Cybersecurity Headlines Department of Know: Sedgewick confirms incident, Coupang store credit only, AI needs generators
Jan 6, 2026
Peter Clay, CISO at Aireon, and Chris Ray, Field CTO at GigaOm, dive deep into pressing cybersecurity issues. They discuss the dual threat of AI agents and insider risks, emphasizing the need for robust access controls. Prompt injection vulnerabilities are dissected, with both guests advocating for layered defenses. The conversation also touches on recent ransomware incidents and the persistent risks from third-party suppliers. Finally, they warn about overlooked security in AI infrastructure, highlighting the importance of reinforcing defenses as technology evolves.
AI Snips
Chapters
Books
Transcript
Episode notes
AI Agents Can Become Super Users
- AI agents create a "super user" problem by chaining access across systems without security teams' oversight.
- Peter Clay and Chris Ray warn identity and access management must be fixed before wide AI deployment.
Prompt Injection Is A Layered Problem
- Prompt injection against browser-based AI agents may never be fully solved at the model layer.
- Teams must layer controls like input filtering, output validation, privilege separation, and monitoring.
Extensions Are The New Watering Hole
- Malicious browser extensions have become a modern watering-hole for espionage across meeting platforms.
- Dark Spectre's campaigns show extensions can hijack searches, commit ad fraud, and exfiltrate meeting data.
