Cyber attackers increasingly target SMBs because they are often the easiest path into larger supply chains. As cyberattacks are ramping up, specifically against Critical Infrastructure sectors, Small and Medium Businesses (SMBs) are feeling the press

Stryker, a major medical equipment provider for the healthcare sector, has suffered a destructive cyberattack that wiped corporate data and severed employee access, likely from an Iranian sponsored hacking group.

Stryker Corporation is a global leader

The military attacks involving Iran in the Middle East are the latest reminder that cybersecurity leadership must continually incorporate geopolitical risk into their enterprise cyber risk posture and preparedness.

Concerns for elevated risks against

After the United States and Israel began a bombing campaign on Iran, leading to the decapitation of its political and military leaders, the Middle East has erupted into waves of kinetic warfare. But what should we expect about cyber?

Iran has a formid

AI is transforming both cyber offense and defense, but the attackers hold distinct advantages.  AI tools can be used for attacks and defense but the attackers are less concerned with quality or problems.  They can use risky or unvetted technology wit

Governance of AI is the foundational cornerstone for establishing cybersecurity, privacy, compliance, and safety.  Without governance, AI adoption and use becomes the ‘wild west’ where everyone is doing whatever benefits them without foresight to the

The cybersecurity market was jolted last week after Anthropic dropped a bombshell announcement. The company’s new AI Claude model identified 500 previously unknown high-risk vulnerabilities hidden in widely used software. That is not a minor mileston

Cybersecurity leadership is faced with an impossible dilemma: either embrace AI and suffer the enormous risks or resist AI and be ostracized by executive leadership for inhibiting gains.

The solution is for CISOs to transform from a technology risk ex

AI tools are transforming the discovery of software vulnerabilities!  The recent Anthropic announcement showcases the capabilities, finding over 500 high-severity vulnerabilities that evaded traditional methods.

Attackers are early beneficiaries with

AI will dominate the course of cybersecurity in 2026! Attacker’s capabilities, growth of vulnerabilities among victims, defender’s technology, and the strategic management by CISOs are all radically changing.

Clip from my keynote delivered to the Nem

I have a busy week with podcasts, webinars, and a keynote! Communicating and sharing is vital to the cybersecurity industry. It is how we leverage shared knowledge and experiences to make more informed decisions and gain better positions against our

I am giving a keynote about the emerging cybersecurity challenges for 2026 to the Nemertes community and everyone is welcome! Wed Feb 18th, 5 PM ET.

This private community of technology luminaries has agreed to allow anyone to attend the keynote by si

Be sure to join the amazing Ashley Rose, CEO of Living Security, as we discuss how cybersecurity will impact human risk in 2026, live on Tues Feb 17^th at noon Pacific time.

2026 Topics:

• AI supercharging social engineering
• AI accelerating vulnerability e

I am really excited to talk about how AI is going to turn cybersecurity upside down in 2026 with the Nemertes community in a virtual webinar on Feb 18th at 2pm Pacific. This will be an open discussion with these science and technology luminaries! 
 
I

The recent attack against the Polish power grid has been attributed to ELECTRUM, a Russian state-sponsored cyber group. That hack sought to disable communications and control units in Industrial Control Systems of heat and power systems.

Aggressive Na

Finding trustworthy cybersecurity partners and services is challenging! That is why I am partnering with Clutch and its community to curate a list of providers that have built authentic reputations supported by verified customer ratings and comments!

I really hope this catches on!

Firefox is making a bold move to include an easy option to block AI enhancements in their browser! The respected browser company recognizes the backlash coming from security and privacy issues with AI.

Beginning on Feb 24

A great example of how uninformed leaders (in this case of cybersecurity) who does not understand the assignment and leaks sensitive data via an AI chat tool.

Even though the US Cybersecurity and Infrastructure Security Agency has a policy that forbid

Does this process flow look familiar? It is the compounding failure due to an absence of cybersecurity fundamentals.

When innovation plows forward without the benefit of cybersecurity, there will eventually be tears, finger pointing, denial, and loss.