Tag: #AICompliance
Last month, I discovered something that stopped me cold during a routine penetration test. A developer had spun up an Ollama server to experiment with local AI models. Nothing unusual about that, except the server was publicly accessible with no authentication. The models it hosted had been trained on internal company data. This scenario plays […]
Generative AI tools like ChatGPT are now part of everyday work for individuals and organizations. They help with writing, coding, research, and decision support. But between 2023 and 2025, a series of security incidents, data leaks, and regulatory actions raised serious questions about how safe these tools really are. Some incidents involved OpenAI’s own systems. […]
Shadow AI and cyber risks have quickly become one of the most pressing challenges for modern enterprises. Shadow AI refers to the unsanctioned use of artificial intelligence tools by employees without the knowledge or approval of IT and security teams. What began as harmless experimentation—using ChatGPT to polish an email or Copilot to suggest a […]