AI is transforming both cyber offense and defense, but the attackers hold distinct advantages.  AI tools can be used for attacks and defense but the attackers are less concerned with quality or problems.  They can use risky or unvetted technology wit

Governance of AI is the foundational cornerstone for establishing cybersecurity, privacy, compliance, and safety.  Without governance, AI adoption and use becomes the ‘wild west’ where everyone is doing whatever benefits them without foresight to the

The cybersecurity market was jolted last week after Anthropic dropped a bombshell announcement. The company’s new AI Claude model identified 500 previously unknown high-risk vulnerabilities hidden in widely used software. That is not a minor mileston

Cybersecurity leadership is faced with an impossible dilemma: either embrace AI and suffer the enormous risks or resist AI and be ostracized by executive leadership for inhibiting gains.

The solution is for CISOs to transform from a technology risk ex

AI tools are transforming the discovery of software vulnerabilities!  The recent Anthropic announcement showcases the capabilities, finding over 500 high-severity vulnerabilities that evaded traditional methods.

Attackers are early beneficiaries with

AI will dominate the course of cybersecurity in 2026! Attacker’s capabilities, growth of vulnerabilities among victims, defender’s technology, and the strategic management by CISOs are all radically changing.

Clip from my keynote delivered to the Nem

I am giving a keynote about the emerging cybersecurity challenges for 2026 to the Nemertes community and everyone is welcome! Wed Feb 18th, 5 PM ET.

This private community of technology luminaries has agreed to allow anyone to attend the keynote by si

Be sure to join the amazing Ashley Rose, CEO of Living Security, as we discuss how cybersecurity will impact human risk in 2026, live on Tues Feb 17^th at noon Pacific time.

2026 Topics:

• AI supercharging social engineering
• AI accelerating vulnerability e

The Cybersecurity Vault — episode 52, with guest Wil Klusovsky.

Wil discusses the essential questions that CEOs should be asking their CISOs. He explores the importance of effective communication between technical and business perspectives, the need f

I am looking forward to a lively discussion about key learnings from breaches in 2025!

This will be a LIVE panel discussion and I will be joining the ranks of Sachin Deodhar (Former CTO, Government Intelligence Establishment), Maril Vernon (Field Off

2026 will be a transformational year for cybersecurity, fueled by Artificial Intelligence.

This is the full Top 10 Cybersecurity Predictions video. By the end, you will see how the maneuvering of the threat agents will win by exploiting the capabiliti

Cybersecurity Insights podcast listed in the 125 Podcasts from Thinkers360 Thought Leaders You Should Listen To in 2026!

Check out the full list of 125 recommended podcasts: https://www.thinkers360.com/125-podcasts-from-thinkers360-thought-leaders-yo

Success of cybersecurity is often hidden and ROI in healthcare is challenging to address! Jason Elrod, the CISO of MultiCare Health Systems, ties the investment in security to the core healthcare mission and showcases how resilience is key.

Check out

Thanks to the Trust in Digital Life for hosting a great panel discussion about the major cybersecurity trends in 2025. It was my honor to share insights with Iva Tasheva and Scott Algeier.

Watch the video for the full discussion or check out the summa

In today’s digital age, cybercriminals are leveraging AI to craft more convincing phishing scams. Recently, I encountered a sophisticated phishing attempt that underscores the growing threat of AI-powered fraud. Here’s what you need to know to protec

China has implemented a 1-hour reporting requirement for severe cybersecurity incidents! First, this is in stark contrast to the disorganized and lengthy US reporting requirements, but more importantly it provides insights to one of the most aggressi

In this episode, cybersecurity expert Matthew Rosenquist delves into the contrasting approaches of China and the United States in handling severe cybersecurity incidents. Discover how China’s one-hour reporting regulation for critical infrastructure