The Preventable Breach: The Importance of Strong Vulnerability and Patch Management
The Importance of Strong Vulnerability and Patch Management The digital forensics team’s report lands on your desk in the quiet aftermath of a data breach. You open it, scanning past timelines and technical details, searching for the answer everyone’s been asking: How did they get in? Your heart sinks when you realize that the attacker […]
Mythos Preview and Frontier AI: From Uncertainty to Action
The conversation around Anthropic’s Mythos Preview, a new Frontier AI system, has escalated quickly. It has created a fundamental shift in cybersecurity and cyber risk at large. But amid all the noise and ambiguity, there are practical ways to manage this new risk. Background: Mythos in a Nutshell Mythos autonomously discovered thousands of zero-day vulnerabilities […]
The Day Cybersecurity Changed Forever
What Anthropic’s Project Glasswing Means – and What Canadian Organizations Must Do Right Now By Andrew Buckles, EVP, Services, ISA Cybersecurity For those close to me, this won’t come as a surprise: I think about AI every single day. The novelty of it fascinates me. Not just because of what it can do today, but […]
OSFI E-23 in Practice: What Model Risk Compliance Really Looks Like
If you lead risk, compliance, or information security at a Canadian financial institution, OSFI Guideline E-23 – Model Risk Management (MRM) – is one of your most immediate AI governance obligations. Effective May 1, 2027, it applies to all federally-regulated financial institutions (FRFIs) and sets out formal expectations for how AI and machine learning models should be governed across the enterprise. This article covers what E-23 actually requires, where institutions […]
Taming the Flood: Bringing Order out of Chaos in Your Security Data
Today’s security teams aren’t short on data – they’re overwhelmed by it. Logs stream endlessly from cloud platforms, endpoints, networks, identity systems, and hundreds of additional sources. Each promises insight. Collectively, they create noise. The stakes are rising fast: in 2025, the average cost of a data breach in Canada reached CA$6.98 million, a 10.4% […]
AI is the New Threat Surface
Why Canadian Organizations Must Rethink Cybersecurity in the Age of AI In June 2025, a single email compromised Microsoft 365 Copilot. The vulnerability, dubbed EchoLeak (CVE-2025-32711), required no clicks, no attachments, no user interaction whatsoever. The AI assistant simply processed the malicious email as part of its normal operation – and silently exfiltrated emails, documents, […]
AI+ vs. +AI: Building a Future-Proof AI Architecture
Artificial intelligence is reshaping how organizations modernize… but not all modernization is created equal. Consider this tale of two companies who pursued AI in different ways – and with different results. Once upon a time, two companies set out to modernize their operations with artificial intelligence. Both had the same ambition: to become faster, smarter, […]
Security Awareness: The Easiest, Smartest Cyber Investment You’re Not Making
Cybersecurity isn’t just an IT issue – it’s a business continuity and resilience imperative. With one in five malicious emails still making it past filters, human judgement is a critical control point. This challenge is only intensifying as cyber criminals are using AI tools to craft flawless, personalized phishing emails that may slip past traditional […]
Zero Trust: The Key to Modern Cybersecurity and Risk Management
In a world in which users, devices, and data can be anywhere, the old “protect the perimeter” approach to security no longer works. That’s why Zero Trust has become a critical component of any organization’s security maturity journey. By adopting a “never trust, always verify” philosophy, you can significantly enhance your defenses against sophisticated cyber […]