BankInfoSecurity.com

Keyrock CISO David Cass on Managing Agentic AI Risk in Financial Services
As financial institutions accelerate AI adoption, traditional governance models are falling short. David Cass, CISO at Keyrock, explains why organizations must rethink accountability, asset visibility and identity controls to manage emerging risks from LLMs and agentic AI systems.

Centrii's Rafael Narezzi on Dangers of Weak Controls in Decentralized Energy Systems
As power systems decentralize to support AI workloads and rising energy demand, cyber defenses haven't been keeping pace, says Rafael Narezzi of Centrii. In fact, in December 2025 in Poland, cyberattackers disrupted the power grid balance by targeting battery storage systems.

Momentum Cyber CEO Eric McAlpine on the Funding Velocity of AI-Native Startups
Large funding rounds are concentrating on fewer cybersecurity startups as artificial intelligence accelerates product development. Momentum Cyber CEO Eric McAlpine shares why investors are backing AI-native startups earlier and how it is reshaping growth and competition in cybersecurity M&A.

Arctic Wolf CEO Nick Schneider on How Visibility, Human Oversight Shape AI Adoption
AI adoption is accelerating, but security leaders now demand proof of effectiveness and trust. Arctic Wolf CEO Nick Schneider explains why visibility, data evidence and human oversight are critical to ensure AI delivers reliable outcomes in cybersecurity operations.

Cisco's Jeetu Patel: Everyone Will Be a 'Manager of Agents'
Coding agents that once struggled below the surface level of basic web development can now refactor decades-old enterprise code at a speed and scale far beyond traditional teams, says Cisco's Jeetu Patel. He explains how AI-built software and machine-scale defense redefine competitive advantage.

Google Threat Intelligence's Sandra Joyce on AI Threats and Active Defense
Sharing threat intelligence is no longer enough - the cybersecurity industry must operationalize it through coordinated takedowns and active disruption, says Sandra Joyce, vice president at Google Threat Intelligence.

AI is compressing cyberattack timelines from months to minutes. While segmentation has been a gold standard security practice for years, many organizations are still operating with outdated, static approaches.

Roadmap Focuses on OT Security, Grid Hardening and Incident Response
A new Department of Energy strategy defines its role as sector risk manager for grid security, prioritizing OT defense, resilience and response - but analysts say it faces execution challenges tied to reduced funding, workforce constraints and reliance on weakened federal partners.

IT Worker Scheme, Laptop Farm Siphon Funds Back to North Korea
A U.S. federal judge sentenced a now-former Army soldier to one year in prison Friday for renting his identity to North Korean IT workers who used it to collect more than $193,000 in salaries from American companies. Also sentenced were two California men who facilitated $1.28M in fraudulent salaries.

J.P. Morgan’s Brian Essex on Why Valuations Drop as Fundamentals Hold Steady
Investor anxiety over AI's long-term impact is dragging down stock valuations despite steady growth and profitability, while companies focus on long-term valuation assumptions and secure business models, said Brian Essex, executive director of U.S. software equity research at J.P. Morgan.

Visa CISO Subra Kumaraswamy on Securing Agents, Fighting Fraud, Protecting Commerce
AI is transforming trust in global payments as attackers scale faster and agents automate decisions. CISO Subra Kumaraswamy explains how Visa uses AI to combat fraud, secure transactions and build trust across consumers, merchants and a rapidly evolving digital ecosystem.

March 11 Attack Claimed by Iranian Hacktivist Group Handala
Medtech maker Stryker on Monday told regulators that it has "contained" a March 11 cyber incident and is "working around the clock" to prioritize quickly restoring IT systems that directly support customers, ordering and shipping. Iranian hacktivist group Handala has claimed credit for the attack.

No Arrests, But Virtual Servers, IP Addresses Seized and Residencies Searched
U.S. authorities seized KimWolf - the attack infrastructure responsible for the largest distributed denial of service attack yet recorded in an international police operation that swept up servers underpinning four botnets.

Contec and Epsimed Monitors Containing 'Backdoors' Are at the Center of Order
Texas Gov. Abbott has ordered agencies to review foreign-made connected medical devices - especially those from Chinese manufacturers - used in state-owned facilities for cybersecurity issues that could pose security and privacy risks to patients and healthcare infrastructure.

Also: CISA Protocol Concerns, AI Agents Push Past Cybersecurity Controls
In this week's panel, four ISMG editors unpacked the cyber dimensions of the Stryker attack amid the escalating Iran-Israel-U.S. tensions, the growing controversy around CISA leadership and alleged protocol breaches, and a new set of concerns related to AI agents bypassing security controls.

New Handala Site Is Also Available
U.S. federal agents seized four web domains associated with Iranian hacking operations days after a threat actor going by Handala posted screenshots it said came from inside the IT systems of medical device manufacturer Stryker. The registrars used to create them are located in the United States.