Ambassador

Albert Evans

Chief of Information Security at ISO New England Inc.

United StatesVerified Community Ambassador

Content Albert is Following

Where do new collaboration tools (Microsoft Teams, etc.) sit within your organization?

End-User Services & Collaboration People & Leadership

Applications

Enterprise Architecture

Information Security

Shared Services

Other

View Results

1.4k views1 Upvote

How much has virtual work affected org structure at your organization?

People & Leadership End-User Services & Collaboration

Not at all

Barely

Somewhat

Complete Overhaul

View Results

1k views1 Upvote

New NSA, CISA, and FBI guidance reveals 3 critical threats that can compromise AI systems:
1. Data Supply Chain Vulnerabilities – tampering or poisoning for as little as $60–$1,000
2. Maliciously Modified Data – adversarial poisoning and model inversion
3. Data Drift – natural evolution creates security blind spots

Where does your organization sit on the AI security maturity curve? Are you enhancing existing tools or implementing AI-specific platforms?

Read the full guidance: https://media.defense.gov/2025/May/22/2003720601/-1/-1/0/CSI_AI_DATA_SECURITY.PDF

Generative AI AI & Machine Learning

40 views

Disesdi Susanna Cox outlines 3 critical threats:
1. Non-deterministic decisions – same prompt, different actions (e.g., unintended transfers).
2. Cascading failures – multi-step tasks = more attack surface.
3. Emergent behavior – guardrails can’t cover infinite edge cases; focus on blast radius and recovery.

3 Controls to Implement Now:
• Map agent workflows to attack tactics (MITRE ATLAS)
• Weekly prompt-injection tests (OWASP + CSA)
• Least-privilege, expiring agent tokens (NIST AI RMF + CSA MAESTRO)

Which control or framework gives you the biggest headache, and how are you tackling it?

Full analysis: https://disesdi.substack.com/p/openai-just-dropped-their-agentic

Threat Intelligence & Incident Response Threat & Vulnerability Management

58 views

Does your organisation have a formalised threat hunting programme? If so - what were the key drivers for you in setting one up and what made it successful?

If not - what is stopping you from setting this up?

Threat & Vulnerability Management Threat Intelligence & Incident Response

Albert EvansChief of Information Security at ISO New England Inc. in Energy and Utilities4 days ago

If you have an IR retainer, I'd evaluate their threat hunting service. This usually provides 24/7 threat hunting at the cost of 1-2 FTE (e.g., CrowdStrike Overwatch). If you wish to build your team, consider your ability ...read more

396 views1 Comment