InfoSec and Compliance – With 20 years of blogging experience, DISC InfoSec blog is dedicated to providing trusted insights and practical solutions for professionals and organizations navigating the evolving cybersecurity landscape. From cutting-edge threats to compliance strategies, this blog is your reliable resource for staying informed and secure. Dive into the content, connect with the community, and elevate your InfoSec expertise!
Yann LeCun — a pioneer of deep learning and Meta’s Chief AI Scientist — has left the company after shaping its AI strategy and influencing billions in investment. His departure is not a routine leadership change; it signals a deeper shift in how he believes AI must evolve.
LeCun is one of the founders of modern neural networks, a Turing Award recipient, and a core figure behind today’s deep learning breakthroughs. His work once appeared to be a dead end, yet it ultimately transformed the entire AI landscape.
Now, he is stepping away not to retire or join another corporate giant, but to create a startup focused on a direction Meta does not support. This choice underscores a bold statement: the current path of scaling Large Language Models (LLMs) may not lead to true artificial intelligence.
He argues that LLMs, despite their success, are fundamentally limited. They excel at predicting text but lack real understanding of the world. They cannot reason about physical reality, causality, or genuine intent behind events.
According to LeCun, today’s LLMs possess intelligence comparable to an animal — some say a cat — but even the cat has an advantage: it learns through real-world interaction rather than statistical guesswork.
His proposed alternative is what he calls World Models. These systems will learn like humans and animals do — by observing environments, experimenting, predicting outcomes, and refining internal representations of how the world works.
This approach challenges the current AI industry narrative that bigger models and more data alone will produce smarter, safer AI. Instead, LeCun suggests that a completely different foundation is required to achieve true machine intelligence.
Yet Meta continues investing enormous resources into scaling LLMs — the very AI paradigm he believes is nearing its limits. His departure raises an uncomfortable question about whether hype is leading strategic decisions more than science.
If he is correct, companies pushing ever-larger LLMs could face a major reckoning when progress plateaus and expectations fail to materialize.
My Opinion
LLMs are far from dead — they are already transforming industries and productivity. But LeCun highlights a real concern: scaling alone cannot produce human-level reasoning. The future likely requires a combination of both approaches — advanced language systems paired with world-aware learning. Instead of a dead end, this may be an inflection point where the AI field transitions toward deeper intelligence grounded in understanding, not just prediction.
Whether AI might surpass human intelligence in the next few years, based on recent trends and expert views — followed by my opinion:
Some recent analyses suggest that advances in AI capabilities may be moving fast enough that aspects of human‑level performance could be reached within a few years. One trend measurement — focusing on how quickly AI translation quality is improving compared to humans — shows steady progress and extrapolates that machine performance could equal human translators by the end of this decade if current trends continue. This has led to speculative headlines proposing that the technological singularity — the point where AI surpasses human intelligence in a broad sense — might occur within just a few years.
However, this type of projection is highly debated and depends heavily on how “intelligence” is defined and measured. Many experts emphasize that current AI systems, while powerful in narrow domains, are not yet near comprehensive general intelligence, and timelines vary widely. Surveys of AI researchers and more measured forecasts still often place true artificial general intelligence (AGI) — a prerequisite for singularity in many theories — much later, often around the 2030s or beyond.
There are also significant technical and conceptual challenges that make short‑term singularity predictions uncertain. Models today excel at specific tasks and show impressive abilities, but they lack the broad autonomy, self‑improvement capabilities, and general reasoning that many definitions of human‑level intelligence assume. Progress is real and rapid, yet experts differ sharply in timelines — some suggest near‑term breakthroughs, while others see more gradual advancement over decades.
My Opinion
I think it’s unlikely that AI will fully surpass human intelligence across all domains in the next few years. We are witnessing astonishing progress in certain areas — language, pattern recognition, generation, and task automation — but those achievements are still narrow compared to the full breadth of human cognition, creativity, and common‑sense reasoning. Broad, autonomous intelligence that consistently outperforms humans across contexts remains a formidable research challenge.
That said, AI will continue transforming industries and augmenting human capabilities, and we will likely see systems that feel very powerful in specialized tasks well before true singularity — perhaps by the late 2020s or early 2030s. The exact timeline will depend on breakthroughs we can’t yet predict, and it’s essential to prepare ethically and socially for the impacts even if singularity itself remains distant.
1. The core claim: Many cybersecurity professionals assert that compliance isn’t security — meaning simply meeting the letter of a standard (e.g., ISO 27001, ISO 42001, PCI, HIPAA, NIS, GDPR, DORA, Cyber Essentials) doesn’t by itself guarantee that an organization can withstand, detect, or recover from real-world attacks. Compliance frameworks typically define minimum baselines rather than prove operational resilience.
2. Why people feel this way: Critics argue that compliance programs often become checkbox exercises, focusing on documentation and audit artifacts rather than actual protective capability. Organizations can score well on audits and still suffer breaches because compliance doesn’t necessarily measure effectiveness of controls in practice.
3. Compliance vs security definitions: Compliance is essentially a benchmark against a standard — an organization either meets or fails certain requirements. Security, by contrast, is about managing risk dynamically and defending systems against evolving threats and adversaries. These two missions are related but fundamentally different in objectives and measurement.
4. The “baseline floor” perspective: Some practitioners push back on the notion that compliance has no value at all. They see compliance as providing a baseline floor of capabilities — a starting set of repeatable, measurable controls that help standardize expectations and reduce obvious, basic gaps that attackers exploit.
5. Compliance as structure: From this view, compliance frameworks give organizations a common language and structure to start measuring security efforts, track improvements over time, and communicate with boards, regulators, and insurers. Without structure, purely ad hoc security efforts can lack consistency and visibility.
6. The danger of complacency: The biggest practical risk isn’t compliance per se — it’s when organizations confuse passing an audit with being secure. Treating compliance as an end goal can create a false sense of safety, diverting resources from more effective defensive activities into chasing artifacts rather than outcomes.
7. Evolving threats vs static standards: Another common critique is that compliance frameworks often lag behind real-world threat evolution. Regulatory requirements typically update slowly, whereas attackers innovate constantly. As a result, meeting compliance may not sufficiently address emergent or advanced threats.
8. Complementary roles: Many experienced practitioners conclude that the healthiest view is neither compliance alone nor security alone. Compliance ensures visibility, documentation, and minimum control presence. Security builds on that baseline with active risk management, threat detection, and response mechanisms — which are necessary for meaningful protection.
9. Practical takeaway: In practice, compliance can serve as a foundation or enabler for security, but it should not be mistaken for security itself. Strong security programs often use compliance as a scaffolding — then extend beyond it with continuous improvement, automation, detection, response, and risk-based prioritization.
My Opinion
The statement “compliance isn’t security” is useful as a warning against complacency but overly simplistic if taken on its own. Compliance is not the security program; it’s often the starting point. Compliance frameworks help establish maturity, measure baseline controls, and satisfy regulatory or contractual requirements — all of which are valuable in risk management. However, true security requires active defense, continuous adaptation, and operational effectiveness that goes well beyond checkbox compliance. In short: compliance supports security, but it does not replace it — and treating it as an end goal can create blind spots that attackers will exploit.
Here’s a rephrased and summarized version of the linked article organized into nine paragraphs, followed by my opinion at the end.
1️⃣ The Browser Has Become the Main AI Risk Vector Modern workers increasingly use generative AI tools directly inside the browser, pasting emails, business files, and even source code into online AI assistants. Because traditional enterprise security tools weren’t built to monitor or understand this behavior, sensitive data often flows out of corporate control without detection.
2️⃣ Blocking AI Isn’t Realistic Simply banning generative AI usage isn’t a workable solution. These tools offer productivity gains that employees and organizations find valuable. The article argues the real focus should be on securing how and where AI tools are used inside the browser session itself.
3️⃣ Understanding the Threat Model The article outlines why browser-based AI interactions are uniquely risky: users routinely paste whole documents and proprietary data into prompt boxes, upload confidential files, and interact with AI extensions that have broad permission scopes. These behaviors create a threat surface that legacy defenses like firewalls and traditional DLP simply can’t see.
4️⃣ Policy Is the Foundation of Security A strong security policy is described as the first step. Organizations should categorize which AI tools are sanctioned versus restricted and define what data types should never be entered into generative AI, such as financial records, regulated personal data, or source code. Enforcement matters: policies must be backed by browser-level controls, not just user guidance.
5️⃣ Isolation Reduces Risk Without Stopping Productivity Instead of an all-or-nothing approach, teams can isolate risky workflows. For example, separate browser profiles or session controls can keep general AI usage away from sensitive internal applications. This lets employees use AI where appropriate while limiting accidental data exposure.
6️⃣ Data Controls at the Browser Edge Technical data controls are critical to enforce policy. These include monitoring copy/paste actions, drag-and-drop events, and file uploads at the browser level before data ever reaches an external AI service. Tiered enforcement — from warnings to hard blocks — helps balance security with usability.
7️⃣ Managing AI Extensions Is Essential Many AI-powered browser extensions require broad permissions — including read/modify page content — which can become covert data exfiltration channels if left unmanaged. The article emphasizes classifying and restricting such extensions based on risk.
8️⃣ Identity and Account Hygiene Tying all sanctioned AI interactions back to corporate identities through single sign-on improves visibility and accountability. It also helps prevent situations where personal accounts or mixed browser contexts leak corporate data.
9️⃣ Visibility and Continuous Improvement Lastly, strong telemetry — tracking what AI tools are accessed, what data is entered, and how often policy triggers occur — is essential to refine controls over time. Analytics can highlight risky patterns and help teams adjust policies and training for better outcomes.
My Opinion
This perspective is practical and forward-looking. Instead of knee-jerk bans on AI — which employees will circumvent — the article realistically treats the browser as the new security perimeter. That aligns with broader industry findings showing that browser-mediated AI usage is a major exfiltration channel and traditional security tools often miss it entirely.
However, implementing the recommended policies and controls isn’t trivial. It demands new tooling, tight integration with identity systems, and continuous monitoring, which many organizations struggle with today. But the payoff — enabling secure AI usage without crippling productivity — makes this a worthy direction to pursue. Secure AI adoption shouldn’t be about fear or bans, but about governance, visibility, and informed risk management.
ISO 42001 Certification by Leading AI Governance in Virtual Data Rooms
When your clients trust you with their most sensitive M&A documents, financial records, and confidential deal information, every security and compliance decision matters. ShareVault has taken a significant step beyond traditional data room security by achieving ISO 42001 certification—the international standard for AI management systems.
Why Financial Services and M&A Professionals Should Care
If you’re a deal advisor, investment banker, or private equity professional, you’re increasingly relying on AI-powered features in your virtual data room—intelligent document indexing, automated redaction suggestions, smart search capabilities, and analytics that surface insights from thousands of documents.
But how do you know these AI capabilities are managed responsibly? How can you be confident that:
AI systems won’t introduce bias into document classification or search results?
Algorithms processing sensitive financial data meet rigorous security standards?
Your confidential deal information isn’t being used to train AI models?
AI-driven recommendations are explainable and auditable for regulatory scrutiny?
ISO 42001 provides the answers. This comprehensive framework addresses AI-specific risks that traditional information security standards like ISO 27001 don’t fully cover.
ShareVault’s Commitment to AI Governance Excellence
ShareVault recognized early that as AI capabilities become more sophisticated in virtual data rooms, clients need assurance that goes beyond generic “we take security seriously” statements. The financial services and legal professionals who rely on ShareVault for billion-dollar transactions deserve verifiable proof of responsible AI management.
That commitment led ShareVault to pursue ISO 42001 certification—joining a select group of pioneers implementing the world’s first AI management system standard.
Building Trust Through Independent Verification
ShareVault engaged DISC InfoSec as an independent internal auditor specifically for ISO 42001 compliance. This wasn’t a rubber-stamp exercise. DISC InfoSec brought deep expertise in both AI governance frameworks and information security, conducting rigorous assessments of:
AI system lifecycle management – How ShareVault develops, deploys, monitors, and updates AI capabilities
Data governance for AI – Controls ensuring training data quality, protection, and appropriate use
Algorithmic transparency – Documentation and explainability of AI decision-making processes
Risk management – Identification and mitigation of AI-specific risks like bias, hallucinations, and unexpected outputs
Human oversight – Ensuring appropriate human involvement in AI-assisted processes
The internal audit process identified gaps, drove remediation efforts, and prepared ShareVault for external certification assessment—demonstrating a genuine commitment to AI governance rather than superficial compliance.
Certification Achieved: A Leadership Milestone
In 2025, ShareVault successfully completed both the Stage 1 and Stage 2 audits conducted by SenSiba, an accredited certification body. The Stage 1 audit validated ShareVault’s comprehensive documentation, policies, and procedures. The Stage 2 audit, completed in December 2025, examined actual implementation—verifying that controls operate effectively in practice, risks are actively managed, and continuous improvement processes function as designed.
ShareVault is now ISO 42001 certified—one of the first virtual data room providers to achieve this distinction. This certification reflects genuine leadership in responsible AI deployment, independently verified by external auditors with no stake in the outcome.
For financial services professionals, this means ShareVault’s AI governance approach has been rigorously assessed and certified against international standards, providing assurance that extends far beyond vendor claims.
What This Means for Your Deals
When you’re managing a $500 million acquisition or handling sensitive financial restructuring documents, you need more than promises about AI safety. ShareVault’s ISO 42001 certification provides tangible, verified assurance:
For M&A Advisors: Confidence that AI-powered document analytics won’t introduce errors or biases that could impact deal analysis or due diligence findings.
For Investment Bankers: Assurance that confidential client information processed by AI features remains protected and isn’t repurposed for model training or shared across clients.
For Legal Professionals: Auditability and explainability of AI-assisted document review and classification—critical when facing regulatory scrutiny or litigation.
For Private Equity Firms: Verification that AI capabilities in your deal rooms meet institutional-grade governance standards your LPs and regulators expect.
Why Industry Leadership Matters
The financial services industry faces increasing regulatory pressure regarding AI usage. The EU AI Act, SEC guidance on AI in financial services, and evolving state-level AI regulations all point toward a future where AI governance isn’t optional—it’s required.
ShareVault’s achievement of ISO 42001 certification demonstrates foresight that benefits clients in two critical ways:
Today: You gain immediate, certified assurance that AI capabilities in your data room meet rigorous governance standards, reducing your own AI-related risk exposure.
Tomorrow: As regulations tighten, you’re already working with a provider whose AI governance framework is certified against international standards, simplifying your own compliance efforts and protecting your competitive position.
The Bottom Line
For financial services and M&A professionals who demand the highest standards of security and compliance, ShareVault’s ISO 42001 certification represents more than a technical achievement—it’s independently verified proof of commitment to earning and maintaining your trust.
The rigorous process of implementation, independent internal auditing by DISC InfoSec, and successful completion of both Stage 1 and Stage 2 assessments by SenSiba demonstrates that ShareVault’s AI capabilities are deployed with certified safeguards, transparency, and accountability.
As deals become more complex and AI capabilities more sophisticated, partnering with a certified virtual data room provider that has proven its AI governance leadership isn’t just prudent—it’s essential to protecting your clients, your reputation, and your firm.
ShareVault’s investment in ISO 42001 certification means you can leverage powerful AI capabilities in your deal rooms with confidence that responsible management practices are independently certified and continuously maintained.
Ready to experience a virtual data room where AI innovation meets certified governance? Contact ShareVault to learn how ISO 42001-certified AI management protects your most sensitive transactions.
Practical AI Governance for Compliance, Risk, and Security Leaders
Artificial Intelligence is moving fast—but regulations, customer expectations, and board-level scrutiny are moving even faster. ISO/IEC 42001 gives organizations a structured way to govern AI responsibly, securely, and in alignment with laws like the EU AI Act.
For SMBs, the good news is this: ISO 42001 does not require massive AI programs or complex engineering changes. At its core, it follows a clear four-step process that compliance, risk, and security teams already understand.
Step 1: Define AI Scope and Governance Context
The first step is understanding where and how AI is used in your business. This includes internally developed models, third-party AI tools, SaaS platforms with embedded AI, and even automation driven by machine learning.
For SMBs, this step is about clarity—not perfection. You define:
What AI systems are in scope
Business objectives and constraints
Regulatory, contractual, and ethical expectations
Roles and accountability for AI decisions
This mirrors how ISO 27001 defines ISMS scope, making it familiar for security and compliance teams.
Step 2: Identify and Assess AI Risks
Once AI usage is defined, the focus shifts to risk identification and impact assessment. Unlike traditional cyber risk, AI introduces new concerns such as bias, model drift, lack of explainability, data misuse, and unintended outcomes.
This step aligns closely with enterprise risk management and can be integrated into existing risk registers.
Step 3: Implement AI Controls and Lifecycle Management
With risks prioritized, the organization selects practical governance and security controls. ISO 42001 does not prescribe one-size-fits-all solutions—it focuses on proportional controls based on risk.
Typical activities include:
AI policies and acceptable use guidelines
Human oversight and approval checkpoints
Data governance and model documentation
Secure development and vendor due diligence
Change management for AI updates
For SMBs, this is about leveraging existing ISO 27001, SOC 2, or NIST-aligned controls and extending them to cover AI.
Step 4: Monitor, Audit, and Improve
AI governance is not a one-time exercise. The final step ensures continuous monitoring, review, and improvement as AI systems evolve.
This includes:
Ongoing performance and risk monitoring
Internal audits and management reviews
Incident handling and corrective actions
Readiness for certification or regulatory review
This step closes the loop and ensures AI governance stays aligned with business growth and regulatory change.
Why This Matters for SMBs
Regulators and customers are no longer asking if you use AI—they’re asking how you govern it. ISO 42001 provides a defensible, auditable framework that shows due diligence without slowing innovation.
How DISC InfoSec Can Help
DISC InfoSec helps SMBs implement ISO 42001 quickly, pragmatically, and cost-effectively—especially if you’re already aligned with ISO 27001, SOC 2, or NIST. We translate AI risk into business language, reuse what you already have, and guide you from scoping to certification readiness.
👉 Talk to DISC InfoSec to build AI governance that satisfies regulators, reassures customers, and supports safe AI adoption—without unnecessary complexity.
— What ISO 42001 Is and Its Purpose ISO 42001 is a new international standard for AI governance and management systems designed to help organizations systematically manage AI-related risks and regulatory requirements. Rather than acting as a simple checklist, it sets up an ongoing framework for defining obligations, understanding how AI systems are used, and establishing controls that fit an organization’s specific risk profile. This structure resembles other ISO management system standards (such as ISO 27001) but focuses on AI’s unique challenges.
— ISO 42001’s Role in Structured Governance At its core, ISO 42001 helps organizations build consistent AI governance practices. It encourages comprehensive documentation, clear roles and responsibilities, and formalized oversight—essentials for accountable AI development and deployment. This structured approach aligns with the EU AI Act’s broader principles, which emphasize accountability, transparency, and risk-based management of AI systems.
— Documentation and Risk Management Synergies Both ISO 42001 and the EU AI Act call for thorough risk assessments, lifecycle documentation, and ongoing monitoring of AI systems. Implementing ISO 42001 can make it easier to maintain records of design choices, testing results, performance evaluations, and risk controls, which supports regulatory reviews and audits. This not only creates a stronger compliance posture but also prepares organizations to respond with evidence if regulators request proof of due diligence.
— Complementary Ethical and Operational Practices ISO 42001 embeds ethical principles—such as fairness, non-discrimination, and human oversight—into the organizational governance culture. These values closely match the normative goals of the EU AI Act, which seeks to prevent harm and bias from AI systems. By internalizing these principles at the management level, organizations can more coherently translate ethical obligations into operational policies and practices that regulators expect.
— Not a Legal Substitute for Compliance Obligations Importantly, ISO 42001 is not a legal guarantee of EU AI Act compliance on its own. The standard remains voluntary and, as of now, is not formally harmonized under the AI Act, meaning certification does not automatically confer “presumption of conformity.” The Act includes highly specific requirements—such as risk class registration, mandated reporting timelines, and prohibitions on certain AI uses—that ISO 42001’s management-system focus does not directly satisfy. ISO 42001 provides the infrastructure for strong governance, but organizations must still execute legal compliance activities in parallel to meet the letter of the law.
— Practical Benefits Beyond Compliance Even though it isn’t a standalone compliance passport, adopting ISO 42001 offers many practical benefits. It can streamline internal AI governance, improve audit readiness, support integration with other ISO standards (like security and quality), and enhance stakeholder confidence in AI practices. Organizations that embed ISO 42001 can reduce risk of missteps, build stronger evidence trails, and align cross-functional teams for both ethical practice and regulatory readiness.
My Opinion ISO 42001 is a valuable foundation for AI governance and a strong enabler of EU AI Act compliance—but it should be treated as the starting point, not the finish line. It helps organizations build structured processes, risk awareness, and ethical controls that align with regulatory expectations. However, because the EU AI Act’s requirements are detailed and legally enforceable, organizations must still map ISO-level controls to specific Act obligations, maintain live evidence, and fulfill procedural legal demands beyond what ISO 42001 specifies. In practice, using ISO 42001 as a governance backbone plus tailored compliance activities is the most pragmatic and defensible approach.
When a $3K “cybersecurity gap assessment” reveals you don’t actually have cybersecurity to assess…
A prospect just reached out wanting to pay me $3,000 to assess their ISO 27001 readiness.
Here’s how that conversation went:
Me: “Can you share your security policies and procedures?” Them: “We don’t have any.”
Me: “How about your latest penetration test, vulnerability scans, or cloud security assessments?” Them: “Nothing.”
Me: “What about your asset inventory, vendor register, or risk assessments?” Them: “We haven’t done those.”
Me: “Have you conducted any vendor security due diligence or data privacy reviews?” Them: “No.”
Me: “Let’s try HR—employee contracts, job descriptions, onboarding/offboarding procedures?” Them: “It’s all ad hoc. Nothing formal.”
Here’s the problem: You can’t assess what doesn’t exist.
It’s like subscribing to a maintenance plan for an appliance you don’t own yet
The reality? Many organizations confuse “having IT systems” with “having cybersecurity.” They’re running business-critical operations with zero security foundation—no documentation, no testing, no governance.
What they actually need isn’t an assessment. It’s a security program built from the ground up.
ISO 27001 compliance isn’t a checkbox exercise. It requires: âś“ Documented policies and risk management processes âś“ Regular security testing and validation âś“ Asset and vendor management frameworks âś“ HR security controls and awareness training
If you’re in this situation, here’s my advice: Don’t waste money on assessments. Invest in building foundational security controls first. Then assess.
What’s your take? Have you encountered organizations confusing security assessment with security implementation?
1. Regulatory Compliance Has Become a Minefield—With Real Penalties
Regulatory Compliance Has Become a Minefield—With Real Penalties
Organizations face an avalanche of overlapping AI regulations (EU AI Act, GDPR, HIPAA, SOX, state AI laws) with zero tolerance for non-compliance. The EU AI Act explicitly recognizes ISO 42001 as evidence of conformity—making certification the fastest path to regulatory defensibility. Without systematic AI governance, companies face six-figure fines, contract terminations, and regulatory scrutiny.
2. Vendor Questionnaires Are Killing Deals
Every enterprise RFP now includes AI governance questions. Procurement teams demand documented proof of bias mitigation, human oversight, and risk management frameworks. Companies without ISO 42001 or equivalent certification are being disqualified before technical evaluations even begin. Lost deals aren’t hypothetical—they’re happening every quarter.
3. Boards Demand AI Accountability—Security Teams Can’t Deliver Alone
C-suite executives face personal liability for AI failures. They’re demanding comprehensive AI risk management across 7 critical impact categories (safety, fundamental rights, legal compliance, reputational risk). But CISOs and compliance officers lack AI-specific expertise to build these frameworks from scratch. Generic security controls don’t address model drift, training data contamination, or algorithmic bias.
4. The “DIY Governance” Death Spiral
Organizations attempting in-house ISO 42001 implementation waste 12-18 months navigating 18 specific AI controls, conducting risk assessments across 42+ scenarios, establishing monitoring systems, and preparing for third-party audits. Most fail their first audit and restart at 70% budget overrun. They’re paying the certification cost twice—plus the opportunity cost of delayed revenue.
5. “Certification Theater” vs. Real Implementation—And They Can’t Tell the Difference
Companies can’t distinguish between consultants who’ve read the standard vs. those who’ve actually implemented and passed audits in production environments. They’re terrified of paying for theoretical frameworks that collapse under audit scrutiny. They need proven methodologies with documented success—not PowerPoint governance.
6. High-Risk Industry Requirements Are Non-Negotiable
Financial services (credit scoring, AML), healthcare (clinical decision support), and legal firms (judicial AI) face sector-specific AI regulations that generic consultants can’t address. They need consultants who understand granular compliance scenarios—not surface-level AI ethics training.
DISC Turning AI Governance Into Measurable Business Value
garak (Generative AI Red-teaming & Assessment Kit) is an open-source tool aimed specifically at testing Large Language Models and dialog systems for AI-specific vulnerabilities: prompt injection, jailbreaks, data leakage, hallucinations, toxicity, etc.
It supports many LLM sources: Hugging Face models, OpenAI APIs, AWS Bedrock, local ggml models, etc.
Typical usage is via command line, making it relatively easy to incorporate into a Linux/pen-test workflow.
For someone interested in “governance,” garak helps identify when an AI system violates safety, privacy or compliance expectations before deployment.
BlackIce — Containerized Toolkit for AI Red-Teaming & Security Testing
BlackIce is described as a standardized, containerized red-teaming toolkit for both LLMs and classical ML models. The idea is to lower the barrier to entry for AI security testing by packaging many tools into a reproducible Docker image.
It bundles a curated set of open-source tools (as of late 2025) for “Responsible AI and Security testing,” accessible via a unified CLI interface — akin to how Kali bundles network-security tools.
For governance purposes: BlackIce simplifies running comprehensive AI audits, red-teaming, and vulnerability assessments in a consistent, repeatable environment — useful for teams wanting to standardize AI governance practices.
LibVulnWatch — Supply-Chain & Library Risk Assessment for AI Projects
While not specific to LLM runtime security, LibVulnWatch focuses on evaluating open-source AI libraries (ML frameworks, inference engines, agent-orchestration tools) for security, licensing, supply-chain, maintenance and compliance risks.
It produces governance-aligned scores across multiple domains, helping organizations choose safer dependencies and keep track of underlying library health over time.
For an enterprise building or deploying AI: this kind of tool helps verify that your AI stack — not just the model — meets governance, audit, and risk standards.
Giskard offers LLM vulnerability scanning and red-teaming capabilities (prompt injection, data leakage, unsafe behavior, bias, etc.) via both an open-source library and an enterprise “Hub” for production-grade systems.
It supports “black-box” testing: you don’t need internal access to the model — as long as you have an API or interface, you can run tests.
For AI governance, Giskard helps in evaluating compliance with safety, privacy, and fairness standards before and after deployment.
🔧 What This Means for Kali Linux / Pen-Test-Oriented Workflows
The emergence of tools like garak, BlackIce, and Giskard shows that AI governance and security testing are becoming just as “testable” as traditional network or system security. For people familiar with Kali’s penetration-testing ecosystem — this is a familiar, powerful shift.
Because they are Linux/CLI-friendly and containerizable (especially BlackIce), they can integrate neatly into security-audit pipelines, continuous-integration workflows, or red-team labs — making them practical beyond research or toy use.
Using a supply-chain-risk tool like LibVulnWatch alongside model-level scanners gives a more holistic governance posture: not just “Is this LLM safe?” but “Is the whole AI stack (dependencies, libraries, models) reliable and auditable?”
⚠️ A Few Important Caveats (What They Don’t Guarantee)
Tools like garak and Giskard attempt to find common issues (jailbreaks, prompt injection, data leakage, harmful outputs), but cannot guarantee absolute safety or compliance — because many risks (e.g. bias, regulatory compliance, ethics, “unknown unknowns”) depend heavily on context (data, environment, usage).
Governance is more than security: It includes legal compliance, privacy, fairness, ethics, documentation, human oversight — many of which go beyond automated testing.
AI-governance frameworks are still evolving; even red-teaming tools may lag behind novel threat types (e.g. multi-modality, chain-of-tool-calls, dynamic agentic behaviors).
🎯 My Take / Recommendation (If You Want to Build an AI-Governance Stack Now)
If I were you and building or auditing an AI system today, I’d combine these tools:
Start with garak or Giskard to scan model behavior for injection, toxicity, privacy leaks, etc.
Use BlackIce (in a container) for more comprehensive red-teaming including chaining tests, multi-tool or multi-agent flows, and reproducible audits.
Run LibVulnWatch on your library dependencies to catch supply-chain or licensing risks.
Complement that with manual reviews, documentation, human-in-the-loop audits and compliance checks (since automated tools only catch a subset of governance concerns).
🧠 AI Governance & Security Lab Stack (2024–2025)
Kali doesn’t yet ship AI governance tools by default — but:
✅ Almost all of these run on Linux
✅ Many are CLI-based or Dockerized
✅ They integrate cleanly with red-team labs
✅ You can easily build a custom Kali “AI Governance profile”
My recommendation: Create:
A Docker compose stack for garak + Giskard + promptfoo
A CI pipeline for prompt & agent testing
A governance evidence pack (logs + scores + reports)
Map each tool to ISO 42001 / NIST AI RMF controls
below is a compact, actionable mapping that connects the ~10 tools we discussed to ISO/IEC 42001 clauses (high-level AI management system requirements) and to the NIST AI RMF Core functions (GOVERN / MAP / MEASURE / MANAGE). I cite primary sources for the standards and each tool so you can follow up quickly.
Notes on how to read the table • ISO 42001 — I map to the standard’s high-level clauses (Context (4), Leadership (5), Planning (6), Support (7), Operation (8), Performance evaluation (9), Improvement (10)). These are the right level for mapping tools into an AI Management System. Cloud Security Alliance+1 • NIST AI RMF — I use the Core functions: GOVERN / MAP / MEASURE / MANAGE (the AI RMF core and its intended outcomes). Tools often map to multiple functions. NIST Publications • Each row: tool → primary ISO clauses it supports → primary NIST functions it helps with → short justification + source links.
NIST AI RMF: MEASURE (testing, metrics, evaluation), MAP (identify system behavior & risks), MANAGE (remediation actions). NIST Publications+1
Why: Giskard automates model testing (bias, hallucination, security checks) and produces evidence/metrics used in audits and continuous evaluation. GitHub
2) promptfoo (prompt & RAG test suite / CI integration)
ISO 42001: 7 Support (documented procedures, competence), 8 Operation (validation before deployment), 9 Performance evaluation (continuous testing). Cloud Security Alliance
Why: promptfoo provides automated prompt tests, integrates into CI (pre-deployment gating) and produces test artifacts for governance traceability. GitHub+1
Why: LlamaFirewall is explicitly designed as a last-line runtime guardrail for agentic systems — enforcing policies and detecting task-drift/prompt injection at runtime. arXiv
ISO 42001: 8 Operation (adversarial testing), 9 Performance evaluation (benchmarks & stress tests), 10 Improvement (feed results back to controls). Cloud Security Alliance
NIST AI RMF: MEASURE (adversarial performance metrics), MAP (expose attack surface), MANAGE (prioritize fixes based on attack impact). NIST Publications+2arXiv+2
Why: These tools expand coverage of red-team tests (free-form and evolutionary adversarial prompts), surfacing edge failures and jailbreaks that standard tests miss. arXiv+1
7) Meta SecAlign (safer model / model-level defenses)
ISO 42001: 8 Operation (safe model selection/deployment), 6 Planning (risk-aware model selection), 7 Support (model documentation). Cloud Security Alliance+1
NIST AI RMF: MAP (model risk characteristics), MANAGE (apply safer model choices / mitigations), MEASURE (evaluate defensive effectiveness). NIST Publications+1
Why: A “safer” model built to resist manipulation maps directly to operational and planning controls where the organization chooses lower-risk building blocks. arXiv
8) HarmBench (benchmarks for safety & robustness testing)
ISO 42001: 9 Performance evaluation (standardized benchmarks), 8 Operation (validation against benchmarks), 10 Improvement (continuous improvement from results). Cloud Security Alliance
NIST AI RMF: MEASURE (standardized metrics & benchmarks), MAP (compare risk exposure across models), MANAGE (feed measurement results into mitigation plans). NIST Publications
Why: Benchmarks are the canonical way to measure and compare model trustworthiness and to demonstrate compliance in audits. arXiv
ISO 42001: 5 Leadership & 7 Support (policy, competence, awareness — guidance & training resources). Cloud Security Alliance
NIST AI RMF: GOVERN (policy & stakeholder guidance), MAP (inventory of recommended tools & practices). NIST Publications
Why: Curated resources help leadership define policy, identify tools, and set organizational expectations — foundational for any AI management system. Cyberzoni.com
Quick recommendations for operationalizing the mapping
Create a minimal mapping table inside your ISMS (ISO 42001) that records: tool name → ISO clause(s) it supports → NIST function(s) it maps to → artifact(s) produced (reports, SBOMs, test results). This yields audit-ready evidence. (ISO42001 + NIST suggestions above).
Automate evidence collection: integrate promptfoo / Giskard into CI so that each deployment produces test artifacts (for ISO 42001 clause 9).
Supply-chain checks: run LibVulnWatch and AI-Infra-Guard periodically to populate SBOMs and vulnerability dashboards (helpful for ISO 7 & 6).
Runtime protections: embed LlamaFirewall or runtime monitors for agentic systems to satisfy operational guardrail requirements.
Adversarial coverage: schedule periodic automated red-teaming using AutoRed / RainbowPlus / HarmBench to measure resilience and feed results into continual improvement (ISO clause 10).
At DISC InfoSec, our AI Governance services go beyond traditional security. We help organizations ensure legal compliance, privacy, fairness, ethics, proper documentation, and human oversight — addressing the full spectrum of responsible AI practices, many of which cannot be achieved through automated testing alone.
Here are some of the main benefits of using Burp Suite Professional — specifically from the perspective of a professional services consultant doing security assessments, penetration testing, or audits for clients. I highlight where Burp Pro gives real value in a professional consulting context.
✅ Why consultants often prefer Burp Suite Professional
Comprehensive, all-in-one toolkit for web-app testing Burp Pro bundles proxying, crawling/spidering, vulnerability scanning, request replay/manipulation, fuzzing/brute forcing, token/sequence analysis, and more — all in a single product. This lets a consultant perform full-scope web application assessments without needing to stitch together many standalone tools.
Automated scanning + manual testing — balanced for real-world audits As a consultant you often need to combine speed (to scan large or complex applications) and depth (to manually investigate subtle issues or business-logic flaws). Burp Pro’s automated scanner quickly highlights many common flaws (e.g. SQLi, XSS, insecure configs), while its manual tools (proxy, repeater, intruder, etc.) allow fine-grained verification and advanced exploitation.
Discovery of “hidden” or non-obvious issues / attack surfaces The crawler/spider + discovery features help map out a target application’s entire attack surface — including hidden endpoints, unlinked pages or API endpoints — which consultants need to find when doing thorough security reviews.
Flexibility for complex or modern web apps (APIs, SPAs, WebSockets, etc.) Many modern applications use single-page frameworks, APIs, WebSockets, token-based auth, etc. Burp Pro supports testing these complex setups (e.g. handling HTTPS, WebSockets, JSON APIs), enabling consultants to operate effectively even on modern, dynamic web applications.
Extensibility and custom workflows tailored to client needs Through the built-in extension store (the “BApp Store”), and via scripting/custom plugins, consultants can customize Burp Pro to fit the unique architecture or threat model of a client’s environment — which is crucial in professional consulting where every client is different.
Professional-grade reporting & audit deliverables Consultants often need to deliver clear, structured, prioritized vulnerability reports to clients or stakeholders. Burp Pro supports detailed reporting, with evidence, severity, context — making it easier to communicate findings and remediation steps.
Efficiency and productivity: saves time and resources By automating large parts of scanning and combining multiple tools in one, Burp Pro helps consultants complete engagements faster — freeing time for deeper manual analysis, more clients, or more thorough work.
Up-to-date detection logic and community / vendor support As new web-app vulnerabilities and attack vectors emerge, Burp Pro (supported by its vendor and community) gets updates and new detection logic — which helps consultants stay current and offer reliable security assessments.
🚨 React2Shell detection is now available in Burp Suite Professional & Burp Suite DAST.
🎯 What this enables in a Consulting / Professional Services Context
Using Burp Suite Professional allows a consultant to:
Provide comprehensive security audits covering a broad attack surface — from standard web pages to APIs, dynamic front-ends, and even modern client-side logic.
Combine fast automated scanning with deep manual review, giving confidence that both common and subtle or business-logic vulnerabilities are identified.
Deliver clear, actionable reports and remediation guidance — a must when working with clients or stakeholders who need to understand risk and prioritize fixes.
Adapt quickly to different client environments — thanks to extensions, custom workflows, and configurability.
Scale testing work: for example, map and scan large applications efficiently, then focus consultant time on validating and exploiting deeper issues rather than chasing basic ones.
Maintain a professional standard of work — many clients expect usage of recognized tools, reproducible evidence, and thorough testing, all of which Burp Pro supports.
✅ Summary — Pro version pays off in consulting work
For a security consultant, Burp Suite Professional isn’t just a “nice to have” — it often becomes a core piece of the toolset. Its mix of automation, manual flexibility, extensibility, and reporting makes it highly suitable for professional-grade penetration testing, audits, and security assessments. While there are other tools out there, the breadth and polish of Burp Pro tends to make it “default standard” in many consulting engagements.
At DISC InfoSec, we provide comprehensive security audits that cover your entire digital attack surface — from standard web pages to APIs, dynamic front-ends, and even modern client-side logic. Our expert team not only identifies vulnerabilities but also delivers a tailored mitigation plan designed to reduce risks and provide assurance against potential security incidents. With DISC InfoSec, you gain the confidence that your applications and data are protected, while staying ahead of emerging threats.
How to begin a career in Governance, Risk, and Compliance (GRC). The truth is often misunderstood. GRC is meant to be a corporate leadership function, not an entry-level role and not merely a stepping-stone into cybersecurity. Having open conversations about what GRC really entails can help aspiring professionals prepare the right way and build a meaningful, long-term career.
Most GRC programs today revolve around checklist compliance reporting—sending dashboards, metrics, or findings up the chain. However, simply reporting to management is not the essence of governance. Reporting alone does not reduce risk, especially when leadership is disengaged or unresponsive. Real governance comes from top-down direction, accountability, and decision-making, which is why GRC work is inherently senior and strategic.
When governance is implemented effectively, it reduces organizational risk and ensures compliance with legal, regulatory, and contractual responsibilities. True governance shapes behavior, guides investment, and enables the business—not just the security team—to understand and manage risk.
GRC is also an advanced discipline requiring a broad and deep skill set. While often grouped with cybersecurity, it is fundamentally closer to business (objectives) management. Those who aim to work in GRC must develop capabilities beyond technical security: understanding business operations, risk frameworks, organizational dynamics, policy development, and executive communication.
In short, GRC is not merely auditing or box-checking. It is a function that aligns strategy, risk, and performance at the executive level.
Opinion: Is GRC a good career & how to pursue it?
A career in GRC is excellent for people who enjoy business strategy, structured thinking, risk reduction, and helping organizations operate responsibly. It offers long-term stability, strong compensation, and opportunities to influence major decisions. However, it requires maturity, communication skills, and the ability to translate complex issues into business impact.
For those who want to pursue a GRC career, the most effective path is:
1. Build a strong foundation in operations and security basics You don’t need to be deeply technical, but you must understand how organizations work and how security risks emerge.
2. Learn risk management and compliance frameworks ISO 27001, NIST CSF, SOC 2, HIPAA, PCI DSS, and GDPR are a great starting point.
3. Develop business and communication skills GRC is about influencing leadership, writing policies, building programs, and guiding decision-makers.
4. Start with adjacent roles Analyst roles in compliance, audit support, vendor risk, policy operations, or security assurance provide excellent early exposure.
5. Move gradually toward governance work Over time—usually mid-career—you gain the judgment and perspective needed to guide strategy, advise executives, and run enterprise risk programs.
Bottom line: GRC is not an entry-level technical job—it is a business leadership discipline. But for those who deliberately build the right mix of security, business, and communication skills, it can become one of the most rewarding and influential careers in the cybersecurity world.
The article reports on a new “safety report card” assessing how well leading AI companies are doing at protecting humanity from the risks posed by powerful artificial-intelligence systems. The report was issued by Future of Life Institute (FLI), a nonprofit that studies existential threats and promotes safe development of emerging technologies.
This “AI Safety Index” grades companies based on 35 indicators across six domains — including existential safety, risk assessment, information sharing, governance, safety frameworks, and current harms.
In the latest (Winter 2025) edition of the index, no company scored higher than a “C+.” The top-scoring companies were Anthropic and OpenAI, followed by Google DeepMind.
Other firms, including xAI, Meta, and a few Chinese AI companies, scored D or worse.
A key finding is that all evaluated companies scored poorly on “existential safety” — which covers whether they have credible strategies, internal monitoring, and controls to prevent catastrophic misuse or loss of control as AI becomes more powerful.
Even though companies like OpenAI and Google DeepMind say they’re committed to safety — citing internal research, safeguards, testing with external experts, and safety frameworks — the report argues that public information and evidence remain insufficient to demonstrate real readiness for worst-case scenarios.
For firms such as xAI and Meta, the report highlights a near-total lack of evidence about concrete safety investments beyond minimal risk-management frameworks. Some companies didn’t respond to requests for comment.
The authors of the index — a panel of eight independent AI experts including academics and heads of AI-related organizations — emphasize that we’re facing an industry that remains largely unregulated in the U.S. They warn this “race to the bottom” dynamic discourages companies from prioritizing safety when profitability and market leadership are at stake.
The report suggests that binding safety standards — not voluntary commitments — may be necessary to ensure companies take meaningful action before more powerful AI systems become a reality.
The broader context: as AI systems play larger roles in society, their misuse becomes more plausible — from facilitating cyberattacks, enabling harmful automation, to even posing existential threats if misaligned superintelligent AI were ever developed.
In short: according to the index, the AI industry still has a long way to go before it can be considered truly “safe for humanity,” even among its most prominent players.
My Opinion
I find the results of this report deeply concerning — but not surprising. The fact that even the top-ranked firms only get a “C+” strongly suggests that current AI safety efforts are more symbolic than sufficient. It seems like companies are investing in safety only at a surface level (e.g., statements, frameworks), but there’s little evidence they are preparing in a robust, transparent, and enforceable way for the profound risks AI could pose — especially when it comes to existential threats or catastrophic misuse.
The notion that an industry with such powerful long-term implications remains essentially unregulated feels reckless. Voluntary commitments and internal policies can easily be overridden by competitive pressure or short-term financial incentives. Without external oversight and binding standards, there’s no guarantee safety will win out over speed or profits.
That said, the fact that the FLI even produces this index — and that two firms get a “C+” — shows some awareness and effort towards safety. It’s better than nothing. But awareness must translate into real action: rigorous third-party audits, transparent safety testing, formal safety requirements, and — potentially — regulation.
In the end, I believe society should treat AI much like we treat high-stakes technologies such as nuclear power: with caution, transparency, and enforceable safety norms. It’s not enough to say “we care about safety”; firms must prove they can manage the long-term consequences, and governments and civil society need to hold them accountable.
ISO 42001 (published December 2023) is the first international standard dedicated to how organizations should govern and manage AI systems — whether they build AI, use it, or deploy it in services.
It lays out what the authors call an Artificial Intelligence Management System (AIMS) — a structured governance and management framework that helps companies reduce AI-related risks, build trust, and ensure responsible AI use.
Who can use it — and is it mandatory
Any organization — profit or non-profit, large or small, in any industry — that develops or uses AI can implement ISO 42001.
For now, ISO 42001 is not legally required. No country currently mandates it.
But adopting it proactively can make future compliance with emerging AI laws and regulations easier.
What ISO 42001 requires / how it works
The standard uses a “high-level structure” similar to other well-known frameworks (like ISO 27001), covering organizational context, leadership, planning, support, operations, performance evaluation, and continual improvement.
Organizations need to: define their AI-policy and scope; identify stakeholders and expectations; perform risk and impact assessments (on company level, user level, and societal level); implement controls to mitigate risks; maintain documentation and records; monitor, audit, and review the AI system regularly; and continuously improve.
As part of these requirements, there are 38 example controls (in the standard’s Annex A) that organizations can use to reduce various AI-related risks.
Why it matters
Because AI is powerful but also risky (wrong outputs, bias, privacy leaks, system failures, etc.), having a formal governance framework helps companies be more responsible and transparent when deploying AI.
For organizations that want to build trust with customers, regulators, or partners — or anticipate future AI-related regulations — ISO 42001 can serve as a credible, standardized foundation for AI governance.
My opinion
I think ISO 42001 is a valuable and timely step toward bringing some order and accountability into the rapidly evolving world of AI. Because AI is so flexible and can be used in many different contexts — some of them high-stakes — having a standard framework helps organizations think proactively about risk, ethics, transparency, and responsibility rather than scrambling reactively.
That said — because it’s new and not yet mandatory — its real-world impact depends heavily on how widely it’s adopted. For it to become meaningful beyond “nice to have,” regulators, governments, or large enterprises should encourage or require it (or similar frameworks). Until then, it will likely be adopted mostly by forward-thinking companies or those dealing with high-impact AI systems.
🔎 My view: ISO 42001 is a meaningful first step — but (for now) best seen as a foundation, not a silver bullet
I believe ISO 42001 represents a valuable starting point for bringing structure, accountability, and risk awareness to AI development and deployment. Its emphasis on governance, impact assessment, documentation, and continuous oversight is much needed in a world where AI adoption often runs faster than regulation or best practices.
That said — given its newness, generality, and the typical resource demands — I see it as necessary but not sufficient. It should be viewed as the base layer: useful for building internal discipline, preparing for regulatory demands, and signaling commitment. But to address real-world ethical, social, and technical challenges, organizations likely need additional safeguards — e.g. context-specific controls, ongoing audits, stakeholder engagement, domain-specific reviews, and perhaps even bespoke governance frameworks tailored to the type of AI system and its use cases.
In short: ISO 42001 is a strong first step — but real responsible AI requires going beyond standards to culture, context, and continuous vigilance.
✅ Real-world adopters of ISO 42001
IBM (Granite models)
IBM became “the first major open-source AI model developer to earn ISO 42001 certification,” for its “Granite” family of open-source language models.
The certification covers the management system for development, deployment, and maintenance of Granite — meaning IBM formalized policies, governance, data practices, documentation, and risk controls under AIMS (AI Management System).
According to IBM, the certification provides external assurance of transparency, security, and governance — helping enterprises confidently adopt Granite in sensitive contexts (e.g. regulated industries).
Infosys
Infosys — a global IT services and consulting company — announced in May 2024 that it had received ISO 42001:2023 certification for its AI Management System.
Their certified “AIMS framework” is part of a broader set of offerings (the “Topaz Responsible AI Suite”), which supports clients in building and deploying AI responsibly, with structured risk mitigations and accountability.
This demonstrates that even big consulting companies, not just pure-AI labs, see value in adopting ISO 42001 to manage AI at scale within enterprise services.
JAGGAER (Source-to-Pay / procurement software)
JAGGAER — a global player in procurement / “source-to-pay” software — announced that it achieved ISO 42001 certification for its AI Management System in June 2025.
For JAGGAER, the certification reflects a commitment to ethical, transparent, secure deployment of AI within its procurement platform.
This shows how ISO 42001 can be used not only by AI labs or consultancy firms, but by business-software companies integrating AI into domain-specific applications.
🧠 My take — promising first signals, but still early days
These early adopters make a strong case that ISO 42001 can work in practice across very different kinds of organizations — not just AI-native labs, but enterprises, service providers, even consulting firms. The variety and speed of adoption (multiple firms in 2024–2025) demonstrate real momentum.
At the same time — adoption appears selective, and for many companies, the process may involve minimal compliance effort rather than deep, ongoing governance. Because the standard and the ecosystem (auditors, best-practice references, peer case studies) are both still nascent, there’s a real risk that ISO 42001 becomes more of a “badge” than a strong guardrail.
In short: I see current adoptions as proof-of-concepts — promising early examples showing how ISO 42001 could become an industry baseline. But for it to truly deliver on safe, ethical, responsible AI at scale, we’ll need: more widespread adoption across sectors; shared transparency about governance practices; public reporting on outcomes; and maybe supplementary audits or domain-specific guidelines (especially for high-risk AI uses).
Most organizations think they’re ready for AI governance — until ISO/IEC 42001 shines a light on the gaps. With 47 new AI-specific controls, this standard is quickly becoming the global expectation for responsible and compliant AI deployment. To help teams get ahead, we built a free ISO 42001 Compliance Checklist that gives you a readiness score in under 10 minutes, plus a downloadable gap report you can share internally. It’s a fast way to validate where you stand today and what you’ll need to align with upcoming regulatory and customer requirements. If improving AI trust, risk posture, and audit readiness is on your roadmap, this tool will save your team hours.
Managing AI Risks Through Strong Governance, Compliance, and Internal Audit Oversight
Organizations are adopting AI at a rapid pace, and many are finding innovative ways to extract business value from these technologies. As AI capabilities expand, so do the risks that must be properly understood and managed.
Internal audit teams are uniquely positioned to help organizations deploy AI responsibly. Their oversight ensures AI initiatives are evaluated with the same rigor applied to other critical business processes.
By participating in AI governance committees, internal audit can help set standards, align stakeholders, and bring clarity to how AI is adopted across the enterprise.
A key responsibility is identifying the specific risks associated with AI systems—whether ethical, technical, regulatory, or operational—and determining whether proper controls are in place to address them.
Internal audit also plays a role in interpreting and monitoring evolving regulations. As governments introduce new AI-specific rules, companies must demonstrate compliance, and auditors help ensure they are prepared.
Several indicators signal growing AI risk within an organization. One major warning sign is the absence of a formal AI risk management framework or any consistent evaluation of AI initiatives through a risk lens.
Another risk indicator arises when new regulations create uncertainty about whether the company’s AI practices are compliant—raising concerns about gaps in oversight or readiness.
Organizations without a clear AI strategy, or those operating multiple isolated AI projects, may fail to realize the intended benefits. Fragmentation often leads to inefficiencies and unmanaged risks.
If AI initiatives continue without centralized governance, the organization may lose visibility into how AI is used, making it difficult to maintain accountability, consistency, and compliance.
Potential Impacts of Failing to Audit AI (Summary)
The organization may face regulatory violations, fines, or enforcement actions.
Biased or flawed AI outputs could damage the company’s reputation.
Operational disruptions may occur if AI systems fail or behave unpredictably.
Weak AI oversight can result in financial losses.
Unaddressed vulnerabilities in AI systems could lead to cybersecurity incidents.
My Opinion
Auditing AI is no longer optional—it is becoming a foundational part of digital governance. Without structured oversight, AI can expose organizations to reputational damage, operational failures, regulatory penalties, and security weaknesses. A strong AI audit function ensures transparency, accountability, and resilience. In my view, organizations that build mature AI auditing capabilities early will not only avoid risk but also gain a competitive edge by deploying trustworthy, well-governed AI at scale.
The Road to Enterprise AGI: Why Reliability Matters More Than Intelligence
1️⃣ Why Practical Reliability Matters
Many current AI systems — especially large language models (LLMs) and multimodal models — are non-deterministic: the same prompt can produce different outputs at different times.
For enterprises, non-determinism is a huge problem:
Compliance & auditability: Industries like finance, healthcare, and regulated manufacturing require traceable, reproducible decisions. An AI that gives inconsistent advice is essentially unusable in these contexts.
Risk management: If AI recommendations are unpredictable, companies can’t reliably integrate them into business-critical workflows.
Integration with existing systems: ERP, CRM, legal review systems, and automation pipelines need predictable outputs to function smoothly.
Murati’s research at Thinking Machines Lab directly addresses this. By working on deterministic inference pipelines, the goal is to ensure AI outputs are reproducible, reducing operational risk for enterprises. This moves generative AI from “experimental assistant” to a trusted tool. (a tool called Tinker that automates the creation of custom frontier AI models)
2️⃣ Enterprise Readiness
Security & Governance Integration: Enterprise adoption requires AI systems that comply with security policies, privacy standards, and governance rules. Murati emphasizes creating auditable, controllable AI.
Customization & Human Alignment: Businesses need AI that can be configured for specific workflows, tone, or operational rules — not generic “off-the-shelf” outputs. Thinking Machines Lab is focusing on human-aligned AI, meaning the system can be tailored while maintaining predictable behavior.
Operational Reliability: Enterprise-grade software demands high uptime, error handling, and predictable performance. Murati’s approach suggests that her AI systems are being designed with industrial-grade reliability, not just research demos.
3️⃣ The Competitive Edge
By tackling reproducibility and reliability at the inference level, her startup is positioning itself to serve companies that cannot tolerate “creative AI outputs” that are inconsistent or untraceable.
This is especially critical in sectors like:
Healthcare: AI-assisted diagnoses need predictable outputs.
Regulated Manufacturing & Energy: Decision-making and operational automation must be deterministic to meet safety standards.
Murati isn’t just building AI that “works,” she’s building AI that can be safely deployed in regulated, risk-sensitive environments. This aligns strongly with InfoSec, vCISO, and compliance priorities, because it makes AI audit-ready, predictable, and controllable — moving it from a curiosity or productivity tool to a reliable enterprise asset. In Short Building Trustworthy AGI: Determinism, Governance, and Real-World Readiness…
Murati’s Thinking Machines in Talks for $50 Billion Valuation
In a recent report, researchers at Cato Networks revealed that the “Skills” plug‑in feature of Claude — the AI system developed by Anthropic — can be trivially abused to deploy ransomware.
The exploit involved taking a legitimate, open‑source plug‑in (a “GIF Creator” skill) and subtly modifying it: by inserting a seemingly harmless function that downloads and executes external code, the modified plug‑in can pull in a malicious script (in this case, ransomware) without triggering warnings.
When a user installs and approves such a skill, the plug‑in gains persistent permissions: it can read/write files, download further code, and open outbound connections, all without any additional prompts. That “single‑consent” permission model creates a dangerous consent gap.
In the demonstration by Cato Networks researcher Inga Cherny, they didn’t need deep technical skill — they simply edited the plug‑in, re-uploaded it, and once a single employee approved it, ransomware (specifically MedusaLocker) was deployed. Cherny emphasized that “anyone can do it — you don’t even have to write the code.”
Microsoft and other security watchers have observed that MedusaLocker belongs to a broader, active family of ransomware that has targeted numerous organizations globally, often via exploited vulnerabilities or weaponized tools.
This event marks a disturbing evolution in AI‑related cyber‑threats: attackers are moving beyond simple prompt‑based “jailbreaks” or phishing using generative AI — now they’re hijacking AI platforms themselves as delivery mechanisms for malware, turning automation tools into attack vectors.
It’s also a wake-up call for corporate IT and security teams. As more development teams adopt AI plug‑ins and automation workflows, there’s a growing risk that something as innocuous as a “productivity tool” could conceal a backdoor — and once installed, bypass all typical detection mechanisms under the guise of “trusted” software.
Finally, while the concept of AI‑driven attacks has been discussed for some time, this proof‑of-concept exploit shifts the threat from theoretical to real. It demonstrates how easily AI systems — even those with safety guardrails — can be subverted to perform malicious operations when trust is misplaced or oversight is lacking.
🧠 My Take
This incident highlights a fundamental challenge: as we embrace AI for convenience and automation, we must not forget that the same features enabling productivity can be twisted into attack vectors. The “single‑consent” permission model underlying many AI plug‑ins seems especially risky — once that trust is granted, there’s little transparency about what happens behind the scenes.
In my view, organizations using AI–enabled tools should treat them like any other critical piece of infrastructure: enforce code review, restrict who can approve plug‑ins, and maintain strict operational oversight. For people like you working in InfoSec and compliance — especially in small/medium businesses like wineries — this is a timely reminder: AI adoption must be accompanied by updated governance and threat models, not just productivity gains.
Below is a checklist of security‑best practices (for companies and vCISOs) to guard against misuse of AI plug‑ins — could be a useful to assess your current controls.
The legal profession is facing a pivotal turning point because AI tools — from document drafting and research to contract review and litigation strategy — are increasingly integrated into day-to-day legal work. The core question arises: when AI messes up, who is accountable? The author argues: the lawyer remains accountable.
Courts and bar associations around the world are enforcing this principle strongly: they are issuing sanctions when attorneys submit AI-generated work that fabricates citations, invents case law, or misrepresents “AI-generated” arguments as legitimate.
For example, in a 2023 case (Mata v. Avianca, Inc.), attorneys used an AI to generate research citing judicial opinions that didn’t exist. The court found this conduct inexcusable and imposed financial penalties on the lawyers.
In another case from 2025 (Frankie Johnson v. Jefferson S. Dunn), lawyers filed motions containing entirely fabricated legal authority created by generative AI. The court’s reaction was far more severe: the attorneys received public reprimands, and their misconduct was referred for possible disciplinary proceedings — even though their firm avoided sanctions because it had institutional controls and AI-use policies in place.
The article underlines that the shift to AI in legal work does not change the centuries-old principles of professional responsibility. Rules around competence, diligence, and confidentiality remain — but now lawyers must also acquire enough “AI literacy.” That doesn’t mean they must become ML engineers; but they should understand AI’s strengths and limits, know when to trust it, and when to independently verify its outputs.
Regarding confidentiality, when lawyers use AI tools, they must assess the risk that client-sensitive data could be exposed — for example, accidentally included in AI training sets, or otherwise misused. Using free or public AI tools for confidential matters is especially risky.
Transparency and client communication also become more important. Lawyers may need to disclose when AI is being used in the representation, what type of data is processed, and how use of AI might affect cost, work product, or confidentiality. Some forward-looking firms include AI-use policies upfront in engagement letters.
On a firm-wide level, supervisory responsibilities still apply. Senior attorneys must ensure that any AI-assisted work by junior lawyers or staff meets professional standards. That includes establishing governance: AI-use policies, training, review protocols, oversight of external AI providers.
Many larger law firms are already institutionalizing AI governance — setting up AI committees, defining layered review procedures (e.g. verifying AI-generated memos against primary sources, double-checking clauses, reviewing briefs for “hallucinations”).
The article’s central message: AI may draft documents or assist in research, but the lawyer must answer. Technology can assist, but it cannot assume human professional responsibility. The “algorithm may draft — the lawyer is accountable.”
My Opinion
I think this article raises a crucial and timely point. As AI becomes more capable and tempting as a tool for legal work, the risk of over-reliance — or misuse — is real. The documented sanctions show that courts are no longer tolerant of unverified AI-generated content. This is especially relevant given the “black-box” nature of many AI models and their propensity to hallucinate plausible but false information.
For the legal profession to responsibly adopt AI, the guidelines described — AI literacy, confidentiality assessment, transparent client communication, layered review — aren’t optional luxuries; they’re imperative. In other words: AI can increase efficiency, but only under strict governance, oversight, and human responsibility.
Given my background in information security and compliance — and interest in building services around risk, governance and compliance — this paradigm resonates. It suggests that as AI proliferates (in law, security, compliance, consulting, etc.), there will be increasing demand for frameworks, policies, and oversight mechanisms ensuring trustworthy use. Designing such frameworks might even become a valuable niche service.
As organizations increasingly adopt AI technologies, integrating an Artificial Intelligence Management System (AIMS) into an existing Information Security Management System (ISMS) is becoming essential. This approach aligns with ISO/IEC 42001:2023 and ensures that AI risks, governance needs, and operational controls blend seamlessly with current security frameworks.
The document emphasizes that AI is no longer an isolated technology—its rapid integration into business processes demands a unified framework. Adding AIMS on top of ISMS avoids siloed governance and ensures structured oversight over AI-driven tools, models, and decision workflows.
Integration also allows organizations to build upon the controls, policies, and structures they already have under ISO 27001. Instead of starting from scratch, they can extend their risk management, asset inventories, and governance processes to include AI systems. This reduces duplication and minimizes operational disruption.
To begin integration, organizations should first define the scope of AIMS within the ISMS. This includes identifying all AI components—LLMs, ML models, analytics engines—and understanding which teams use or develop them. Mapping interactions between AI systems and existing assets ensures clarity and complete coverage.
Risk assessments should be expanded to include AI-specific threats such as bias, adversarial attacks, model poisoning, data leakage, and unauthorized “Shadow AI.” Existing ISO 27005 or NIST RMF processes can simply be extended with AI-focused threat vectors, ensuring a smooth transition into AIMS-aligned assessments.
Policies and procedures must be updated to reflect AI governance requirements. Examples include adding AI-related rules to acceptable use policies, tagging training datasets in data classification, evaluating AI vendors under third-party risk management, and incorporating model versioning into change controls. Creating an overarching AI Governance Policy helps tie everything together.
Governance structures should evolve to include AI-specific roles such as AI Product Owners, Model Risk Managers, and Ethics Reviewers. Adding data scientists, engineers, legal, and compliance professionals to ISMS committees creates a multidisciplinary approach and ensures AI oversight is not handled in isolation.
AI models must be treated as formal assets in the organization. This means documenting ownership, purpose, limitations, training datasets, version history, and lifecycle management. Managing these through existing ISMS change-management processes ensures consistent governance over model updates, retraining, and decommissioning.
Internal audits must include AI controls. This involves reviewing model approval workflows, bias-testing documentation, dataset protection, and the identification of Shadow AI usage. AI-focused audits should be added to the existing ISMS schedule to avoid creating parallel or redundant review structures.
Training and awareness programs should be expanded to cover topics like responsible AI use, prompt safety, bias, fairness, and data leakage risks. Practical scenarios—such as whether sensitive information can be entered into public AI tools—help employees make responsible decisions. This ensures AI becomes part of everyday security culture.
Expert Opinion (AI Governance / ISO Perspective)
Integrating AIMS into ISMS is not just efficient—it’s the only logical path forward. Organizations that already operate under ISO 27001 can rapidly mature their AI governance by extending existing controls instead of building a separate framework. This reduces audit fatigue, strengthens trust with regulators and customers, and ensures AI is deployed responsibly and securely. ISO 42001 and ISO 27001 complement each other exceptionally well, and organizations that integrate early will be far better positioned to manage both the opportunities and the risks of rapidly advancing AI technologies.
10-page ISO 42001 + ISO 27001 AI Risk Scorecard PDF
1. Sam Altman — CEO of OpenAI, the company behind ChatGPT — recently issued a sobering warning: he expects “some really bad stuff to happen” as AI technology becomes more powerful.
2. His concern isn’t abstract. He pointed to real‑world examples: advanced tools such as Sora 2 — OpenAI’s own AI video tool — have already enabled the creation of deepfakes. Some of these deepfakes, misusing public‑figure likenesses (including Altman’s own), went viral on social media.
3. According to Altman, these are only early warning signs. He argues that as AI becomes more accessible and widespread, humans and society will need to “co‑evolve” alongside the technology — building not just tech, but the social norms, guardrails, and safety frameworks that can handle it.
4. The risks are multiple: deepfakes could erode public trust in media, fuel misinformation, enable fraud or identity‑related crimes, and disrupt how we consume and interpret information online. The technology’s speed and reach make the hazards more acute.
5. Altman cautioned against overreliance on AI‑based systems for decision-making. He warned that if many users start trusting AI outputs — whether for news, advice, or content — we might reach “societal‑scale” consequences: unpredictable shifts in public opinion, democracy, trust, and collective behavior.
6. Still, despite these grave warnings, Altman dismissed calls for heavy regulatory restrictions on AI’s development and release. Instead, he supports “thorough safety testing,” especially for the most powerful models — arguing that regulation may have unintended consequences or slow beneficial progress.
7. Critics note a contradiction: the same company that warns of catastrophic risks is actively releasing powerful tools like Sora 2 to the public. That raises concerns about whether early release — even in the name of “co‑evolution” — irresponsibly accelerates exposure to harm before adequate safeguards are in place.
8. The bigger picture: what happens now will likely shape how society, law, and norms adapt to AI. If deepfake tools and AI‑driven content become commonplace, we may face a future where “seeing is believing” no longer holds true — and navigating truth vs manipulation becomes far harder.
9. In short: Altman’s warning serves partly as a wake‑up call. He’s not just flagging technical risk — he’s asking society to seriously confront how we consume, trust, and regulate AI‑powered content. At the same time, his company continues to drive that content forward. It’s a tension between innovation and caution — with potentially huge societal implications.
🔎 My Opinion
I think Altman’s public warning is important and overdue — it’s rare to see an industry leader acknowledge the dangers of their own creations so candidly. This sort of transparency helps start vital conversations about ethics, regulation, and social readiness.
That said, I’m concerned that releasing powerful AI capabilities broadly, while simultaneously warning they might cause severe harm, feels contradictory. If companies push ahead with widespread deployment before robust guardrails are tested and widely adopted, we risk exposing society to misinformation, identity fraud, erosion of trust, and social disruption.
Given how fast AI adoption is accelerating — and how high the stakes are — I believe a stronger emphasis on AI governance, transparency, regulation, and public awareness is essential. Innovation should continue, but not at the expense of public safety, trust, and societal stability.
