Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This week, Connie Loizos, editor in chief of TechCrunch, sat down backstage with Francis de Souza, COO of Google Cloud, for a piece on the state of enterprise AI security. The interview is worth reading in full. Three points in it should reshape how every CISO is thinking about the next twelve months.

A few weeks ago I was on a call with a financial services customer who had moved a credit-decisioning model into production on Red Hat OpenShift AI. They were happy with the platform. They were less happy with the answer they had for a question their risk officer had just asked: “If an attacker encrypts the cluster tomorrow, what do we need to bring back to be inference-ready by Monday morning?” The team started listing the obvious things — the model artifact, the serving endpoint.

The banking industry stands at a critical intersection of technology, security, and customer experience. As financial institutions navigate massive data volumes and increasingly sophisticated threats, they’re also trying to survive the digital transformation that’s made customer expectations higher than ever and trust more fragile than before.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Drupal last week and now another I completely forgot about: Ghost CMS.

This year's report shows how credential sprawl across DevOps, SaaS, CI/CD, the cloud, and developer laptops turns initial access into operational impact.

Cyber insurance claims surged by 40% over the past eighteen months, while ransomware payments have dropped by 44%, according to a new report from Cowbell Cyber. The three most common incident types were data breaches, cybercrime (including phishing and business email compromise), and extortion attacks (including ransomware).

With over 10 years of experience in implementing AI, KnowBe4 has a ton of agents on its platform which customers can use to significantly lower risk. They help to secure the digital workforce (humans + AI agents). But five of them, all based and driven by risk scoring metrics, have become my favorites.