If you thought you could still use pre-Mythos cybersecurity approaches, you are deluding yourself and your board. The post-Mythos world has significantly changed how we must approach becoming breach ready. The stark reality is that adversaries will be faster, far more adaptive, and able to combine multiple data points to ... Read More

Whenever I look back at last year, I feel we did not take things seriously. Last year, in December, the Tokyo Metropolitan Police arrested a second-year high school student from Osaka for allegedly violating the law against unauthorized computer access and fraudulent obstruction of business. According to sources, the boy ... Read More

If you thought Mythos was the shockingly new disruptor in cybersecurity, you are not ready for 2026. Since the release of Mythos, major AI and IT firms are shifting their product strategies and building comparable “cybersecurity frontier” models. Welcome to the new world of constant, rapid change in the digital ... Read More

Let me tell you something that might sting a little. A dangerous illusion is spreading through boardrooms today. Organizations believe they are secure because they have invested in EDR. CrowdStrike, Microsoft Defender, or SentinelOne. They have dashboards. Alerts. Telemetry. Threat hunts. AI-assisted detections. SOC workflows. And yet, breaches keep accelerating ... Read More

The next cyberattack could be human, or a human engineering an AI from the outside, or an AI engineered from the inside. It could be a zero-day attack or a known weakness that was never mitigated. It could be a cyberattack, a collective, a lone warrior, or a disgruntled employee ... Read More

In March 2026, the CyberStrikeAI campaign used fully autonomous AI engines to breach over 600 FortiGate firewalls across 55 countries. Let that sink in. 600 firewalls, 55 countries. This is the age of AI. The attack speed is impossible to match with human defenders. The only defense against AI-powered attacks ... Read More

During a discussion with pharmaceutical CISOs at RSA, one asked a critical question: “How did you deal with CSV after a breach?” The reality is that without breach readiness, CSV does not merely slow operations; it halts them entirely. Before addressing the main topic, it is important to define CSV ... Read More

I am now of the firm opinion that breach readiness cannot be an enterprise-only milestone; it must also be a societal goal. The die has been cast. As AI-enabled digital services become mainstream post-2026, the societal need for AI safety and the availability of its underlying and interconnected technology labyrinths ... Read More

Anthropic left details of an unreleased model, an invite-only CEO retreat, sitting in an unsecured data trove in a significant security lapse. Leaked reports suggest this next-generation model from Anthropic is a major advancement in reasoning, coding, and cyber offense. Its capabilities are significant enough that its creators are cautious ... Read More

How the ColorTokens Xshield platform and its integrated ecosystem stand between North America’s power grid and digital adversaries. Note: AI generated image, please ignore errors. Let us not pretend that the threat to North America’s Bulk Electric System is theoretical. In 2022, SANDWORM, Russia’s GRU-linked hacker collective, deployed Industroyer2 against ... Read More