Aggregator

These are the top threats you should know about this week.

Китай впервые с 2017 года возглавил рейтинг Top500.

Long Dwell Times and Persistent Footholds Are Redefining the Election Threat Model
Election security has long been treated as a seasonal effort - defenses up before a vote, then scaled back after. But analysis of the 2024 global election cycle shows adversaries maintaining persistent access across jurisdictions, mapping ecosystems and positioning for future cycles.

Policy as Code Turns Static Compliance Documents Into Enforceable, Auditable Policy
For decades, policies, standards and procedures have anchored security and compliance governance. But static documents can no longer keep pace with dynamic regulations and frontier technology. Policy as Code transforms them into machine-readable, enforceable, continuously verifiable rules that drive real business decisions.

Understand Agentic AI Risks and Secure All MCP Deployments
MCP has rapidly become the connective tissue of the agentic AI era and the standard for connecting AI agents to enterprise systems. But it also introduces new attack vectors, from tool poisoning to prompt injection. Here are six ways to reduce the risk.

When AI Partnerships Deepen, Security Leaders Can Access Powerful Joint Cognition
Sustained dialogue with AI does more than reflect a mind back. It casts a shadow shaped by two minds moving together, opening a vantage point once reserved for the few. For security leaders, recognizing this joint cognition is operationally vital, and so is keeping the shadow attached before it slips free.

Healthcare organizations face mounting pressure to govern AI without slowing innovation. Krista Arndt of St. Luke's University Health Network explains how agile governance, technical controls and collaboration can reduce data loss risks, protect patient care and strengthen AI security programs.

FDA's draft guidance for AI-enabled medical devices reflects a major change in how regulators address software that changes over time, recognizing AI's ability to evolve while emphasizing patient safety, transparency and accountability, said Phil Englert of the Health-ISAC.

Healthcare organizations should prepare for post-quantum cryptography without overreacting to hype, said John Frushour, CISO of New York-Presbyterian Hospital. Stronger encryption standards, commercial software support and attention to medical devices can help providers manage emerging risks.

EXL Study Finds Data, Business Processes Separate Leaders from Laggards
Most companies believe they are ahead on AI, but EXL's latest enterprise AI study suggests few have truly scaled it. The leaders are pulling away by integrating AI across functions, improving data access and redesigning workflows around measurable business value.

Stock Struggles, Unfavorable Comps to Cyera Could Make Private Deal Appealing
Private equity firms Blackstone, Thoma Bravo and Vista Equity Partners have expressed preliminary interest in Miami-based data security vendor Varonis, according to Bloomberg. The company is working with advisors and exploring options including a potential sale after receiving takeover interest.

Allied Cyber Agencies Urge Leaders to Act Now as Frontier Models Reshape Risk
A rare joint statement from the Five Eyes cyber agencies is warning that frontier artificial intelligence will transform offensive hacking in just a matter of months - not years - while pressing leaders to treat cyber resilience as a core business risk.

Lower-Cost AI Model Could Cut Agent Costs But Raise Enterprise Risks
Microsoft is testing alternative AI models, including China's DeepSeek v4, to reduce the cost of running Copilot Cowork's agentic workloads. While cheaper inference pricing could appeal to enterprises, security experts warn that governance, validation and oversight costs may offset any savings.

Deutsche Bahn остановил движение всех поездов поздним вечером 23 июня.