#digital-risk-management
#digital-risk-management

10 hours ago

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

fromwww.npr.org

12 hours ago

US news

How AI is getting better at finding security holes

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

fromHarvard Business Review

Information security

What Are Security Experts Saying About Claude Mythos and Project Glasswing?

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

10 hours ago

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

fromwww.npr.org

12 hours ago

US news

How AI is getting better at finding security holes

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

fromHarvard Business Review

What Are Security Experts Saying About Claude Mythos and Project Glasswing?

Claude Mythos Preview enhances vulnerability detection but poses risks if misused by cybercriminals, prompting Anthropic to limit its public release.

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

more#ai

Careers

Businesses are paying the price for CISO burnout | Computer Weekly

Burnout among CISOs poses significant risks to businesses, driven by overwhelming responsibilities and rising cyber threats.

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.

The digital sovereignty dilemma is a false choice - here's how enterprises can have both | Fortune

Organizations must ensure digital sovereignty by balancing local control with global technology access to remain resilient and competitive.

Breaking the stranglehold: Responses to data sovereignty risk | Computer Weekly

UK and EU initiatives aim to enhance digital sovereignty and reduce reliance on US cloud providers.

DevOps

The digital sovereignty dilemma is a false choice - here's how enterprises can have both | Fortune

Organizations must ensure digital sovereignty by balancing local control with global technology access to remain resilient and competitive.

Breaking the stranglehold: Responses to data sovereignty risk | Computer Weekly

UK and EU initiatives aim to enhance digital sovereignty and reduce reliance on US cloud providers.

more#digital-sovereignty

Tech industry

AI Expansion, Security Crises, and Workforce Upheaval Define This Week in Tech - TechRepublic

The tech industry faces rapid innovation alongside significant instability, highlighted by AI advancements and economic proposals amid ongoing layoffs.

Law

fromIndependent

Computer engineer claims he was penalised for flagging Israeli links of firm given 'bananas' server access at top Irish cybersecurity company

A cyber-security firm reprimanded an engineer for discriminatory comments regarding an Israeli company's access to its servers amid concerns about Palestinian genocide.

#cybersecurity

fromnews.bitcoin.com

Cryptocurrency

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

Healthcare

Healthcare Executives Face a New Era of Personal Risk

fromwww.theguardian.com

Artificial intelligence

US summoned bank bosses to discuss cyber risks posed by Anthropic's latest AI model

Information security

US push to counter hackers draws industry deeper into offensive cyber debate

10 Data Security Stories to Know About (March 2026)

March saw significant data security incidents including cyberattacks, data purchases by the FBI, and breaches affecting millions of customers.

Your router may be vulnerable to Russian hackers, FBI warns: 5 steps to take now

FBI and NSA warn of Russian hackers targeting vulnerable routers, urging users to update firmware and strengthen passwords.

Cryptocurrency

fromnews.bitcoin.com

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.

Healthcare

Healthcare Executives Face a New Era of Personal Risk

Healthcare executives face heightened personal risks due to grievance-motivated cyber threats amid economic pressures and public accountability.

fromwww.theguardian.com

US summoned bank bosses to discuss cyber risks posed by Anthropic's latest AI model

US Treasury secretary convened bank chiefs to address cybersecurity risks from Anthropic's AI model, Claude Mythos, which poses unprecedented threats.

US push to counter hackers draws industry deeper into offensive cyber debate

The U.S. government seeks private sector involvement in cyber defense, but clarity on offensive roles remains uncertain.

10 Data Security Stories to Know About (March 2026)

March saw significant data security incidents including cyberattacks, data purchases by the FBI, and breaches affecting millions of customers.

fromwww.facilitiesdive.com

Your router may be vulnerable to Russian hackers, FBI warns: 5 steps to take now

FBI and NSA warn of Russian hackers targeting vulnerable routers, urging users to update firmware and strengthen passwords.

more#cybersecurity

Business intelligence

Workplace management tech is prevalent, but integration challenges limit use: surveys

Most commercial real estate professionals fail to utilize workplace management technology data for effective space planning.

Data science

Your AI initiative may be failing because you're measuring it like a legacy business

Leadership often misjudges AI initiatives by applying mature-business metrics too early, leading to premature project cancellations.

Business

This is the biggest risk a company can take in the age of AI

Organizations that continue transformation during uncertainty outperform those that slow down, treating turbulence as an opportunity for growth.

Social media marketing

fromHer Campus

They Knew, They Didn't Care, & We Are All Paying For It

Social media platforms like Instagram have been found liable for mental health damage to young users, with internal documents revealing harmful strategies targeting teens.

Real estate

Can You Spot Signs of Industry Disruption Before They Happen?

Most innovation occurs in three stages: visibility, interface, and incentives, impacting industry transformation.

Microsoft's new Agent Governance Toolkit targets top OWASP risks for AI agents

Microsoft introduced the Agent Governance Toolkit to enhance AI agent security and mitigate OWASP's top 10 agentic AI threats.

Software development

How Ceros Gives Security Teams Visibility and Control in Claude Code

AI coding agents like Claude Code operate outside existing enterprise security controls, requiring new machine-level security infrastructure to provide visibility, policy enforcement, and audit trails.

Artificial intelligence

Model Security Is the Wrong Frame - The Real Risk Is Workflow Security

fromTechzine Global

Information security

70 percent of organizations see AI as the biggest data risk

Software development

fromInfoWorld

Microsoft's new Agent Governance Toolkit targets top OWASP risks for AI agents

Microsoft introduced the Agent Governance Toolkit to enhance AI agent security and mitigate OWASP's top 10 agentic AI threats.

Software development

How Ceros Gives Security Teams Visibility and Control in Claude Code

Artificial intelligence

Model Security Is the Wrong Frame - The Real Risk Is Workflow Security

fromTechzine Global

Information security

70 percent of organizations see AI as the biggest data risk

The Hidden Risk Behind Every 'Frictionless' Digital Experience

Digital experiences should prioritize human agency over pressure tactics to foster trust and informed decision-making.

#fraud-prevention

Non-profit organizations

The war against fraud should be a war for tech modernization

A new task force aims to combat fraud in public benefits programs by ensuring adequate anti-fraud controls and addressing data sharing challenges.

MITRE Releases Fight Fraud Framework

MITRE released the Fight Fraud Framework to help organizations combat fraud through a behavior-based model of fraud tactics and techniques.

Non-profit organizations

The war against fraud should be a war for tech modernization

A new task force aims to combat fraud in public benefits programs by ensuring adequate anti-fraud controls and addressing data sharing challenges.

fromPrivacy International

MITRE Releases Fight Fraud Framework

MITRE released the Fight Fraud Framework to help organizations combat fraud through a behavior-based model of fraud tactics and techniques.

more#fraud-prevention

US news

Dangerous data

US police misuse warrantless access to personal data, leading to wrongful arrests and life-altering consequences for innocent individuals.

How to Turn Security From a Bottleneck Into a Revenue Driver

Deals stall due to buyers' inability to quickly verify security, not lack of security itself.

Business

So... What Are We Doing With AI?' Innovating in an Age of Caution | Fortune

CEOs face pressure to demonstrate AI investment results while balancing short-term performance and innovation risks.

Podcast

What Does It Take to Be an Outstanding CSO or CISO?

Outstanding security leaders often come from non-traditional backgrounds, with 40% of recent CSO-CISO Hall of Fame honorees starting in the private sector.

#ai-governance

AI-driven identity must exist in a robust compliance framework | Computer Weekly

Governance must precede AI adoption to avoid compliance failures and ethical risks in identity verification systems.

Your AI Governance Can't Wait. Here's Where to Start. - TechRepublic

AI governance is essential for organizations to confidently deploy AI and avoid significant risks.

fromComputerworld

AI regulations are already out of date - IT leaders need to think ahead

Establishing a solid AI governance foundation now can ease future compliance with evolving AI regulations.

AI-driven identity must exist in a robust compliance framework | Computer Weekly

Governance must precede AI adoption to avoid compliance failures and ethical risks in identity verification systems.

Your AI Governance Can't Wait. Here's Where to Start. - TechRepublic

AI governance is essential for organizations to confidently deploy AI and avoid significant risks.

fromComputerworld

AI regulations are already out of date - IT leaders need to think ahead

Establishing a solid AI governance foundation now can ease future compliance with evolving AI regulations.

more#ai-governance

Why Waiting to Adopt AI Is Riskier Than You Think

Early adoption of AI fosters judgment and confidence, while waiting risks organizational drift and missed opportunities for learning and adaptation.

The Hidden Security Risks of Shadow AI in Enterprises

Shadow AI poses significant risks by allowing unregulated use of AI tools that can expose sensitive data and weaken security controls.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.

Physical Security in Global Arenas: How AI Improves Security at Scale

Agentic physical security uses AI to transform surveillance into proactive threat prevention at large events.

fromMedCity News

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.

fromTNW | Offers

10 Best SOC 2 Compliance Software for 2026

SOC 2 compliance software automates security controls, streamlining the audit process and ensuring readiness in weeks instead of months.

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.

fromInfoWorld

The agent security mess

Most granted permissions are unused by humans, but AI agents will exploit them, leading to significant security risks.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE

Nine vulnerabilities in the Orthanc DICOM server allow attackers to crash servers, leak data, and execute arbitrary code remotely.

#identity-management

Information security

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.

more#identity-management

fromElectronic Frontier Foundation

Yikes, Encryption's Y2K Moment is Coming Years Early

Google has moved its quantum preparedness deadline for cryptography to 2029 due to advancements in technology.

The New Battleground of Cybersecurity

I've always had what I would consider a hacker mindset, a curiosity to take things apart, understand them, and use that knowledge to solve problems. That mindset took me on a circuitous route into the cybersecurity industry; after being kicked out of high school for hacking computer systems, I worked a range of jobs, managing office supply companies by day and cracking Wi-Fi networks by night until I started a Digital Forensics degree which led me to the world of security research.

Science

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

1 in 2 security leaders say they're not ready for AI attacks - 4 actions to take now

AI-powered cybercrime is a significant and growing threat to businesses, with many feeling unprotected.

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

1 in 2 security leaders say they're not ready for AI attacks - 4 actions to take now

AI-powered cybercrime is a significant and growing threat to businesses, with many feeling unprotected.

more#ai-cybersecurity

fromDevOps.com

Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action - DevOps.com

Mallory provides an AI-native threat intelligence platform that delivers actionable insights for enterprise security teams, focusing on real threats and vulnerabilities.

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

Critical Flowise Vulnerability in Attacker Crosshairs

A critical vulnerability in Flowise allows remote code execution, posing severe security risks to systems and sensitive data.

World Cloud Security Day: Breaking Down the State of the Cloud Cybersecurity and Physical Security

"World Cloud Security Day is a useful reminder to recognize how much cloud risk now comes down to everyday access decisions and overlooked misconfigurations," says James Maude, Field CTO at BeyondTrust.

Information security

fromSilicon Canals

When militaries share data centers with banks: how Gulf strikes exposed a structural flaw in global cloud infrastructure - Silicon Canals

When civilian banks, logistics platforms, and payment processors share physical data center infrastructure with military AI systems, those facilities become legitimate military targets under international humanitarian law - and the civilian services housed inside lose their legal protection.

Information security

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Multi-OS attacks complicate SOC operations, leading to delays, fragmented evidence, and increased escalation volume, ultimately allowing attackers more time to operate.

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

This AI Security Strategy Is Redefining Cyberattack Recovery

Combining Zero Trust principles with AI enhances resilience, reduces downtime, and maintains strict access controls.

Beyond integration theatre: Building stronger cyber platforms | Computer Weekly

Integration layers between security platforms, not the platforms themselves, have become the primary enterprise security risk requiring rigorous governance of delegated trust.

Why Security Validation Is Becoming Agentic

Security validation tools operate in silos while attackers exploit interconnected systems, creating a structural blind spot that Agentic Exposure Validation can address through continuous, autonomous, context-aware assessment.

How to 10x Your Vulnerability Management Program in the Agentic Era

Agentic AI cyberattacks are actively occurring, forcing vulnerability management to evolve from static scanning to continuous, contextual, autonomous remediation systems.

fromTNW | Artificial-Intelligence

Why 2026 will be the year of governed cybersecurity AI

Global data breach costs fell 9% to $4.44 million in 2025, but automation gaps are widening between organizations, creating new AI-driven risks that regulators must address.

The Great Security Culture Shift: Building a Proactive Defense in an Era of Advanced Threats and Social Engineering

Hackers exploit DLL side-loading on trusted platforms like LinkedIn to deliver malware through seemingly legitimate file attachments, bypassing traditional security defenses and compromising entire corporate networks.

Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow

Tier 1 SOC analysts process the highest alert volume with the least experience, creating a structural vulnerability where alert fatigue, decision fatigue, and cognitive overload directly undermine organizational security performance and increase incident costs.

Understanding Breaches Before and After They Happen: What Every Organization Should Know

Most security breaches result from neglected fundamentals—human error, unpatched systems, weak authentication, and poor network segmentation—rather than advanced, novel exploits.

fromTechzine Global

From vulnerability whack-a-mole to strategic risk operations

Shift security from counting vulnerabilities to strategic risk operations that prioritize exposure, value at risk, and measurable business outcomes.