cybersecurity governance

Your AI Agent Doesn’t Care About Your Controls

Your AI Agent Doesn’t Care About Your Controls

| | AI agents risk, AI Cybersecurity, API security, automation risk, Control Assurance, control effectiveness, cyber resilience, cybersecurity governance, identity and access management, SaaS Security
This is Part 1 of a 2-part series on AI agents and control assurance.  Read Part 2: Controlling AI Agents: Why Detection Is Too Late The cybersecurity industry has spent years investing ...
Cybersecurity Expert | Cyber Resilience
AI Agents Are Creating a New Cybersecurity Blind Spot

AI Agents Are Creating a New Cybersecurity Blind Spot

| | Agentic AI, AI agents, AI cyber risk, AI Governance, AI Security, autonomous AI, Control Assurance, cyber resilience, cybersecurity governance, Enterprise AI security, Operational Resilience, Shadow AI
The cybersecurity industry has spent years focusing on visibility. Dashboards expanded. Detection tooling improved. Telemetry volumes exploded. Yet one of the biggest emerging risks in 2026 is not hidden malware or an ...
Cybersecurity Expert | Cyber Resilience
Adaptive Security Leadership in an Expanding Threat Surface

Adaptive Security Leadership in an Expanding Threat Surface

| | adaptive security leadership, CISO leadership, control effectiveness, cyber resilience, cybersecurity governance, evidence based assurance, expanding threat surface, Operational Resilience, zero trust
Last week I joined fellow security leaders at CISO Inspire Summit North for a panel discussion on The Expanding Threat Surface: Adaptive Security Leadership for 2026 and Beyond.It was a timely discussion, because the challenge ...
IT Security Expert Blog | Cybersecurity News, Breaches & Security Analysis
Cover art for the whitepaper by D3 Security, titled: "Blending Deterministic Workflows with AI: Architecting the Enterprise and MSSP SOC of the Future"

The Line in the Sand: What Should Never Be Fully Automated in an AI SOC?

| | AI-SOC, Autonomous SOC, cybersecurity governance, human-in-the-loop AI, incident response automation, policy driven automation, Security Automation, Security Operations Center, security orchestration and response, SOC maturity
How to design an AI SOC that scales automation without surrendering control. A guide to tiered automation, policy guardrails, and high-risk SOC decisions. The post The Line in the Sand: What Should ...
D3 Security
How CISOs Can Beat the Ransomware Blame Game 

How CISOs Can Beat the Ransomware Blame Game 

| | board-level cyber risk, breach accountability, CISO accountability, CISO survival strategies, cybersecurity governance, cybersecurity staffing shortages, executive cybersecurity responsibility, known security gaps, ransomware leadership fallout, ransomware organizational risk, ransomware root causes, SASE security strategy, security alert fatigue, security budget constraints, security tool sprawl, unified security platforms, why CISOs get fired
CISOs are often blamed after ransomware attacks, yet most breaches stem from organizational gaps, budget tradeoffs, and staffing shortages. This analysis explores why known risks remain unfixed and how security leaders can ...
Security Boulevard
cyber insurers, CaaS, insurance, AI-related, security, insurance, cybersecurity, cyber insurance, cybersecurity, insurance

The Cyber Insurance Crunch: Turning Rising Premiums Into Security Wins 

| | AI in cyber insurance, AI risk quantification, AI-driven risk management, board-level cybersecurity, CISO strategy, compliance and governance, cyber insurance, cyber insurance coverage limits, cyber insurance premiums, cyber insurance renewal, cyber insurance strategy, cyber insurance trends 2025, cyber liability insurance, cyber risk modeling, cybersecurity governance, cybersecurity insurance, incident response readiness, insurance as resilience catalyst, insurance exclusions, insurance underwriting requirements, MFA cybersecurity, Privileged access management, ransomware risk, risk resilience, SOC Modernization, supply chain cyber risk, zero trust security
Cyber insurance is no longer just a safety net; it’s a catalyst for change. With premiums climbing and coverage shrinking, insurers are forcing organizations to modernize security operations, embrace AI-driven risk quantification, ...
Security Boulevard
cybersecurity

The Political Weaponization of Cybersecurity

| | AI data analysis, Charles Borges, cloud migration, Cloud Security, Cybersecurity Best Practices, cybersecurity ethics, cybersecurity governance, cybersecurity policy, cybersecurity politics, cybersecurity standards, Data Privacy, data protection, DHS, digital governance, FEMA, government cybersecurity, government transparency, Information Security, IT Security, NIST Standards, political influence, public trust, regulatory policy, risk management, SSA
Cybersecurity should be guided by technical principles—not politics. Yet recent incidents in the U.S. highlight how cybersecurity decisions and dismissals are increasingly being used to advance partisan agendas. From cloud data migrations ...
Security Boulevard
governance contractors

4 Ways to Improve Governance in Product Security

| | Business Collaboration, cybersecurity governance, DevSecOps, security technology
Security is all about closing gaps—between attacker tactics and your defensive capabilities, for instance, or the known and unknown user identities in your cloud infrastructure. An important gap that too many organizations ...
Security Boulevard

Inadequate Cybersecurity

| | CSO/CISO Perspectives, cybersecurity governance, cybersecurity risk, General, Spotlight, Y2K, Y2K governance
It is customary to begin an article on cybersecurity with statements about huge increases in threats and attacks and mounting cyberspace losses from fraud, identity theft, ransoms, data exfiltration, blackmail, etc. Few, ...
BlogInfoSec.com