stalls progress from the
server room to the boardroom. Until organisations get back to basics, achieving
unified visibility and enforcing rigorous identity governance, they will
continue to be outmanoeuvred by attackers," said Liat Hayun, VP of Product and
Research at Tenable. Biometrics inspire trust, policy-makers invite backlash
The digital ID ambitions of the EU and World are bold, the adoption numbers
still to come, they hope. Romania is reducing the number of electronic identity
cards it is planning to issue for free by a million and a half following a cut
to the project’s budget. It risks fines that eventually in theory could stretch
into hundreds of millions of euros for missing the EU’s digital ID targets.
World now gives fans of IDs issued by the private sector, iris biometrics,
decentralized systems and blockchain technologies an opportunity to invest in
them on the NASDAQ. ... An analysis of the Online Safety Act by the ITIF
cautions that any attempt to protect children from online harms invites backlash
if it blocks benign content, or if it isn’t crystal clear about the lines
between harmful and legal content. Content that promotes self-harm is being made
illegal in the UK under the OSA, shifting the responsibility of online platforms
from age assurance to content moderation. By making the move under the OSA, new
UK Tech Secretary Liz Kendall risks strengthening arguments that the government
is surreptitiously increasing censorship. Her predecessor Peter Kyle,
having presided over the project so far, now gets to explain it to the American
government as Trade Secretary. Domestically, more children than adults consider
age checks effective, survey respondents tell Sumsub, but nearly half of UK
consumers worry about the OSA leading to censorship.
How to make your people love change
The answer lies in a core need every person has: self-concordance. When change
is aligned with a person’s aspirations, values, and purpose, they are more
likely to embrace it. To make that happen, we need a mindset shift. This needs
to happen at two levels. ... The first thing to consider is that we have to
think of employees not as objects of change but as internal customers. Just like
marketers try to study consumer behaviour and aspirations with deep granularity,
we must try to understand employees in similar detail. And not just see them as
professionals but as individuals. ... Second, it meets the employees where they
are, instead of trying to push them towards an agenda. And third, and most
importantly, it makes them not just invested in the change process but turns
them into the change architects. What these architects will build may not be the
same as what we want them to, but there will be some overlaps. And because we
empowered them to do this, they become fellow travelers, and this creates a
positive change momentum, which we can harvest to effect the changes we want as
well. ... We worked with a client where there was a need to get out of
excessively critical thinking—a practice that had kept them compliant and
secure, but was now coming in the way of growth—and move towards a more positive
culture.
Cloud-Native Security in 2025: Why Runtime Visibility Must Take Center Stage
For years, cloud security has leaned heavily on preventative controls like code scanning, configuration checks, and compliance enforcement. While essential, these measures provide only part of the picture. They identify theoretical risks, but not whether those risks are active and exploitable in production. Runtime visibility fills that gap. By observing what workloads are actually running — and how they behave — security teams gain the highest fidelity signal for prioritizing threats. ... Modern enterprises face an avalanche of alerts across vulnerability scanners, cloud posture tools, and application security platforms. The volume isn't just overwhelming — it's unsustainable. Analysts often spend more time triaging alerts than actually fixing problems. To be effective, organizations must map vulnerabilities and misconfigurations to:The workloads that are actively running. The business applications they support. The teams responsible for fixing them. This alignment is critical for bridging the gap between security and development. Developers often see security findings as disruptive, low-context interruptions. ... Another challenge enterprises face is accountability. Security findings are only valuable if they reach the right owner with the right context. Yet in many organizations, vulnerabilities are reported without clarity about which team should fix them.Want to get the most out of agentic AI? Get a good governance strategy in place
The core challenge for CIOs overseeing agentic AI deployments will lie in
ensuring that agentic decisions remain coherent with enterprise-level intent,
without requiring constant human arbitration. This demands new governance models
that define strategic guardrails in machine-readable logic and enforce them
dynamically across distributed agents. ... Agentic agents in the network,
especially those retrained or fine-tuned locally, may fail to grasp the nuance
embedded in these regulatory thresholds. Worse, their decisions might be
logically correct yet legally indefensible. Enterprises risk finding themselves
in court arguing the ethical judgment of an algorithm. The answer lies in hybrid
intelligence: pairing agents’ speed with human interpretive oversight for edge
cases, while developing agentic systems capable of learning the contours of
ambiguity. ... Enterprises must build policy meshes that understand where an
agent operates, which laws apply, and how consent and access should behave
across borders. Without this, global companies risk creating algorithmic
structures that are legal in no country at all. In regulated industries, ethical
norms require human accountability. Yet agent-to-agent systems inherently reduce
the role of the human operator. This may lead to catastrophic oversights, even
if every agent performs within parameters.The Critical Role of SBOMs (Software Bill of Materials) In Defending Medtech From Software Supply Chain Threats
One of the primary benefits of an SBOM is enhanced transparency and
traceability. By maintaining an accurate and up-to-date inventory of all
software components, organizations can trace the origin of each component and
monitor any changes or updates. ... SBOMs play a vital role in vulnerability
management. By knowing exactly what components are present in their software,
organizations can quickly identify and address vulnerabilities as they are
discovered. Automated tools can scan SBOMs against known vulnerability
databases, alerting organizations to potential risks and enabling timely
remediation. ... For medical device manufacturers, compliance with regulatory
requirements is paramount. Regulatory bodies, such as the U.S. FDA (Federal Drug
Administration) and the EMA (European Medicines Agency), have recognized the
importance of SBOMs in ensuring the security and safety of medical devices. ...
As part of this regulatory framework, the FDA emphasizes the importance of
incorporating cybersecurity measures throughout the product lifecycle, from
design and development to post-market surveillance. One of the critical
components of this guidance is the inclusion of an SBOM in premarket
submissions. The SBOM serves as a foundational element in identifying and
managing cybersecurity risks. The FDA’s requirement for an SBOM is not just
about listing software components; it’s about promoting a culture of
transparency and accountability within the medical device industry.
Shedding light on Shadow AI: Turning Risk to Strategic Advantage
The fact that employees are adopting these tools on their own tells us something
important: they are eager for greater efficiency, creativity, and autonomy.
Shadow AI often emerges because enterprise tools lag what’s available in the
consumer market, or because official processes can’t keep pace with employee
needs. Much like the early days of shadow IT, this trend is a response to
bottlenecks. People want to work smarter and faster, and AI offers a tempting
shortcut. The instinct of many IT and security teams might be to clamp down,
block access, issue warnings, and attempt to regain control. ... Employees using
AI independently are effectively prototyping new workflows. The real question
isn’t whether this should happen, but how organisations can learn from and build
on these experiences. What tools are employees using? What are they trying to
accomplish? What workarounds are they creating? This bottom-up intelligence can
inform top-down strategies, helping IT teams better understand where existing
solutions fall short and where there’s potential for innovation. Once shadow AI
is recognised, IT teams can move from a reactive to a proactive stance, offering
secure, compliant alternatives and frameworks that still allow for
experimentation. This might include vetted AI platforms, sandbox environments,
or policies that clarify appropriate use without stifling initiative.
