How AI and Cyber Culture Collide: Human Risk in the Age of GenAI
GenAI showed up in most organizations the way shadow IT did: not with a carefully planned rollout, but with a link in a chat.
7 min read
What Is Cognitive Operations? The Human Competency for Safe AI
We’ve spent years building IT operations, security operations and now AI operations. But there’s a missing layer: the operational capability that...
1 min read
What is AI Risk Culture?
You can buy AI tools. You can stand up models. You can write policies. None of that guarantees that AI will be used safely or wisely in real work.
1 min read
Culture for Security Awareness Leads: From Courses to Human Risk Operations
If you’re a security awareness lead, you’ve probably felt it:
7 min read
What is the Cognitive Attack Surface?
You already know about attack surfaces in the traditional sense: networks, applications, endpoints, cloud services. But there’s another surface that...
1 min read
What is the Psychological Perimeter?
Perimeters used to be simple: keep the bad guys out of the network, then lock down identities and endpoints. Today, those lines have blurred. Cloud,...
2 min read
Trust Anchors in a Fake World: Build Analog Rituals into Digital Systems
On the other end of every AI-generated deepfake, every spoofed email, every well-crafted text message from "your CEO" asking you to wire funds...
3 min read
Cyber Culture for CISOs: Questions the Board Will Ask (and How to Answer)
If you’re a CISO, you already know this: the board is suddenly very interested in “cyber culture.”
8 min read
Designing Analog Friction: Why Slow, Interruptive Trust Signals Still Work
There’s an old security adage: "If it’s too easy, it’s probably not secure." But in our race to streamline, automate, and digitize everything, we've...
2 min read
NCSC Cyber Culture FAQ: 21 Questions Answered
Huzzah! NCSC has put cyber security culture firmly on the map. Boards are asking about it, CISOs are being measured on it, and security awareness...
8 min read