CISO Debriefs — When AI Attacks

Intelligence Briefings for Security Leaders

CISO Debriefs

Practitioner-grade analysis of AI threats, governance failures, and the attack patterns your board needs to understand.

Latest Post

Latest — Identity Governance & Machine Credentials

Non-Human Identities

A human identity is someone you can fire. A non-human identity is something you forgot you provisioned. An AI agent is something that provisions itself. Your controls were built for the first one.

When AI Attacks Editorial June 19, 2026 Digital Content Series #7
Read the Debrief
MACHINE
1 Human
~100 Machine IDs
Full Access
Ungoverned identities — inside the perimeter
All Debriefs
MACHINE

Identity Governance & Machine Credentials

Non-Human Identities

A service account with a long-lived token, scoped to everything and owned by no one, leaks in a forked repo. An attacker assumes the agent’s identity, mints fresh tokens, and reads every customer record. No login. No alert. Nobody ever offboarded it.

June 19, 2026  ·  Digital Content Series #7

Read More →

Agentic Governance & Shadow Infrastructure

Shadow Agents

A regional director connects an AI agent to her work email. It operates for six weeks. Then a phishing email arrives. The agent drafts the wire transfer response. She approves. The wire processes. No SIEM entry. No alert. No identity record.

May 23, 2026  ·  Digital Content Series #6

Read More →

Agentic Evasion & Forensic Blindness

Ghost Agent

A malicious AI agent executes its task, exfiltrates data through an authorized channel, and self-terminates — leaving no logs, no trace, no forensic record. Normal termination is the attack.

May 18, 2026  ·  Digital Content Series #5

Read More →
Model Farming

Model Theft & IP Extraction at Scale

Model Farming

Distillation is the technique. Farming is what happens when it gets industrialized — rotating accounts, distributed infrastructure, automated pipelines running against dozens of targets simultaneously.

May 1, 2026  ·  Digital Content Series #4

Read More →
Model Distillation

Model Theft & IP Extraction

Model Distillation

You spent millions building it. I spent an API key and four months extracting it. Nobody secured what you were saying on the other side of your perimeter.

April 1, 2026  ·  Digital Content Series #3

Read More →
AI Supply Chain Attacks

AI Supply Chain · Third-Party Risk

AI Supply Chain Attacks: When Your Trusted Tool Becomes the Weapon

The model you deployed was clean. The update wasn’t.

Mar 30, 2026  ·  Digital Content Series #2

Read More →
Weaponized Trust

Prompt Injection · Social Engineering

Weaponized Trust: Prompt Injection & Social Engineering

They Didn’t Hack You. They Read Your Job Posting.

Mar 21, 2026  ·  Digital Content Series #1

Read More →
Coming Soon

Ransomware · AI-Augmented Attack

Ransomware + AI

The payload is the same. The targeting, timing, and negotiation are not. AI doesn’t change what ransomware does — it changes how well it works.

Coming Soon — Digital Content Series #8