SECURETARGET

Category: Security Governence

  • You Cannot Audit Your Own Shadow

    You Cannot Audit Your Own Shadow

    The illusion of independence In 2025, the industry still repeats the same mistake: letting the same hands build the system and then “validate” it. That is not validation. That is self‑comfort. A consultant who deploys your environment cannot be the one who tests it. A builder cannot be the judge of their own shortcuts. A…

  • Agentic AI vs. AI agent: why the confusion will cost you

    Agentic AI vs. AI agent: why the confusion will cost you

    You probably think they are the same thing. They are not. And if you are a security practitioner or a strategic thinker, the difference is not academic, it is operational. What most people get wrong An AI agent is a component. It is a model that perceives input and produces output. Think of it as…

  • Security solution which acts like traditional painkiller

    most security solutions are like traditional painkillers, we certainly feel better after talking them, but the root cause of pain remains intact and unresolved! as long as we do not address root cause of security incidents and vulnerabilities, we will be feeling better from short-term pain relief of “Security Solutions” and then suffering again soon…

  • Does AI help us in security operations?

    it does but only if it is originated from a intelligent programmer. AI is as smart as the people who did its modeling. an artificial intelligence cannot be more intelligent than its origination. presuming AI will be helping us securing cyberspace is like presuming we will have a accurate Accounting system or flawless GL just…

  • is security really a journey?

    you have probably heard or even sick of it: security is a journey…it never ends…security is not a destination…yada yada is security really a journey, or let’s say, does it have to be an endless journey where we actually do not enjoy or even hate to have such a journey? security as a journey yes…

  • human firewall

    no doubt that users are the main problem in the whole concept of cyber defense, as we call it weakest link. Now, Awareness and Training as security community typically has been doing is neither effective nor actually deliverable. Imagine we would want to continue law enforcement and public awareness by means of “Most Wanted” posted…