At the moment it functions as an executive support team. Keeping an eye on my personal email inbox, looking at social media and so forth. It also can review my written work and critique it and one subagent is tasked with reviewing my musical output and helping me to improve it.
This is my ontology. 991 entities — threat actors, malware, CVEs, relationships — built over months of work.
That's context engineering. Not prompt engineering.
The CISO who bans AI doesn't stop AI use. They stop visible AI use. Shadow AI follows prohibition, not permission.
Security vendors have discovered AI. So have the attackers.
Every booth at RSA will say "AI-powered". Ask any of them what they're doing about prompt injection or context poisoning and watch the subject change.
Compliance theatre got a software update.
CISA Emergency Directive: Cisco SD-WAN auth bypass (CVSS 10), exploited since 2023. Patch now, no workaround, assume prior compromise.
Also active: Dell RecoverPoint CVSS 10, Chrome UAF, two RoundCube RCEs.
cisointelligence.substack.com/p/breaking-four-cves-under-active-exploitation
The Pentagon declared Anthropic a supply chain risk. Not for a breach. Because they refused to remove AI safety guardrails.
DoD wanted autonomous weapons decisions + mass surveillance capability. Anthropic said no.
For CISOs: AI vendor safety commitments are now subject to government compulsion.
Ransomware payments: 28% of attacks in 2026. Record low. Not a win.
Operators shifted from encryption to exfiltration. No decryption key to negotiate. Marquis v. SonicWall heads to trial. Vendor liability for breach pathways is becoming case law.
#CISO #CyberSecurity
The CISO question isn't "which Guardian Agent do I buy?"
It's: does this agent have security properties intrinsic to how it's built, or does it need external supervision to behave?
Those are different problems. The incumbents are building better dashboards for the second type.
With a little holiday time on my hands, I'm publishing a story I've had on the back burner for some time. Lucky Break (Chapter One)
I'm pleased and proud to announce that @kuppingercole's Leadership Compass for Generative AI Defense is now available to members! Simply login and buff.ly/lZyFT73 will give you one of the first analyst reports into this area, offering valuable advice to the CISO or security architects
In today's CISO Intelligence: Another digital tsunami, this new-fangled thing called progress, the lesson for today, keeping all bases covered, the party's over, and the same but different.
In today's CISO Intelligence: The choreography doesn't always tell the story, when trust becomes a question mark, a dubious crown, a new use for a resurrected tool, not the Bond villain but close, and the red alerts we will all like.
On today's CISO Intelligence: The never-ending pruning story, who left the doors unlocked? When privacy goes out of the window, the day the tide turned, a major blunder, and subtlety: the unwanted gentle touch.
In today's CISO Intelligence: The magic trick no-one wants, no time for slacking, do the homework! Making big waves, raising the defensive game, and oh - the irony!
In today's CISO Intelligence: What you see is not always what you get, not the usual teamwork, rapid rethink required, rebooting is now on steroids, too many hands cause chaos, and secrets laid bare.
In today's CISO Intelligence: A most ingenious paradox, just one smooth move, money making the world go around, guarding the vault, when tall tales get called out, and who's zooming who?
In today's CISO Intelligence: Looks like the families just shook hands, a change of season doesn’t mean time to relax, when reality bites, untangling woven webs, it's scary when the protectors join the dark side, and the party's over.
In today's CISO Intelligence: For the moments that get missed, keeping noses to the ground, unseen and unwanted guests, mimicry is not always a good thing, all hands on deck: now, and a full one-eighty.
In today's CISO Intelligence: Not all specters wear sheets, shadow workers, invisible perils, raising the security game, getting blinded by status, and the art of exploitation.
In today's CISO Intelligence: Consent is a choice, convenience isn't always a good thing, when the joke turns to malice, the least sexy work with the greatest priority, the silent art of digital disguise, and use it or lose it!
In today's CISO Intelligence: Colour us conned, when the unseen invites the unwanted, it's never too late to upgrade, learning to speak the same language, not every helper has your back, and even empathy can be weaponized.
