A

This is Rich Stroffolino and you are listening to the Department of. NO. Pete Clay, CISO at Ariane. I gotta ask, let's start out the new year. What is your priority this week?

B

AI, AI and AI. My team is implementing it, we're securing it, and we're figuring out what it all means.

A

Oh, I think. I think we may have an AI story or two. Maybe this is a tease. We'll find out how maybe these will impact your team. Fantastic. I like where your mind is at. And Chris Rae Field, CTO at gigaom. What is your priority this week?

C

Hey, Rich. Hey, Pete. AI as well. I'm sorry, I'm not gonna break the mold here. Just working on some automations, trying to get things done better, faster, all the things stronger.

A

Yeah, it's the classic Daft Punk problem. All right, producer Steve, we're about to start the show. Let's run that animation from the CISO series. It's Department of no. Welcome indeed to the Department of no. Your Virtual Monday strategy. Our sponsor for today is HOX Hunt. Measurable Human Risk Reduction. Remember, you can get involved in our YouTube chat live, we broadcast every Monday at 4pm Eastern. Or if you're into some legacy electronic communication feedback@cisoseries.com to send some electronic mail. We've got about 30 minutes. We're going to dive in. But just a quick reminder that all the opinions expressed by our guests are in fact their own, not necessarily those of their employer, their friends or family. Family. We're going to start out with our no or no segment here. This is where we want your quick take. Is this something security professionals need to know about, need to be talking about with their teams? Or is this more noise than signal? First up here, a Palo Alto AI warning. Last week's Chief Security Intel Officer, Wendy Whitmore described AI agents as the new insider threat to companies for 2026. She describes it as dilemma because CISO and security teams are under a lot of pressure to deploy new technology. It's on everyone's priority list, as we all know. But at the same time, new AI applications create, some would say a super user problem, chaining together access to sensitive applications and resources without security teams knowledge or approval. Pete, I'm going to start with you. Do we need to know more about this or is it a no, thank you?

B

For you, it's kind of a no, thank you because this is something we dealt with about a year ago. One of the things we discovered as we were deploying AI is there are two precursor Events you have to do first, number one, you got to figure out what data is real within your organization. It's not as simple as you may think it is. And then number two, if you don't figure out your identity and access management stuff, doesn't matter what you call it, an insider threat, an external threat, whatever, you're just going to go down hard.

A

Chris, what about for you is this, do you need to know a little more about this or do you agree with Pete?

C

I'm going to say it's a no. Let's know a little bit more about this. You know, the way I'm looking at it is, Pete, you guys are ahead of the curve. A lot of organizations that I talk to, they are still back where you were a year ago, maybe a year and a half ago. You know, we're, we're speed running the same privileged access mistakes that we made with service accounts, but now they can read the web and your email. Right. So kind of scary, right? But this is important to share because we're literally creating autonomous entities with super user privileges that can pivot across systems without human oversight. Security team, three years we've been trying to implement least privilege, break down excessive permissions. AI agents threatened to undo all of that. So it's definitely, let's keep it top of mind, let's talk about it. Let's find what unique situations are going to exist in your environment.

B

The first one to always remember is when you automate stupid, you get faster stupid.

A

Right. I was going to say let's scale our technical and process debt. Yeah, exactly.

B

Right. So I get it, I understand it. But I don't think those conversations, particularly putting it as an insider threat or something else is nearly as helpful as understanding. AI represents both threat and opportunity. Right. And you have to be able to manage that stuff effectively for your organization.

A

All right, Next up here, OpenAI says prompt injection attacks against browser based AI agents like ChatGPT Atlas may never be fully eliminated after internal red teaming uncovered a new class of attacks that can hijack agents during routine web workflows. This appears to be another chapter in a little book we like to call Cat and Mouse. Chris, I'm going to start with you here. Do you need to know a little more about this or is this no, thank you?

C

For you, I'm going to say it's a no. And I'm also going to tell you it's not a little book, it's a big book on injection. Right.

A

It's a never ending story. Right.

C

Prompt injection is like SQL injections, final boss, except the database now talks back and it's got an opinion. So from my perspective, this is important because if OpenAI themselves is telling you we may never solve this problem, this may never be fully solvable. As a security architect, an engineer, as leadership in a security organization, that's a reality that you have to face. There won't ever be a magical patch to fix for you can't just cross your fingers and hope that you get there one day. Since prompt injection can't be solved at the model layer teams must be layer controls, layering controls, input filtering, output validation, privilege separation, monitoring. How great would that be? No single control will cut through this problem.

A

Pete, what about.

B

You absolutely need to know more. You know, let's also remember though, the, you know, the web interface is only one of literally dozens of ways that you can interact with AI, right? So there are, in addition to everything that we just went through, there's also a lot of different architecture ways that you can manage some of these risks out. But I also completely agree at this point there appears to be no absolute solution that's coming down the pipeline.

A

All right, next up here, Korean Air supplier attack. Korean Air disclosed a data breach on its in flight, catering and duty free subsidiary. The airline says customer data was not impacted and that the leaked information appears limited to employee names and account numbers. This attack was conducted by the CLOP Ransomware Group and again points to the old third party vendor problem or in this case a subsidiary. But I would classify that maybe in the same type of weakness here. Pete, for you, do you need to know a little more about this or is this no thanks for you always.

B

Want to know more about third party risks, right? 75% of our issues last year were caused by third party suppliers. And so we're always trying to keep track of this. We're always talking to our vendors and our suppliers as well as those companies that we are a vendor or supplier to. And so one of the things I really want to applaud here though is the open way in which the information was shared, right? Because too often somebody thinks that hiding under a rock and not sharing the information is the way to handle it. Never works out well for them or more importantly, their customers.

A

Chris, what about for you? Do you need to know a little more about this or no thanks, I'm.

C

Going to go the other way. I'm going to say no thanks. You know, while this reinforces the ongoing third party risk problem, it's the way I see it, it's another data Point in a well understood problem. Not to say I'm minimizing the impact the third party risk presents or minimizing the threat and the risks there. But it's, it's not novel or pending a final solution. Kind of like the AI injection like we just talked about.

A

All right, and our last story in Nowhere no Dark Specter campaigns are exposed. A Chinese linked threat actor called Dark Specter has been running three malicious browser extension campaigns that impacted more than 8.8 million users across Chrome, Edge, Firefox and Opera. The campaigns used legitimate looking extensions to hijack searches, commit ad fraud. Oh, and quietly collect sensitive corporate meeting data from platforms like Zoom, Google Meet and Microsoft Teams, otherwise known as all of them as infrastructure for large corporate espionage. Is this know a little more or no?

B

Thanks for you Pete, this is know a lot more. Again, this is one of those things. Since we use all of those platforms and our customers use all of those platforms again, we have to maintain those relationships as kind of a trusted party to our environments. Particularly as we dove into this one, this one actually caused an alert and a response to make sure that we were clear or free and clear of this stuff kind of as it's rolling out. But it's something we're definitely keeping tabs on and monitoring as we go forward.

A

Chris, what about, you know, a little more or no thanks on this one?

C

No, a little bit more. You know, 8.8 million people just found out their browser extension wasn't helping them, it was helping Beijing or whatever finger you want to point there. This is important because browser extensions have become the new watering hole attack, right? Corporate espionage via meeting platforms. That's sophistication that I don't think most organizations are ready to handle. Teams need to understand that Zoom and your Microsoft Teams data it's now a primary intelligence target, not just email documents and systems access.

A

Before we move on, shout out to CCL in the chat here. Going back to our prompt injection story saying finding some authorities that are agreeing perhaps with this assessment. The NCSE says prompt injections can't be fully mitigated so focus on reducing impact instead. Very much along the lines of what we were talking about here and also pointing out that extensions are the new apps. Treat them as such. I would say extensions are even. I mean that should have been the modus operandi I think for a while now with browser extensions. But a good point nonetheless there. CCL Appreciate that before we move on to our wider discussion, have to spend a few moments now and thank our sponsor for today. Hox Hunt Traditional security training fails because it treats employees like the problem. Hox Hunt treats them like the solution. AI powered simulations mirror actual attacks hitting your inbox. Instant coaching turns mistakes into learning moments. Gamified rewards make security engaging. The result? Real behavior change that measurably reduces your risk. Thousands of companies trust Hoxhunt to transform human vulnerability into human defense. Visit hoxhunt.com cisoseries to learn more. That's H O X h u n t.com cisoseries all right, let's get into some of the nitty gritty here with our discussion. We're getting dirty here. Diesel generators and aircraft engines in high demand to power AI the developers of data centers are now using aero derivative turbines, which I'm going to try and use aeroderivative in a sentence this week based on or made for jet engines as well as diesel generators to address a growing need for power to process AI technology. This is being done to counter the issue of supply chain shortages and wait times of up to seven years to connect to the grid, as well as growing backlash over their impact on consumer utility bills. This power is needed for training and running of artificial intelligence models. Lot of of power you got to power all those GPUs somehow. As a result, local and federal regulators in the US are starting to loosen the restrictions on the use of backup generators. They're even floating the idea of commandeering existing backup generators such as those located behind many large stores and businesses in order to support demand. Please leave the hospital ones alone. I'm just going to. No one's putting that out there. I'm just. Let's not jinx anything, okay? But this poses an issue of dependence, which I think is the interesting part here. An infrastructure problem, as well as a geopolitical challenge falls in line with cloud data centers and crypto mining as being best suited to certain countries with either cold climates or cheap electricity or conveniently non existent emission regulations. Chris, I'll start with you. As companies are becoming more dependent on AI, what's your take on this issue and this potential workaround, this kind of hack to get around accessing the power grid?

C

Yeah, I, I love creative solutions. I love them. Like I get, I get excited when somebody comes to me with something really creative or you know, once every 10 years I come up with something that's, that's worthy of being creative. But we're literally burning jet fuel to make our chatbots read our emails. If that doesn't scream unsustainable business model, I don't Know what does? That's, that's my, you know, my initial reaction and then I revisited it and that's my second reaction. It's just like I don't, I don't think this is good. You know, AI companies are trying to solve a problem the same way a teenager, my kid solves his problem, solves his homework. Right? Wait until the last minute, do whatever it takes, consequences be damned. That's not good. The seven year grid wait times like you talked about, that means we're building AI infrastructure on borrowed time and maybe on borrowed generators. That's new kind of technical debt.

A

Yeah, like infrastructure debt in a way that we don't often talk, like on such a wide scale that we don't often consider that. Pete, what about for you? I mean, how did this story strike you? The implications for dependence on this. I'm curious where your mind's at with this.

B

It's absolutely critical for us, but one of the things that we're really tracking closely is there's now new generations of models that require far less energy to actually be able to do useful things. In some ways, what we're seeing with the first, let's call it the first generation or the first wave of these things, it's like using Plato or Aristotle to do your bookkeeping. You're using such massive power, as Chris said, to write your emails. Right. I agree with them. That's actually tech debt, that's not sustainable. But the new generation of models that are coming out that are far more sustainable from both a training and a power, maybe they're not Aristotle, maybe they can only write your emails, but that seems to me to be a trend and a path to really pay attention to.

C

Yeah.

A

Go ahead, Chris.

C

I was just gonna say there's a couple angles on this business continuity. If your cloud AI services depend on diesel generators and repurposed jet engines, what's the availability guarantee when there's a fuel supply disruption? How does that now impact your business operations? These are things that a lot of organizations, unless you're, you're in the industrial, the iot, or you know, fuel and gas, if you want to go there. Oil and gas, these are not things that they're thinking about. This creates geographic concentrations of AI capabilities in regions with power availability. That's a new single point of failure. Right. I mean, there's like weird things coming out of this very creative idea that unfortunately I think will take a long time to pick apart.

A

Yeah, and Pete, to your point, I think there is the issue of no one was prepared when GPT3 just blew up and became mainstreamed instantly overnight, and then started this kind of LLM arms race to becoming the fastest growing app app for ChatGPT and all the others that are following on with it to the point where it was like, to your point of these more specialized models that could be trained with much fewer resources on every level that it's like they invented a Swiss army knife and everyone was like, great, let's build buildings with that immediately. And instead of being like, what if we just had an impact driver? Or what if we had, what if we actually had specialized tools for these? And I think that is a more hopeful take on a lot of kind of the AI infrastructure that I hadn't really considered. But it makes a lot of sense. Right? Whereas we, we find these specific use cases, we don't need to literally boil the ocean to create the next most powerful General Purpose LLM. We just need email bot that has 50 billion parameters as opposed to 100 trillion and needs petabytes of memory to train it and stuff like that. I like giving us a little hope there. That makes me happy here. Our next story here. Oh, yeah, yeah, Steve, jump in.

D

Yeah, I want to just add one more thing here. Oh. Every once in a while we get a story on the show about IoT or OT and the vulnerabilities that seem to disappear into the mist. When it comes to any kind of lurking malware inside these machines, we don't pay much attention to like, generators that sit behind buildings. So there seems to be a direct connection here between dependence on using both generators and aircraft turbine engines with the fact that they too have computers in them. And it's one of the overlooked areas of vulnerabilities that may have a significant impact when they stop working all of a sudden. So just wanted to add that.

A

Yeah, that's.

C

Wow.

A

Yes. Well, okay, so Steve, now see, I was leaving on hope, and now you've brought me down to the grubby world of IoT security, which is a hopeless death spiral I will never get out of for the rest of the week. So thank you for that, producer Steve. Really great point though. One of the many services he offers. Our next story here, Coupang's coupons. This follows up on a recent data breach impacting almost 34 million people. Coupang, often dubbed Korea's Amazon, has announced a compensation program equivalent to US$1.17 billion, which will be delivered in the form of purchase vouchers for impacted users. Coupang plans to notify users through text message regarding the voucher redemption process. It's kind of interesting to see an online retailer of this size go for the whole store credit only approach to an event that potentially could have long term impacts for its, for its credibility with a lot of customers. But no matter. I'm curious for either of you. Pete, I'm going to start with you here. Does your spidey sense tingle somewhat at the notion of 34 million SMS messages going out to customers saying hey, redeem your coupon here. Given the amount, how deluged we all are, I'm assuming it's the same in South Korea with spam opportunities and scammers like, like where's your mind at with this?

B

I think it goes to a couple different places. But Chris, we can pick an over under as to the amount of fraud that this is going to cause.

A

Yes, right.

B

You know this is not a well thought out approach. Right. You know it actually goes back to the point that Chris made earlier around identification and authentication that applies to your customers as well. And so 34 million SMS messages or whatever the number ends up being, you can probably multiply that by 5, 8, 10x for the number of things that'll say hey, come to this website and just redeem your coupon here. Right. Et cetera, et cetera, et cetera. And so I think maybe the only fraud that we will see this scale was maybe the federal Covid giveaways of money and things like that.

A

Yeah, that's actually a good benchmark for that. Yeah. Chris, I mean you're, you're kind of in the same thoughts here but, but any other angles we need to think about with this?

C

Yeah, so I'll, I'll expand on that a little bit. You know, Coupang just trained an entire nation to click on SMS links about data breaches. Right. Like every Nigerian prince is high fiving each other right now. They're so excited. This just opened up the floodgates to South Korea. But you know, on, on the incident response side because I spent a lot of time in my career working ir, this is definitely an anti pattern. This represents everything not to do when communicating breach remediation organizations need to understand how their IR communications can create secondary attack vectors exactly like this. The, the notification mechanism in this case is now a part of Coupang's attack surface. So you've just made your job even harder. And getting back to something you said, Pete, I agree with you on one part of it, but the other part is maybe you're wrong and maybe I'm wrong and a lot of People are wrong too. You said this wasn't very well thought out. I'm afraid. What if it was really well thought out, but marketing overruled security.

A

That's the interesting angle here, right? Because presumably the comms for this would fall within some kind of response plan that is in the toolbox, right? To be like, if this happens, we take all these technical steps on the business side. We would contact any relevant regulators, we would then, once we have a blast radius, et cetera, et cetera, notify impacted customers. This is not the first time they thought about this. That's where my mind was at, that this was presumably part of a playbook. And it still seems easily problematic.

C

Like, yeah, it, it's, it's like corporate in mass gaslighting in a way, right? Don't click suspicious links unless we tell you to do it.

A

I gotta ask though. Would you rather have a potentially shady looking sms offering you $30 gift card to your Amazon Korea's Amazon, or would you rather have another two years of free credit monitoring? That is. That is my question for both of you. Which would be preferable in this instance.

C

Sense.

B

I was gonna say. I mean, we, you know, IR is advanced to the point now in the States where you don't even get the free credit monitoring, right? It's, it's just, you know, hey, we lost your stuff. We're really sorry if it's inconvenient. Wish you well. Hey, you know, by the way, hearty.

A

Hearty pat on a terse head nod is what you get.

B

By the way, you know, we're having a sale next Tuesday. Come by the store. I mean, that's kind of the same level of stuff.

A

All right, and our last story here. Sedgwick confirms New Year's Eve cyber incident. The claims administration company has confirmed that its government focused subsidiary is dealing with a cybersecurity incident. Sedgwick provides claims and risk management services to federal agencies like dhs, Immigration and Customs Enforcement, Customs and Border Protection, Citizenship and Immigration Services, the Department of labor, and of course cisa. The Trident locker ransomware game has claimed responsibility. Sedgwick stresses that its government Solutions arm is segmented from the rest of its business and that no wider Sedgwick systems or data were impacted. So, Chris, I'll start with you on this. It's nice to know that the government solutions arm is segmented from the rest of the business. I'm assuming there's a regulation that requires it to be so and that there was no wider impact, but its clients are not exactly mom and pop operations. A lot of sophisticated and large organizations. I can't imagine DHS accepting the, either the coupang coupon or some free credit monitoring here. What are your thoughts when you see something like this?

C

So the first thing I thought of because I was, I was alive and around for this when it happened, it's not that long ago for most of us, but I think a lot of people that are new in the industry don't really remember it or think of it. Sedgwick says their government arm is segmented from the rest of their business.

A

That's cool.

C

But you know, so is Target's H Vac company. Ah, we know exactly how that went. I think segmentation has become the new encrypted at rest. Right. It's a defensive statement that means a lot less than it sounds.

A

Pete, what about you? I mean does this seem to maybe have some smoke, there's fire for you. Or does that, does the announcement that it's segmented hold any water for you?

B

I thought Chris was going to go right back to HB Gary. I thought Chris was going right back to all of those. And it, it's a playbook we've all heard before that doesn't mean anything. Right. It's, you know, it's fundamentally, it just comes down to, it's almost a non sequitur statement. Something bad happened. Nothing to see here. Let's all move on. Again going back to the previous point, do they get free credit monitoring? I mean I, you know, what, what's the outcome here? And just saying, you know, well, we lost this. Okay, show me an environment where you only store that and not something far more interesting.

C

So it's segmentation theater. Right. We need to be asking, as we're doing this third party risk assessment, let's understand what it means to be segmented. Is that network, is that data or is it business process? Is it all of them? Is it two of them? You know, what exactly does that mean? And then I don't know if you're ready to run away from this, Rich, but I was going to say to kind of end on a high note like you wanted to with the, with the prompt injection side of things. I'll give you a little bit here and maybe that will happen. You know, I thought about this and like what can we do to, to feel better about this in the future? Yeah, let's talk about tactics. We know holiday attacks are increasing because they work. Right. So your IR plans must account for skeleton crew periods and you must recognize you've got plans ready for when people are on vacation, it's Christmas Eve. Whatever the deal is, you're just as vigilant, maybe not as well staffed, but you're just as vigilant as you are in the middle of June or whenever the case may be. We know attackers are optimizing for defender weaknesses, not just technical vulnerabilities. We need to keep that top of mind.

A

I like that. Some positive. I guess that was my only other thought with this story is what you know, if you're a non government customer. Right. Of Sedgwick or a non government client, whatever you want to call yourself. Like what, what is your take? Should you act as if you know, constantly, you know, zero trust. Right. Like just assume that you were will be impacted by this in some way. Like as CCL said in our chat, not impacted yet. Like how do you, how do you take that information as someone you're receiving this non sequitur assurance that your data was not impacted. I'm curious, how do you discuss that with your security team?

D

Yeah, and it's the same thing. I mean a CCO also says it depends what you mean by segmented. Segmented what?

A

Yeah, the cloud, a database, the company itself.

C

Yeah.

A

That's the two sides of that.

C

Yeah.

D

This may be the marketing department again overruling everything.

C

It, it feels a lot like their announcement that hey, it wasn't the government stuff. It's just everybody else right about. It's like thoughts and prayers for you guys. You know, hey, do your best.

A

Okay. Okay. But, but see I still, I, you know, Chris, I appreciate your, your attempt to, to get us out on the, on the positive note, we, we, you know, as, as we start the new year, let's, let's make that the, the vibe here on the department of. No, when we can. Let's, let's end with a little positivity here. But we're also bit of advice for today as we close out today's standup. I'm curious, Pete, I'll start with you. Is there any piece of advice from the news that you could pull out to maybe share with the audience or something that you'll take back to your team?

B

The biggest thing and the biggest stuff that's coming is we're going to see the overlapping wave of AI followed almost immediately by quantum computing. Right. And the interesting part of all of these conversations and particularly a lot of the stuff that Chris went through, if you don't fix your identity and you don't manage your environments and build the defense in depth and everything else. Those overlapping waves are going to swamp the boat almost no matter what you do. So now is really the grace time to get the house in order, right, and move forward because AI is happening faster. Quantum is now happening faster and it's going to be a very, very interesting near future.

A

Quantum will come like a thief in the night is kind of what I'm waiting for here. Chris, what about you? Is there any piece of advice from the news from today that you can pull out here?

C

I got a bunch of things banging around in my head, but maybe it's because I'm in an automation mood this week. But we're automating faster, right? We're automating faster than we're securing though. That's a problem. So whether it's AI agents or super user with super user access or the unfixable prompt injection problem, supply chain blind spots, millions of people installing corporate espionage disguised as a browser extension. That's a pretty clear pattern. We keep choosing speed and convenience over fundamentals, then acting surprise when the fundamentals come back to bite us. The companies winning at security aren't the ones moving fastest. They're the ones who remember that access control, least privilege defense in depth aren't optional. They're just the things you need to do to keep operating securely.

A

Well, thank you both, Peter Clay, the CISO over at Aireon and Chris Ray, the Field CTO over at gigaom. Thank you both so much for being on the show. We'll have links to your LinkedIn in our show notes if people want to give you a follow because you made the show. Amazing. Love the insight, love the attempts at positivity, producer Steve aside, and this was fantastic. We'll have to have you both on very, very soon. Thanks also to our sponsor for today, HOX Hunt Measurable Human Risk Detection. Remember, you can send us your feedback at any time. Feedbackisoseries.com I'm not going to read it anytime. I'm going to wait till normal business hours to read it. Don't ask me to read it at 1am but I will for sure read it and you can send it anytime. There's there's no time gate on that. Join us again next Monday at 4pm Eastern for another edition of the Department of Know to register for that and just to follow everything that we're up to. Head on over to YouTube, subscribe to the CISO series YouTube channel and make sure if you click a bell for notifications, I'm told something happens. But Anyway, you know 4pm Eastern every Monday. Set that calendar appointment or go to cisoseries.com and look at our events page. We will see you next Monday, but in the meantime, stay tuned to cybersecurity headlines. For myself, for our glorious producer, Steve Prentice, for the big boss man, David Spark and the rest of the CISO series, here's wishing you and yours to have a super sparkly day. Cybersecurity headlines are available every weekday.

B

Head to cisoseries.com for the full stories behind the headlines.