Marco Casassa Mont

The true cost of cyber hacking on businesses

Marco Casassa Mont

@marcocasassamont.bsky.social

Insightful and compelling BBC article on the true extent of cyber attacks on UK business and the weak spots that allow them to happen ...
www.bbc.co.uk/news/article... #BBC #cybersecurity #cyberhacking #cyberattacks #costs #supplychain #vulnerabilities

Are this year's major attacks the

www.bbc.co.uk

From Shield to Spear: How AI is Reshaping Cyber Defense and Offense

Marco Casassa Mont

@marcocasassamont.bsky.social

Yet again another great, free, very informative ISC2 webinar by Steve Piper, this time focusing on the dual role of AI for Cyber Defence and Cyber Offence and tips on how to prepare for AI Threats ...
www.brighttalk.com/webcast/260/... #ISC2 #cybersecurity #AI #CyberDefence #CyberOffence

The rise of artificial intelligence in cybersecurity is both a blessing and a curse. AI is redefining the cybersecurity battlefield, offering unprecedented advantages for security teams and threat act...

www.brighttalk.com

AI Bubble Watch: Is it a Floater or a Popper?

Marco Casassa Mont

@marcocasassamont.bsky.social

Ongoing debates on the coming AI Bubble Burst ... Or is it a Floater 😀?
-
www.theregister.com/2025/10/03/a... #AI #AIBubble #Floater #Buster

Analysis: Exploding valuations and mountains of debt co-exist with a US government shutdown. How long can we stay on the hype-cycle rollercoaster?

When loading a model means loading an attacker - Help Net Security

Marco Casassa Mont

@marcocasassamont.bsky.social

Very timely study providing additional evidence about the cyber risks of downloading and using third parties' AI models. On the importance of investing in AI Security Governance
www.helpnetsecurity.com/2025/10/03/r... #AI #AIModels #Risks #cybersecurity #SupplyChainAttacks #AISecurityGovernance

Attackers can hide malicious code in shared machine learning models. Learn how to manage machine learning model security and protect systems.

The energy sector is ground zero for global cyber activity - Help Net Security

Marco Casassa Mont

@marcocasassamont.bsky.social

Very relevant and compelling study on patterns in cyber threat activities for the energy sector. Clever use of AI, as an enabler of this study ...
-
www.helpnetsecurity.com/2025/10/02/g... #EnergySector #CyberAttacks #RandD #GeoPolitics #AI

The energy sector has become a prime target for cyberattacks. Power grids and fuel networks attract both criminals and state-backed groups.

1 3

CISOs advised to rethink vulnerability management as exploits sharply rise

Marco Casassa Mont

@marcocasassamont.bsky.social

On the importance of rethinking vulnerability and patch management. Moving towards a risk-driven approach ...
-
www.csoonline.com/article/4065... #cybersecurity #VulnerabilityManagement #RiskBasedVM

Surge in vulnerabilities and exploits leaving overloaded security teams with little recourse but to embrace risk-based approaches to patching what they can.

If you can't use AI then it's bye bye, Accenture tells staff

Marco Casassa Mont

@marcocasassamont.bsky.social

If confirmed, this is likely to be a good incentive at Accenture to become AI-proficient or learn new skills ...
-
www.theregister.com/2025/09/26/a... #AI #Accenture #AIproficiency #NewSkills

ai-pocalypse: Consultancy says machine learning advice is making bank

SSCF v1.0: Elevating SaaS Security | CSA

Marco Casassa Mont

@marcocasassamont.bsky.social

SaaS Security Capability Framework (SSCF): a new Cloud Security Alliance (CSA) framework that is worth exploring ...
-
cloudsecurityalliance.org/blog/2025/09... #CSA #cybersecurity #Cloud #SaaS #SSCF #TPRM #SupplyChainRisks

The SaaS Security Capability Framework (SSCF) v1.0 introduces practical, actionable controls for SaaS security, guiding vendors and customers toward consistent security review.

cloudsecurityalliance.org

Marco Casassa Mont

@marcocasassamont.bsky.social

On FICO’s approach to AI risk and their foundation model that scores every output for accuracy and compliance ...
-
venturebeat.com/ai/ficos-ans...
#FICO #AI #RiskModelling #Compliance #Trust

venturebeat.com

Marco Casassa Mont

@marcocasassamont.bsky.social

It has been a pleasure and an honour to attend the first BMT Fellows Conference. A great opportunity to: meet other BMT Fellows, colleagues and Customers; discuss strategic business and R&D topics. Thanks #BMT #BMTFellows #Conference #Business #Customers #cybersecurity

3

OpenAI says models trained to make up answers

Marco Casassa Mont

@marcocasassamont.bsky.social

Very relevant paper. These findings are of key importance when using these tools for cyber defence purposes ...
-
www.theregister.com/2025/09/17/o... #AI #Hallucination #ModelLimitations #Incentives #LLM #CyberDefence

: Even a wrong answer is right some of the time

Google lands £400M MoD contract for secure UK cloud services

Marco Casassa Mont

@marcocasassamont.bsky.social

Interesting developments in the cloud cybersecurity domain ...
-
www.theregister.com/2025/09/12/g... #Cloud #Google #cybersecurity #MOD #SovereignCloud #GoogleAI

: Deal promises sovereign datacenters, AI, and cybersecurity to strengthen communication links with US

Home Office to spend £1.3M on age-determining algorithm

Marco Casassa Mont

@marcocasassamont.bsky.social

FYI - 'The UK's Home Office is offering £1.3 million ($1.7 million) to developers of age-determining software - a tech it wants to deploy widely across its systems'
-
www.theregister.com/2025/09/09/h... #HomeOffice #AgePrediction #Algorithms #cybersecurity

: Contract tender follows 'alarming' safeguarding failure at border with undocumented kids

Cybersecurity research is getting new ethics rules, here's what you need to know - Help Net Security

Marco Casassa Mont

@marcocasassamont.bsky.social

Relevant and valuable initiative. I am interested in understanding how the cyber scientific community will react to it and the effectiveness of this stakeholder-based ethics analysis
-
www.helpnetsecurity.com/2025/09/08/c... #cybersecurity #Research #EthicsRules #USENIX #IEEE #ACM

Cybersecurity research ethics is required at top conferences. A guide helps researchers balance innovation, risk, stakeholder responsibility.

Jaguar Land Rover staff to stay at home after cyber attack

Marco Casassa Mont

@marcocasassamont.bsky.social

Yet another example of how IT- based cyber attacks can have a major impact on people, manufacturing and physical processes ...
-
www.bbc.com/news/article... #cybersecurity #cyberattack #ITOT #impact #people #processes #technology

The company continues the complex work of restoring its systems after the cyber attack at the weekend.

www.bbc.com

3

Pressure on CISOs to stay silent about security incidents growing

Marco Casassa Mont

@marcocasassamont.bsky.social

I wonder if this survey actually reflects reality about how the majority of CISOs and orgs would behave in case of cyber incidents / data breaches?
www.csoonline.com/article/4050...

#cybersecurity #CyberIncidents #NoBreachDisclosure

A recent survey found that 69% of CISOs have been told to keep quiet about breaches by their employers, up from 42% just two years ago.

1 4

Agentic AI: A CISO’s security nightmare in the making?

Marco Casassa Mont

@marcocasassamont.bsky.social

Relevant, though-provoking article about new opportunities introduced by Agentic AI, risks for unprepared organisations and coming challenges for CISOs and their security teams ...
- www.csoonline.com/article/4047...
#AgenticAI #cybersecurity #risks #opportunities #CISO

Autonomous, adaptable, and interconnected, agentic AI systems are both a productivity and a cybersecurity risk multiplier. To secure their activity, traditional security models might not be enough.

Enterprises Opt for Secure On-Prem Data as They Count the Cost of Cloud

Marco Casassa Mont

@marcocasassamont.bsky.social

Cloud repatriation is indeed happening, in favour of federated, hybrid, on-prem data architectures. This is particularly true in the security domain #Cloud #CloudRepatriation #cybersecurity #AI #trends insight.scmagazineuk.com/enterprises-...

insight.scmagazineuk.com

3

UK and allies expose China-based technology companies for enabling global cyber campaign against critical networks

Marco Casassa Mont

@marcocasassamont.bsky.social

FYI - 'The UK and international allies have today publicly linked three technology companies based in China with a global malicious cyber campaign targeting critical networks'
-
www.ncsc.gov.uk/news/uk-alli... #cybersecurity #CyberCampaigns #cyberattacks

The NCSC and international partners share technical details of malicious activities and urge organisations to take mitigative actions.

www.ncsc.gov.uk

Generative AI does nothing for 95 percent of companies

Marco Casassa Mont

@marcocasassamont.bsky.social

On GenAI and the potentially widening "trough of disillusionment" ...

'MIT NANDA study finds only 5 percent of organizations using AI tools in production at scale'

www.theregister.com/2025/08/18/g... #GenAI #MIT #NANDA #ROI

: MIT NANDA study finds only 5 percent of organizations using AI tools in production at scale

Marco Casassa Mont

@marcocasassamont.bsky.social

Great, very informative @ISACANews webinar on 'Building and Scaling a Modern Enterprise Risk Program. A reminder of key concepts and processes ...
store.isaca.org/s/community-...
#Cybersecurity #EnterpriseRiskManagement #ISACA

Architecting the next decade: Enterprise architecture as a strategic force

Marco Casassa Mont

@marcocasassamont.bsky.social

That's indeed the direction Enterprise Architecture has taken in many work activities I am involved in and, specifically, in the strategic domain of cyber security ...
-
www.cio.com/article/4043... #Enterprise #Architecture #cybersecurity

If you still think enterprise architecture is paperwork and blueprints, you’re already behind — it’s now the engine of digital survival.

www.cio.com

Surprise departure of Oracle security chief as company shifts focus to AI

Marco Casassa Mont

@marcocasassamont.bsky.social

FYI - interesting workforce developments at Oracle ... www.csoonline.com/article/4042... #cybersecurity #Oracle #AI #CMcloud

Software giant says goodbye to a long-serving and occasionally controversial executive.

1 5

Employees race to build custom AI apps despite security risks - Help Net Security

Marco Casassa Mont

@marcocasassamont.bsky.social

Very compelling and thought-provoking article about the adoption of GenAi within organisations and the growing cyber risks posed by Shadow AI ...
www.helpnetsecurity.com/2025/08/15/s...
#cybersecurity #AI #GenAI #ShadowAI #CyberRisks

Shadow AI use rises as GenAI apps spread, driving innovation but increasing enterprise security risks from unsanctioned tools.

1 2 1

Global OT cyber risk could top $329 billion, new report warns - Help Net Security

Marco Casassa Mont

@marcocasassamont.bsky.social

FYI - 'The 2025 OT Security Financial Risk Report estimates that the most extreme scenarios could place more than $329.5 billion at risk worldwide in a single year.'
www.helpnetsecurity.com/2025/08/13/g...
#cybersecurity #OT #GlobalFinancialRisk #ControlEffectiveness

Analysis quantifies global OT cybersecurity financial risk, highlighting potential losses and top risk-reduction controls.

Why blow up satellites when you can just hack them?

Marco Casassa Mont

@marcocasassamont.bsky.social

Cybersecurity in the Space domain should be a priority and key concern ...
#cybersecurity #space #satellites #BlackHat
www.theregister.com/2025/08/07/b...

Black Hat: A pair of German researchers showed how easy it is

NCSC Warns of Growing Threat to Critical Infrastructure, Updated Framework

Marco Casassa Mont

@marcocasassamont.bsky.social

FYI - 'The NCSC has warned that the risk posed by hackers to the country’s critical infrastructure is escalating, and published an updated version of its Cyber Assessment Framework'
insight.scmagazineuk.com/ncsc-warns-o...
#NCSC #CriticalInfrastructure #CyberThreats #CAF #Update

insight.scmagazineuk.com

CISOs say they're prepared, their data says otherwise - Help Net Security

Marco Casassa Mont

@marcocasassamont.bsky.social

Eye-opening findings: a reality-check about organisations' cyber readiness and the importance of data quality to support critical cyber decisions ...
www.helpnetsecurity.com/2025/08/06/c...
#cybersecurity #CyberReadiness #Vulnerabilities #ExposureManagement

Most security teams believe they can act quickly when a threat emerges. But many don’t trust the very data they rely on to do so, and that’s holding them

Blind spots at the top: Why leaders fail

Marco Casassa Mont

@marcocasassamont.bsky.social

Inspirational and thought-provoking article about leadership, failures and the importance of vision & reflection ...
-
www.cio.com/article/4032... #leadership #blindspots #vision #reflection

When ambition outpaces self-awareness, collapse follows.

www.cio.com