Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Why CISOs are right to be skeptical of AI - and what actually solves it

AI demos are easy. AI you’d actually trust near your control environment is not. If you’ve sat through a few of these pitches lately, you’ve probably landed on the same four questions every CISO we talk to is asking. And you’re right to ask them.

HIPAA Compliance Automation: Roadmap for CISOs 2026

Most healthcare security teams don't start thinking about HIPAA automation because they love compliance tooling. They start when another audit request lands, someone asks for six months of access reviews, policy attestations are out of date in three different folders, and the security team spends a week reconstructing evidence that should already exist. The problem isn't that teams don't understand HIPAA.

The New CISO Ep. 146 - Eric O'Neill | Rogue Agents: The New Era of AI Insider Threats (Part 2)

What happens when an AI agent inside your company starts behaving like an insider threat? In part two, Steve Moore picks the thread back up with former FBI operative Eric O'Neill to explore how agentic AI is rewriting cybersecurity, the legal traps that follow a breach, and why the modern CISO must think like a spy hunter.

How CISOs should evolve training and readiness with Bobby Ford

Join us for this week's Defender Fridays as Bobby Ford, Chief Strategy and Experience Officer at Doppel, breaks down how AI is amplifying social engineering attacks across every channel and what CISOs need to do differently to get ahead of the threat. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

How strategic CISOs innovate with AI despite limited resources

In previous Strategic CISOs sessions, I’ve spoken with security leaders from Andesite, IMO Health, and Cribl. They’ve built trusted programs where GRC functions as a business driver and customer assurance accelerates revenue. But every CISO I speak with is still fighting some version of the same fight. They have more obligations, more scrutiny, and more AI-related risk, but they do not have more people, more budget, or more hours in the day.

What Every CISO Needs to Know About AI-Assisted Development

There’s a conversation happening in boardrooms, security operations centers, and developer standups that I find both thrilling and concerning: the conversation about AI-assisted development. Engineering teams are shipping features in hours that once took months. Products that would have required six-month roadmaps are being prototyped in a weekend.

This CISO Admitted Their SOC Wasn't Really a SOC

When Klotz was brought in, she assessed Trinseo’s security operations and saw a reactive, single-time-zone model stretched across too many tools. Today, Trinseo runs a modern, 24/7 SOC anchored on CrowdStrike Falcon Complete Next-Gen MDR and the AI-native CrowdStrike Falcon cybersecurity platform.

Why strategic CISOs need proactive risk reduction, not reactive GRC reporting

Security and GRC teams have no shortage of risk mitigation activities. They are carrying more work than ever, yet many still lack confidence in the data and recommendations produced by all that manual effort. They are also operating in a risk environment that changes faster than their current operating model was designed to support. Unfortunately, the existence of risk activity does not mean actual risk has been reduced.

What Is MCP Security? 9 Things Every CISO Needs to Know

Your AI agents had a productive day. Nobody can tell you what data they touched. A developer opens Cursor and connects it to a GitHub MCP server and a Postgres MCP server. The agent reads the repo to understand a schema change, finds an AWS access key in a config file, and uses it to run a migration against staging. The key now lives in the agent's context, in the Postgres query log, in the chat history, and in whatever artifact the developer copies out. No alert fired. No policy triggered.