August 06, 2025
Kannan Subbiah
vCxO | IT Governance | Mutual Funds | Independent Director | C|CISO | CGEIT | CISA | FCA
The so-called “Man in the Prompt” attack presents two priority risks. One is to internal LLMs that store sensitive company data and personal information, in the belief that it is appropriately fenced off from other software and apps. The other risk comes from particular LLMs that are broadly integrated into workspaces, such as Google Gemini’s interaction with Google Workspace tools such as Mail and Docs. This category of prompt injection attacks applies not just to any type of browser extension, but any model or deployment of LLM. And the malicious extension requires no special permissions to work, given that the DOM access already provides everything it needs. ... The other proof-of-concept targets Google Gemini, and by extension any elements of Google Workspace it has been integrated with. Gemini is meant to automate routine and tedious tasks in Workspace such as email responses, document editing and updating contacts. The trouble is that it has almost complete access to the contents of these accounts as well as anything the user has access permission for or has had shared with them by someone else. Prompt injection attacks conducted by these extensions can not only steal the contents of emails and documents with ease, but complex queries can be fed to the LLM to target particular types of data and file extensions; the autocomplete function can also be abused to enumerate available files.
The EU is considering setting minimum requirements for online platforms to disclose their use of age verification or age estimation tools in their terms and conditions. The obligation is contained in a new compromise draft text of the EU’s proposed law on detecting and removing online child sex abuse material (CSAM), dated July 24 and seen by MLex. A discussion of the proposal, which contains few other changes to a previous draft, is scheduled for September 12. The text also calls for online platforms to perform mandatory scans for CSAM, which critics say could result in false positives and break end-to-end cryptography. ... The way age verification is set to work under the OSA is described as a “privacy nightmare” by PC Gamer, but the article stands in stark contrast to the vague posturing of the political class. Author Jacob Ridley acknowledges the possibility for double-blind methods of age assurance among those that do not require any personal information at all to be shared with the website or app the individual is trying to access. At the same time, many age verification systems do not work this way. Also, age assurance pop-ups can be spoofed, and those spoofs could harvest a wealth of valuable personal information Privado ID Co-founder Evan McMullen calls it “like using a sledgehammer to crack a walnut.” McMullen, of course, prefers a decentralized approach that leans on zero-knowledge proofs (ZKPs).
“People are rushing now to get [MCP] functionality while overlooking the security aspect,” he said. “But once the functionality is established and the whole concept of MCP becomes the norm, I would assume that security researchers will go in and essentially update and fix those security issues over time. But it will take a couple of years, and while that is taking time, I would advise you to run MCP somehow securely so that you know what’s going on.” Beyond the tactical security issues around MCP, there are bigger issues that are more strategic, more systemic in nature. They involve the big changes that large language models (LLMs) are having on the cybersecurity business and the things that organizations will have to do to protect themselves from AI-powered attacks in the future ... The sheer volume of threat data, some of which may be AI generated, demands more AI to be able to parse it and understand it, Sharma said. “It’s not humanly possible to do it by a SOC engineer or a vulnerability engineer or a threat engineer,” he said. Tuskira essentially functions as an AI-powered security analyst to detect traditional threats on IT systems as well as threats posed to AI-powered systems. Instead of using commercial AI models, Sharma adopted open-source foundation models running in private data centers. Developing AI tools to counter AI-powered security threats demands custom models, a lot of fine-tuning, and a data fabric that can maintain context of particular threats, he said.
To take advantage of the benefits of smart tools and avoid overburdening the workforce, the board of directors must carefully manage their deployment. “As leaders, we must set clear limits, encourage training without overwhelming others, and open spaces for conversation about how people are experiencing this transition,” Blázquez says. “Technology must be an ally, not a threat, and the role of leadership will be key in that balance.” “It is recommended that companies take the first step. They must act from a preventative, humane, and structural perspective,” says De la Hoz. “In addition to all the human, ethical, and responsible components, it is in the company’s economic interest to maintain a happy, safe, and mission-focused workforce.” Regarding increasing personal productivity, he emphasizes the importance of “valuing their efforts, whether through higher salary returns or other forms of compensation.” ... From here, action must be taken, “implementing contingency plans to alleviate these areas.” One way: working groups, where the problems and barriers associated with technology can be analyzed. “From here, use these KPIs to change my strategy. Or to set it up, because often what happens is that I deploy the technology and forget how to get that technology adopted.”
While the battlefield feels very far away from the boardroom, this principle is something that CIOs can take on board when they’re tasked with steering a complex digital programme. Step back and clear the path so that you can trust your people to deliver; that’s when the real progress gets made. Contrary to popular belief, the military is not rigidly hierarchical. In fact, it teaches individuals to operate with autonomy within defined parameters. Officers set the boundaries of a mission and step back, allowing you to take full ownership of your actions. This approach is supported by the OODA Loop, a framework that cultivates awareness and decisive action under pressure. ... Resilience is perhaps the hardest leadership trait to teach and the most vital to embody. Military officers are taught to plan exhaustively, train rigorously, and prepare for all scenarios, but they’re also taught that ‘the first casualty of war is the plan.’ Adaptability under pressure is a non-negotiable mindset for you to adopt and instil in your team. When your team feels supported to grow, they stop fearing change and start responding to it; it is here that adaptability and resilience become second nature. There is also a practical opportunity to bring these principles in-house, as veterans transitioning out of the army may bring with them a refreshed leadership approach. Because they’re often confident under pressure and focused on outcomes, their transferrable skills allow them to thrive in the corporate world.
Integrating cost management directly into Infrastructure-as-Code (IaC) frameworks such as Terraform enforces fiscal responsibility at the resource provisioning phase. By explicitly defining resource constraints and mandatory tagging, teams can preemptively mitigate orphaned cloud expenditures. ... Integrating cost awareness directly within Continuous Integration and Delivery (CI/CD) pipelines ensures proactive management of cloud expenditures throughout the development lifecycle. Tools such as Infracost automate the calculation of incremental cloud costs introduced by individual code changes. ... Cost-based pre-merge testing frameworks reinforce fiscal prudence by simulating peak-load scenarios prior to code integration. Automated tests measured critical metrics, including ninety-fifth percentile response times and estimated cost per ten thousand requests, to ensure compliance with established financial performance benchmarks. Pull requests failing predefined cost-efficiency criteria were systematically blocked. ... Comprehensive cost observability tools such as Datadog Cost Dashboards combine billing metrics with Application Performance Monitoring (APM) data, directly supporting operational and cost-related SLO compliance.