Quote for the day:
"Technology changes, but leadership is about clarity, courage, and creating momentum where none exists." -- Inspired by modern digital transformation principles
Why foundational defences against ransomware matter more than the AI threat
The 2025 Cyber Security Breaches Survey paints a concerning picture. According
to the study, ransomware attacks doubled between 2024 and 2025 – a surge less to
do with AI innovation and more about deep-rooted economic, operational and
structural changes within the cybercrime ecosystem. At the heart of this growth
in attacks is the growing popularity of the ransomware-as-a-service (RaaS)
business model. Groups like DragonForce or Ransomhub sell ready-made ransomware
toolkits to affiliates in exchange for a cut of the profits, enabling even
low-skilled attackers to conduct disruptive campaigns. ... Breaches often stem
from common, preventable issues such as poor credential hygiene or poorly
configured systems – areas that often sit outside scheduled assessments. When
assessments happen only once or twice a year, new gaps may go unnoticed for
months, giving attackers ample opportunity. To keep up, organisations need
faster, more continuous ways of validating defences. ... Most ransomware actors
follow well-worn playbooks, making them frequent visitors to company networks
but not necessarily sophisticated ones. That’s why effective ransomware
prevention is not about deploying cutting-edge technologies at every turn – it’s
about making sure the basics are consistently in place. Subliminal learning: When AI models learn what you didn’t teach them
“Subliminal learning is a general phenomenon that presents an unexpected
pitfall for AI development,” the researchers from Anthropic, Truthful AI, the
Warsaw University of Technology, the Alignment Research Center, and UC
Berkeley, wrote in their paper. “Distillation could propagate unintended
traits, even when developers try to prevent this via data filtering.” ...
Models trained on data generated by misaligned models, where AI systems
diverge from their original intent due to bias, flawed algorithms, data
issues, insufficient oversight, or other factors, and produce incorrect, lewd
or harmful content, can also inherit that misalignment, even if the training
data had been carefully filtered, the researchers found. They offered examples
of harmful outputs when student models became misaligned like their teachers,
noting, “these misaligned responses are egregious far beyond anything in the
training data, including endorsing the elimination of humanity and
recommending murder.” ... Today’s multi-billion parameter models are able to
discern extremely complicated relationships between a dataset and the
preferences associated with that data, even if it’s not immediately obvious to
humans, he noted. This points to a need to look beyond semantic and direct
data relationships when working with complex AI models.Why people-first leadership wins in software development
It frequently involves pushing for unrealistic deadlines, with project
schedules made without enough input from the development team about the true
effort needed and possible obstacles. This results in ongoing crunch periods
and mandatory overtime. ... Another indicator is neglecting signs of burnout
and stress. Leaders may ignore or dismiss signals such as team members
consistently working late, increased irritability, or a decline in
productivity, instead pushing for more output without addressing the root
causes. Poor work-life balance becomes commonplace, often without proper
recognition or rewards for the extra effort. ... Beyond the code, there’s a
stifled innovation and creativity. When teams are constantly under pressure to
just “ship it,” there’s little room for creative problem-solving,
experimentation, or thinking outside the box. Innovation, often born from
psychological safety and intellectual freedom, gets squashed, hindering your
company’s ability to adapt to new trends and stay competitive. Finally,
there’s damage to your company’s reputation. In the age of social media and
employer review sites, news travels fast. ... It’s vital to invest in team
growth and development. Provide opportunities for continuous learning,
training, and skill enhancement. This not only boosts individual capabilities
but also shows your commitment to their long-term career paths within your
organization. This is a crucial retention strategy.Achieving resilience in financial services through cloud elasticity and automation
In an era of heightened regulatory scrutiny, volatile markets, and growing
cybersecurity threats, resilience isn’t just a nice-to-have—it’s a necessity.
A lack of robust operational resilience can lead to regulatory penalties,
damaged reputations, and crippling financial losses. In this context, cloud
elasticity, automation, and cutting-edge security technologies are emerging as
crucial tools for financial institutions to not only survive but thrive amidst
these evolving pressures. ... Resilience ensures that financial institutions
can maintain critical operations during crises, minimizing disruptions and
maintaining service quality. Efficient operations are crucial for maintaining
competitive advantage and customer satisfaction. ... Effective resilience
strategies help institutions manage diverse risks, including cyber threats,
system failures, and third-party vulnerabilities. The complexity of
interconnected systems and the rapid pace of technological advancement add
layers of risk that are difficult to manage. ... Financial institutions are
particularly susceptible to risks such as system failures, cyberattacks, and
third-party vulnerabilities. ... As financial institutions navigate a
landscape marked by heightened risk, evolving regulations, and increasing
customer expectations, operational resilience has become a defining
imperative.Digital attack surfaces expand as key exposures & risks double
Among OT systems, the average number of exposed ports per organisation rose by
35%, with Modbus (port 502) identified as the most commonly exposed, posing
risks of unauthorised commands and potential shutdowns of key devices. The
exposure of Unitronics port 20256 surged by 160%. The report cites cases where
attackers, such as the group "CyberAv3ngers," targeted industrial control
systems during conflicts, exploiting weak or default passwords. ... The number
of vulnerabilities identified on public-facing assets more than doubled,
rising from three per organisation in late 2024 to seven in early 2025.
Critical vulnerabilities dating as far back as 2006 and 2008 still persist on
unpatched systems, with proof-of-concept code readily available online, making
exploitation accessible even to attackers with limited expertise. The report
also references the continued threat posed by ransomware groups who exploit
such weaknesses in internet-facing devices. ... Incidents involving exposed
access keys, including cloud and API keys, doubled from late 2024 to early
2025. Exposed credentials can enable threat actors to enter environments as
legitimate users, bypassing perimeter defenses. The report highlights that
most exposures result from accidental code pushes to public repositories or
leaks on criminal forums.How Elicitation in MCP Brings Human-in-the-Loop to AI Tools
Elicitation represents more than an incremental protocol update. It marks a
shift toward collaborative AI workflows, where the system and human
co-discover missing context rather than expecting all details upfront. Python
developers building MCP tools can now focus on core logic and delegate
parameter gathering to the protocol itself, allowing for a more streamlined
approach. Clients declare an elicitation capability during initialization, so
servers know they may elicit input at any time. That standardized interchange
liberates developers from generating custom UIs or creating ad hoc prompts,
ensuring coherent behaviour across diverse MCP clients. ... Elicitation
transforms human-in-the-loop (HITL) workflows from an afterthought to a core
capability. Traditional AI systems often struggle with scenarios that require
human judgment, approval, or additional context. Developers had to build
custom solutions for each case, leading to inconsistent experiences and
significant development overhead. With elicitation, HITL patterns become
natural extensions of tool functionality. A database migration tool can
request confirmation before making irreversible changes. A document generation
system can gather style preferences and content requirements through guided
interactions. An incident response tool can collect severity assessments and
stakeholder information as part of its workflow.Cognizant Agents Gave Hackers Passwords, Clorox Says in Lawsuit
“Cognizant was not duped by any elaborate ploy or sophisticated hacking
techniques,” the company says in its partially redacted 19-page complaint.
“The cybercriminal just called the Cognizant Service Desk, asked for
credentials to access Clorox’s network, and Cognizant handed the credentials
right over. Cognizant is on tape handing over the keys to Clorox’s corporate
network to the cybercriminal – no authentication questions asked.” ... The
threat actors made multiple calls to the Cognizant help desk, essentially
asking for new passwords and getting them without any effort to verify them,
Clorox wrote. They then used those new credentials to gain access to the
corporate network, launching a “debilitating” attack that “paralyzed Clorox’s
corporate network and crippled business operations. And to make matters worse,
when Clorox called on Cognizant to provide incident response and disaster
recovery support services, Cognizant botched its response and compounded the
damage it had already caused.” In statement to media outlets, a Cognizant
spokesperson said it was “shocking that a corporation the size of Clorox had
such an inept internal cybersecurity system to mitigate this attack.” While
Clorox is placing the blame on Cognizant, “the reality is that Clorox hired
Cognizant for a narrow scope of help desk services which Cognizant reasonably
performed. Cognizant did not manage cybersecurity for Clorox,” the
spokesperson said.Digital sovereignty becomes a matter of resilience for Europe
Open-source and decentralized technologies are essential to advancing Europe’s strategic autonomy. Across cybersecurity, communications, and foundational AI, we’re seeing growing support for open-source infrastructure, now treated with the same strategic importance once reserved for energy, water and transportation. The long-term goal is becoming clear: not to sever global ties, but to reduce dependencies by building credible, European-owned alternatives to foreign-dominated systems. Open-source is a cornerstone of this effort. It empowers European developers and companies to innovate quickly and transparently, with full visibility and control, essential for trust and sovereignty. Decentralized systems complement this by increasing resilience against cyber threats, monopolistic practices and commercial overreach by “big tech”. While public investment is important, what Europe needs most is a more “risk-on” tech environment, one that rewards ambition, accelerated growth and enables European players to scale and compete globally. Strategic autonomy won’t be achieved by funding alone, but by creating the right innovation and investment climate for open technologies to thrive. Many sovereign platforms emphasize end-to-end encryption, data residency, and open standards. Are these enough to ensure trust, or is more needed to truly protect digital independence?Building better platforms with continuous discovery
Platform teams are often judged by stability, not creativity. Balancing
discovery with uptime and reliability takes effort. So does breaking out of
the “tickets and delivery” cycle to explore problems upstream. But the teams
that manage it? They build platforms that people want to use, not just have to
use. Start by blocking time for discovery in your sprint planning, measuring
both adoption and friction metrics, and most importantly, talking to your
users periodically rather than waiting for them to come to you with problems.
Cultural shifts like this take time because you're not just changing the
process; you're changing what people believe is acceptable or expected. That
kind of change doesn't happen just because leadership says it should, or
because a manager adds a new agenda to planning meetings. It sticks when ICs
feel inspired and safe enough to work differently and when managers back that
up with support and consistency. Sometimes a C-suite champion helps set the
tone, but day-to-day, it's middle managers and senior ICs who do the slow,
steady work of normalizing new behavior. You need repeated proof that it's
okay to pause and ask why, to explore, to admit uncertainty. Without that
psychological safety, people just go back to what they know: deliverables and
deadlines. AI-enabled software development: Risk of skill erosion or catalyst for growth?
We need to reframe AI not as a rival, but as a tool—one that has its own pros
and cons and can extend human capability, not devalue it. This shift in
perspective opens the door to a broader understanding of what it means to be a
skilled engineer today. Using AI doesn’t eliminate the need for expertise—it
changes the nature of that expertise. Classical programming, once central to
the developer’s identity, becomes one part of a larger repertoire. In its
place emerge new competencies: critical evaluation, architectural reasoning,
prompt literacy, source skepticism, interpretative judgment. These are not
hard skills, but meta-cognitive abilities—skills that require us to think
about how we think. We’re not losing cognitive effort—we’re relocating it.
This transformation mirrors earlier technological shifts. ... Some of the
early adopters of AI enablement are already looking ahead—not just at the
savings from replacing employees with AI, but at the additional gains those
savings might unlock. With strategic investment and redesigned expectations,
AI can become a growth driver—not just a cost-cutting tool. But upskilling
alone isn’t enough. As organizations embed AI deeper into the development
workflow, they must also confront the technical risks that come with
automation. The promise of increased productivity can be undermined if these
tools are applied without adequate context, oversight, or infrastructure.
/articles/architecting-mvp-AI/en/smallimage/architecting-mvp-AI-thumbnail-1752567203613.jpg)
