All Articles

How good are AI models getting at technical tasks?  …better than most humans in MANY fields.

This has serious implications for cybersecurity!  The attackers and defenders will leverage these models in many ways that will impact the overall trust in th

I had a great discussion on the Full Metal Packet podcast, talking with Yegor Sak and Alex Paguis, about the cybersecurity risks and challenges that is accompanying the global adoption of AI. 

These fundamental issues are outlined in the 2026 Cyberse

CISO Breach & AI Threat Intelligence Report

• For NAM CISOs and security leaders walking into the office this morning
• Coverage window: incidents and vulnerabilities surfaced in roughly the last 24 hours (US & Canada-first, with global items that mater

CISO Breach & AI Threat Intelligence Report

• For NAM CISOs and security leaders walking into the office this morning
• Coverage window: incidents and vulnerabilities surfaced in roughly the last 24 hours (US & Canada–first, with global items that mater

Anthropic’s latest AI Model, Claude Mythos, will break the cybersecurity vulnerability management operational models. Mythos is so good at discovering and building viable exploits it is currently being rolled-out in a controlled manner under “Project

Details emerge on how Axios was infected with a Remote Access Trojan in March, undermining the security in one of the most popular JavaScript libraries that has 100 million downloads weekly.  The attack path was a customized social engineering attack

As of March 31st, Google is allowing users to change their primary Gmail address username. Although a nice feature for those who created unfortunate names originally, it may also undermine spam and phishing blocking.

The feature is intended to allow t

The Artemis II mission, bringing humans back to the Moon, had a successful launch today! An amazing cumulation of efforts to manage the mindboggling combination of risks to push a massive rocket into space, in preparation for a trip to orbit the Moon

The RSAC conference has once again descended upon San Francisco and delivered an event that brings together the largest collection of industry leaders, technologies, and cybersecurity community events!

Over the course of several days, attendees acces

AI has become the most powerful tool for financial fraud since the dawn of the Internet. As predicted, criminals are exploiting it faster, more effectively, and at scale.

According to the latest Interpol Global Financial Fraud Report, AI-enhanced fr

Cyber attackers increasingly target SMBs because they are often the easiest path into larger supply chains. As cyberattacks are ramping up, specifically against Critical Infrastructure sectors, Small and Medium Businesses (SMBs) are feeling the press

Stryker, a major medical equipment provider for the healthcare sector, has suffered a destructive cyberattack that wiped corporate data and severed employee access, likely from an Iranian sponsored hacking group.

Stryker Corporation is a global leader

The military attacks involving Iran in the Middle East are the latest reminder that cybersecurity leadership must continually incorporate geopolitical risk into their enterprise cyber risk posture and preparedness.

Concerns for elevated risks against

After the United States and Israel began a bombing campaign on Iran, leading to the decapitation of its political and military leaders, the Middle East has erupted into waves of kinetic warfare. But what should we expect about cyber?

Iran has a formid

AI is transforming both cyber offense and defense, but the attackers hold distinct advantages.  AI tools can be used for attacks and defense but the attackers are less concerned with quality or problems.  They can use risky or unvetted technology wit

Governance of AI is the foundational cornerstone for establishing cybersecurity, privacy, compliance, and safety.  Without governance, AI adoption and use becomes the ‘wild west’ where everyone is doing whatever benefits them without foresight to the

The cybersecurity market was jolted last week after Anthropic dropped a bombshell announcement. The company’s new AI Claude model identified 500 previously unknown high-risk vulnerabilities hidden in widely used software. That is not a minor mileston

Cybersecurity leadership is faced with an impossible dilemma: either embrace AI and suffer the enormous risks or resist AI and be ostracized by executive leadership for inhibiting gains.

The solution is for CISOs to transform from a technology risk ex

AI tools are transforming the discovery of software vulnerabilities!  The recent Anthropic announcement showcases the capabilities, finding over 500 high-severity vulnerabilities that evaded traditional methods.

Attackers are early beneficiaries with

AI will dominate the course of cybersecurity in 2026! Attacker’s capabilities, growth of vulnerabilities among victims, defender’s technology, and the strategic management by CISOs are all radically changing.

Clip from my keynote delivered to the Nem