CIO/CISO IT Security Strategy – jonas.colmsjo.com

CIO/CISO ITsec Summary week 12, 2026

The Trump administration’s AI legislative framework seeks to preempt state AI laws, the EU Council agreed its position to streamline AI Act enforcement timelines, Microsoft launched Zero Trust for AI ahead of RSAC 2026, and TLS certificate validity drops to 200 days forcing enterprises to automate certificate management.

CIO/CISO ITsec Summary week 11, 2026

Google closed its $32 billion Wiz acquisition reshaping cloud security strategy, the Trump administration released a national cyber strategy pivoting toward offensive operations, the EU endorsed the first binding international AI treaty, and the weaponization of Claude against the Mexican government demonstrated that agentic AI guardrails remain fundamentally bypassable.

CIO/CISO ITsec Summary week 10, 2026

Geopolitical conflict reshapes cyber risk posture as Iran threats escalate alongside a crippled CISA, while the NIST agentic AI comment deadline and new EU CRA guidance force strategic compliance decisions.

CIO/CISO ITsec Summary week 09, 2026

CISA replaced its acting director and announced a mission-narrowing reorganization just as the OWASP Top 10 for Agentic Applications formalized the security taxonomy for autonomous AI systems, NSA published the most actionable zero trust implementation guidelines to date, and ETH Zurich researchers dismantled the ‘zero-knowledge’ marketing claims of three major password managers serving 60 million users — while 80% of enterprise employees now use unsanctioned AI tools and Okta launched Agent Discovery to map shadow AI blast radius.

CIO/CISO ITsec Summary week 08, 2026

The DHS shutdown reduced CISA to 38% capacity just as the Promptware Kill Chain research formalized LLM attacks as a seven-stage malware class, Kyndryl launched policy-as-code governance for agentic AI, and the WEF Global Cybersecurity Outlook revealed that 94% of leaders see AI as the most significant driver of change in cybersecurity — while cyber insurance premiums face 15–20% increases and CISOs report that 52% find their scope no longer fully manageable.

CIO/CISO ITsec Summary week 07, 2026

Week 7 saw Palo Alto Networks close its historic $25B CyberArk acquisition — declaring identity the new security perimeter for the AI agent era — while the Pentagon threatened to sever its $200M Anthropic contract over AI safeguards, South Korea levied $25M in fines on luxury brands for SaaS security failures, and Google blocked a 100,000-prompt campaign to clone Gemini’s reasoning capabilities.

CIO/CISO ITsec Summary week 06, 2026

Week 6 saw Gartner name agentic AI oversight and post-quantum cryptography among its top six cybersecurity trends for 2026, OMB rescind Biden-era software attestation requirements in favor of a risk-based model, and the EU unconditionally approve Google’s $32B Wiz acquisition — while the SEC’s Regulation S-P compliance deadline arrived for large firms and CISA launched a new insider threat framework amid its own workforce reductions.