Temporary onboarding passwords distributed via email or SMS and not consistently changed create unnecessary security risks for companies and violate NIS2 standards.
Anthropic was ordered on national security grounds to immediately disable Fable 5 and Mythos 5 after the government was presented with a jailbreak technique that Anthropic classifies as widely prevalent among competitor models as well.
NIS2 requires executive officers to assume direct responsibility for cybersecurity governance and incident reporting, with violations potentially resulting in personal liability.
Digital sovereignty is forcing European enterprises to restructure their IT infrastructure and requires board-level decisions on cyber risk, sanctions resilience, and regulatory compliance.
31–50% of former employees retain access to unmanaged cloud services because these are not linked to central identity systems and are not automatically disabled when employees leave.
Anthropic calls for an aviation-like regulatory authority or commissioned private auditors to examine AI models for critical risks before their release.
NIS2 requires companies to establish structured governance, implement technical security measures, and maintain demonstrable incident-response processes, for which CISOs must assume full responsibility at board level.
Data Readiness – structured understanding and governance of an organization’s data landscape – is the essential foundation for secure, private AI systems and simultaneously fulfills regulatory requirements.
