Insights

Ideas, frameworks and field notes for secure growth.

Explore Cyber Scale perspectives on AI security, cloud, identity, exposure management and the evolving operating model for modern cyber leadership.

AI Runtime Security: The Bit Everyone Misses
Read the Blog

AI Runtime Security: The Bit Everyone Misses

Everyone says they’re “securing AI”.Very few can explain what they’re actually securing at runtime.Ask a room of executives what AI security means and you’ll hear confident answers.Ask them where their AI runs, what it…

Ami Hofman
Ami HofmanJuly 4, 2026
Defence in Depth for the Agentic Age
Read the Blog

Defence in Depth for the Agentic Age

Why agentic AI breaks old security assumptions and how practitioners are adaptingMost organisations think they’re securing AI - they’re actually securing fragments of it.Inventory looks neat. Posture dashboards feel reassuring. Risk registers are filling…

Ami Hofman
Ami HofmanJuly 4, 2026
The Post-Mythos era has arrived
Read the Blog

The Post-Mythos era has arrived

Why the real problem is not Mythos itself, but the fact most organisations are still defending at human speedFor the last two weeks, the cyber industry has behaved like someone who just watched three…

Ami Hofman
Ami HofmanJuly 3, 2026
Becoming real time travellers, to mitigate AI risk
Read the Blog

Becoming real time travellers, to mitigate AI risk

Reflections of a Concerned PractitionerAs a kid I was a big fan of the famous TV series The Time Tunnel with the notorious couple Dr. Doug Phillips (played by Robert Colbert) and Dr. Tony…

Ami Hofman
Ami HofmanJuly 3, 2026
The Hidden Cost of Browser Blindness: Data Loss, AI Leakage, and Compliance Drift
Read the Blog

The Hidden Cost of Browser Blindness: Data Loss, AI Leakage, and Compliance Drift

Every organization is racing to modernize—deploying SaaS, adopting AI copilots, and pushing more work into the browser than ever before. But there’s a quiet, compounding risk sitting underneath all of it.

Sue Bergamo
Sue BergamoMay 5, 2024
Shadow AI, Shadow SaaS, and the Rise of Invisible Risk
Read the Blog

Shadow AI, Shadow SaaS, and the Rise of Invisible Risk

Most organizations think they have a handle on their technology footprint. They inventory SaaS, publish policies, and assume employees will follow them. But the last two years have made one thing clear: the real risk isn’t coming from the systems you know about. It comes from the ones you don’t. We spend time, energy and effort ensuring that all corporate application on premise and in the cloud are secure and that we are compliant. This requires both diligence and budget planning. It also assumes that there is conscious awareness of both the risk and the reward. Shadow SaaS, and shadow AI assumes that none of this rigor is being applied. Shadow AI and SaaS are no longer fringe behaviors. They’re the new normal. And they’re creating a layer of invisible risk that traditional governance models can’t see, measure, or control.

Sue Bergamo
Sue BergamoMay 4, 2024
Govern What AI Actually Does: Cyber Scale’s AI Security Lifecycle Operating Model
Read the Blog

Govern What AI Actually Does: Cyber Scale’s AI Security Lifecycle Operating Model

AI is behaving in real time. Governance needs to operate in real time too. Across industries, teams are embedding models into workflows faster than control frameworks can adapt. The result is fragmentation — disconnected ownership, inconsistent controls, and limited visibility into runtime behavior. That’s the gap Cyber Scale’s AI operating model was built to close.

Ami Hofman
Ami HofmanMay 3, 2024
Frameworks Describe AI Risk. Operating Models Contain It
Read the Blog

Frameworks Describe AI Risk. Operating Models Contain It

Let’s be honest: the last thing security leaders need right now is another framework. Every few months, a new AI risk taxonomy appears — a checklist, a maturity model, a set of principles that promise clarity. But frameworks don’t operate; they describe. They tell you what to think about, not how to run it. And that’s the real gap.

Sue Bergamo
Sue BergamoMay 2, 2024
Why a CISO Community Matters More Than Ever
Read the Blog

Why a CISO Community Matters More Than Ever

Experience, Integrity, and Trust as the New Leadership Imperatives CISOs operate in one of the most complex executive roles in the modern enterprise. They are accountable for protecting reputation, resilience, and customer trust — yet they often do so without a true peer group inside their own organizations. This isolation isn’t just uncomfortable; it’s operationally dangerous. A fragmented security landscape, accelerating AI driven threats, and rising regulatory expectations demand something CISOs rarely have: a trusted space to learn from one another.

Sue Bergamo
Sue BergamoMay 1, 2024
No insights match your current filter or search.