Our security budget benchmark study offers objective insights and cross-industry survey results from CISOs across the U.S. and Canada.

About 90% of Microsoft 365 environments now have access to Copilot, and actual daily usage hovers around 30%. With this continued uptick in access and usage, security teams face data oversharing risks that now affect 15% of business-critical files. In this symposium, IANS Faculty Shannon Lietz walks through documented failure patterns, outlines ways to implement risk-based adoption strategies, and provides recommendations to help teams develop security controls that balance productivity gains against data exposure risks.

The Model Context Protocol (MCP), an open standard defining how AI assistants connect to external data sources and tools, is becoming vital infrastructure for generative and agentic AI applications. As organizations rapidly adopt these capabilities while managing risks, this symposium helps security leaders understand MCP's architecture, why vendors are quickly developing MCP servers, and the security risks of connecting AI systems to enterprise resources. We also explore how AI Security Posture Management (AI-SPM) tools are evolving to address these challenges and provide practical frameworks for managing MCP-enabled AI deployments.

Mike is a seasoned engineering leader with over 20 years of experience in cybersecurity, software engineering, and cloud-native architecture.  He currently leads Security Engineering at Netlify, having previously built and led the Security & Compliance program at the high-growth startup Gatsby through its acquisition by Netlify.

An active security researcher with multiple CVEs, Mike has presented research at security conferences and developed cybersecurity curriculum for the University of Pittsburgh, covering penetration testing and red team tactics.  Earlier in his career, Mike founded three tech companies and spent over a decade advising clients on software and cybersecurity initiatives.

Building efficient key and secret management processes and testing the rapid rekeying of your cryptographic estate will become increasingly important as recursive AI is directed at keys and secrets reverse engineering. This report explains how to prepare for recursive AI cryptographic attacks.

This checklist is designed to help security teams securely pilot and deploy specific Microsoft 365 (M365) Copilot features, such as M365 Copilot for Intelligent Search, Chat, Bing, SharePoint and Teams.

Just like hackers are using AI to level-up their attacks, security teams can also use AI to bolster their capabilities. Common use-cases for security teams include: threat detection and response, optimizing code, and vulnerability management.

This report explores five critical risk areas: over-reliance on AI, AI bias, hiring misrepresentation through AI, combinatorial risks from agentic AI systems and AI tool sprawl.

This document provides a detailed set of prompts to evaluate the security and data privacy guardrails of AI systems.