|
|
Here's everything important that happened in the cybers this week!
|
|
If you think this is useful, share it with a friend by forwarding this email.
|
|
|
|
Stop Treating AI Like Magic and Start Treating It Like a Vendor
|
|
|
On the evening of June 12, 2026, Anthropic disabled its two most capable models, Claude Fable 5 and Mythos 5, for every customer on the planet. Not because of a bug or a breach, but because the US Commerce Department issued an export-control directive barring access by any foreign national. Since nationality (apparently) can't be filtered in real time at …
|
|
|
|
|
|
Manufacturing Keeps Getting Hit While Everyone Watches AI Zero-Days
|
|
|
"The notion of a criminal ransomware group retaining lawyers fully versed in international data requirements is absurd -- until you realize the 'lawyer' is an LLM. For criminal purposes, it doesn't matter if the claim is true; it only matters if it sounds plausible. If there's one thing LLMs are good at, it's making a wide range of statements sound …
|
|
|
|
|
|
Security Governance Maturity Assessment Without the Guesswork
|
|
|
Security Governance Maturity Assessment Without the Guesswork So many words! Wouldn't you rather just watch this on YouTube? Most organizations can't answer a simple question: how mature is your security governance? Not with a guess, not with a feeling, but with a number. The Security Governance Maturity Assessment from Chapter 7 of Cyber Risk is a Myth fixes that. It's …
|
|
|
|
|
|
The Hiring Funnel Is Leaking And Criminals Are Profiting
|
|
|
It's mid-July 2026, and the domestic job market isn't exactly improving, based on a set of IOCs (indicators of compromise) that a friend sent me yesterday. Job seekers are side-eyeing LinkedIn posts with the skepticism of someone checking a used car for rust that's been painted over, while legitimate recruiters are shouting into a void where fake job offers are …
|
|
|
|
|
|
78% Already Got Hit. Half Still Haven't Funded the Fix.
|
|
|
78% of organizations reported experiencing AI-related security incidents or identifying AI-related vulnerabilities. — DigiCert AI Trust Outlook I guess it's survey season in advance of Hacker Summer Camp this August. This time it's DigiCert, who's surveyed more than a thousand IT and security leaders across the US, UK, and Australia for its AI Trust Outlook. Never mind what they're trying …
|
|
|
|
|
|
Why Breach Cover-Ups Are Killing Trust
|
|
|
If you ask security leaders whether they've ever been told to keep a breach quiet (we did), more than half will say yes. BitDefender's out with their 2026 report, and although this isn't a top-tier report like Verizon's DBIR or IBM's Cost of a Data Breach, they DO track one really interesting statistic that I like to refer to. Their 2026 …
|
|
|
|
Podcasts:
Cases I'm still watching:
- Couture v. Openai Global, LLC, 3:26-cv-03000
- Conservation Law Foundation, Inc. v. Shell Oil Company, 3:21-cv-00933 (so many arguments this week!)
- Amazon.com Services LLC v. Perplexity AI, Inc., 3:25-cv-09514
|
|
Thanks, and have a great weekend! This newsletter is published every Friday I'm in the office.
|
|
|
|
|
|