79% of orgs are deploying AI agents. 6% have updated their governance.
Most policies still think AI is the chatbot in the browser. The risk is what those agents are connected to.
74,000 Fortinet devices. The attack vector? Credentials that never got rotated and VPNs with no MFA. The leak made it easier. The vulnerability was already there.
Klue got breached via a credential for an integration they never deployed. Still active. 200+ Salesforce orgs compromised. Your vendor risk review doesn't audit stale test accounts at your vendors. That gap is real.
95% of CISOs feel pressured to suppress security findings. The industry response: they need more backbone. The actual problem: the system rewards suppression. You can't hire your way out of broken incentives. https://t.co/9uBoSo9JjL
The Gentlemen ransomware group has 332 victims this year. Second most active RaaS group right now. Most IR plans still model the last big name. Update your playbooks.
@boardyai building Vaughn Cyber Group as a fractional CISO for startups and banks that need real security leadership, not just checkbox compliance. would love to get Boardy Pro
OpenAI just admitted prompt injection isn't getting fixed. Companies are wiring AI agents into production anyway. "We have an AI policy" is the new "we passed the audit." A document nobody tested is not a control.
https://t.co/pKZmi1qdLA
No-code platforms won't sign a BAA. That's not a bug you can patch. The second real patient data lands there, the product is outside the law. The only vendor question that matters: who will sign next to your liability?
https://t.co/BeOmwFbcDr
CISA's contractor just published the agency's AWS GovCloud keys to a public GitHub repo. Your vendor program probably has the same exposure. You're just not famous enough for Congress to notice.
275M students. 8,809 schools. One platform.
ShinyHunters didn't get smarter. They keep hitting the aggregators because that is where the leverage lives.
Look at your own stack.
One employee. One OAuth click. One breach.
Vercel got hit because someone clicked Allow All on an AI tool. That token sat dormant, then got used.
Pull your OAuth app list. Today.
Your vendor questionnaire probably doesn't ask which apps have OAuth access into your customer data.
That's where 4th party risk actually executes.
https://t.co/NZw8F8BNHN
I am a cybersecurity professional. My home network was a disaster.
30+ unlabeled cables. 2 keystone jacks that connect to nothing. 2 floors of cable going nowhere. This is exactly what I walk into after an incident. https://t.co/N2sKtUXnek
Tomorrow I’m deepfaking myself live at Birmingham AI Security Breakout.
I’ll show you the prompts, the tool, and the 30 minutes it took.
Then we’ll talk about what you can do about it starting tomorrow.
#BirminghamAI#Cybersecurity#Deepfakes#AI https://t.co/BY3XsfNlHH
$25 million. That’s what one company lost to a deepfake video call.
The finance worker thought he was talking to the CFO. He wasn’t.
March 11, I’m doing a live deepfake demo at Birmingham AI Security Breakout
#BirminghamAI#Cybersecurity#Deepfakes#AI https://t.co/BY3XsfNlHH
Your phone rings. Your kid is crying, screaming for help. A voice demands ransom.
Your child’s voice is real. The kidnapping is not.
These calls are happening now.
I’m covering what to do about it at the Birmingham AI Security Breakout on March 11.
https://t.co/fXcigjKrql
That nagging "what if?" voice about your IR plan isn't paranoia.
It's your pessimist brain trying to break through optimism bias.
New blog breaks this down: https://t.co/ecwXxqWAUT
Speaking @ISC2 Oct 28 - NETWORK25SC for 15% off
3/3 #IncidentResponse
Security professionals are pessimists about everything... except our own programs.
New vulnerability? Assume breach. Phishing email? Domain takeover.
But when it comes to OUR IR plans? Suddenly we're optimists.
🧵 1/3
OUR backups are segmented." "OUR team will be available." "OUR plan will work perfectly."
It's like we have a blind spot the size of our own infrastructure.
This psychological quirk has real consequences.
2/3