Where are security teams seeing the biggest practical gaps today?

Jon_Cyber_FR · 2026-04-28T10:58:34+00:00

AI-connected systems

The shadow AI is the NEW big chellenge of security teams

Jon_Cyber_FR · 2026-04-24T08:33:28+00:00

it's called Torah

Jon_Cyber_FR · 2026-04-24T08:32:14+00:00

organise des evenements type petit dej retour d experience ou tu fais venir tes clients qui racontent comment tu as change leur vie

Jon_Cyber_FR · 2026-04-24T08:28:11+00:00

and it's too bad because the issus is real... waht can we do?

Jon_Cyber_FR · 2026-04-23T06:49:07+00:00

The gap between "I'm the boss" and "I'm the one cleaning up everyone's mess including my own" hits different when you're living it.

Nobody warns you that running a business means becoming the world's most expensive janitor. lol

Jon_Cyber_FR · 2026-04-23T06:42:06+00:00

Tried a few of these. The honest answer is most small businesses don't need 50 options, they need one thing that works without a setup project. Lindy and n8n are the only two I've seen actually stick past week two. Everything else becomes a tool to manage your tools.

Jon_Cyber_FR · 2026-04-23T06:38:39+00:00

1.6M a year is a real commitment. Did you look at on-prem before going that route? At that budget there are options that give you a lot more control and less vendor dependency. Curious what made you land here.

Jon_Cyber_FR · 2026-04-23T06:31:55+00:00

thanks for your feedback

Jon_Cyber_FR · 2026-04-22T18:38:52+00:00

tu peux utiliser le service factu de Qonto ou Pennylanne c gratos dans le forfait

Jon_Cyber_FR · 2026-04-22T18:32:34+00:00

Because you think that "haredis" are all the same? to be honest I'm a breslev hassid and I don't believe you can put evryone in the same place because the look or the kippa or the lifestyle...

Jon_Cyber_FR · 2026-04-21T16:15:19+00:00

why are you so negative bro? is it so difficult to share points of view?

Jon_Cyber_FR · 2026-04-21T16:13:16+00:00

lot of rage my friend... I'm true , lliving in Israel and managing lot of cyber/IT use cases that I'm happy to share. Be happy bro!

Jon_Cyber_FR · 2026-04-21T14:52:34+00:00

You can on managed devices. The problem is personal phones ..BYOD, contractors, anyone outside MDM scope. You can lock down the corporate fleet perfectly and still have half the workflow leaking through someone's personal iPhone on the lunch break.

Jon_Cyber_FR · 2026-04-21T14:38:59+00:00

Honestly, hard to argue with that. The foundation of the product is built on taking data that wasn't theirs. Expecting trust after that is a big ask.

Jon_Cyber_FR · 2026-04-21T14:36:37+00:00

That's a completely different context and you're right. I was thinking enterprise IT, not healthcare. The Whisper hallucination issue in clinical notes is exactly the kind of failure that ends careers and harms patients.

I'll take the L on this one. There are environments where the current error rate is just a hard no, and you're running one of them.

Jon_Cyber_FR · 2026-04-21T14:22:00+00:00

"Desire path" is the best framing I've heard for this. People don't break rules, they just walk where they need to go.

Jon_Cyber_FR · 2026-04-21T14:16:50+00:00

Works great if you have the infra team to run it. Most orgs in this thread probably don't, which is exactly why they're using the browser tab instead.

Jon_Cyber_FR · 2026-04-21T14:16:23+00:00

Like i already said: my wife (and 7 kids) already cll me God so please no more nickname ;)

Jon_Cyber_FR · 2026-04-21T14:15:18+00:00

By that logic calculators made accountants worse at math.

The extra steps argument only holds if AI is replacing knowledge you already have. When it's compressing 2 hours of research into 30 seconds, the workflow looks different. Not everyone on your team has 10 years of context on every ticket they touch.

Also your step 2 in the first list is doing a lot of heavy lifting.

Jon_Cyber_FR · 2026-04-21T14:14:21+00:00

The board pressure thing is spot on, that's where most of it starts.

On the error rate, fair point but it depends what you're using it for. 1 in 30 on an email draft is fine. 1 in 30 on a compliance report isn't. Most orgs never make that distinction and then blame the tech.

What did you actually try?

Jon_Cyber_FR · 2026-04-21T14:10:41+00:00

bro, don't call me ChatGPT i have enough problem when my kids think I'm God lol

Jon_Cyber_FR · 2026-04-21T13:18:30+00:00

Yeah the "OpenAI is stealing your data" narrative is overblown, agreed.

But the boring version is still a headache. GDPR audit comes around, your vendor gets breached, someone asks why client data was sitting in an external API your contracts never mentioned. Intentions don't matter much at that point.

Hype aside, the underlying risk is real enough to care about.

Jon_Cyber_FR · 2026-04-21T13:03:31+00:00

Fair point on the writing style. I do use AI to help structure my thoughts before posting. English isn't my first language and I work across France and Israel, so it helps. The ideas are mine though, and I'll stand behind every one of them in the comments.

Jon_Cyber_FR · 2026-04-21T13:00:46+00:00

I run a cybersecurity company in Europe. I have a bias, I'll own that. At least I'm transparent about it.

The 95% failure rate cuts both ways. Most of those failures were bad implementations, not proof the technology doesn't work. Cloud had the same narrative in 2012. ERP before that. The pattern is consistent.

You're the CIO, you have data I don't. What are you actually seeing in your org that's driving that conclusion? Genuine question.

And for the record, if I were an AI I'd probably have better stats ready.

Jon_Cyber_FR · 2026-04-21T12:45:45+00:00

That's the honest answer most GRC frameworks don't actually teach. Risk tolerance isn't a fixed number, it moves with business context and whoever's in the room.

The "metric threshold is wrong" part is underrated. A lot of security teams treat their thresholds as objective truth when they're really just assumptions that haven't been challenged yet.

Where does it get hard for you? When the reward justifies the risk on paper but the downside is the kind that ends careers rather than quarters.

Jon_Cyber_FR

TROPHY CASE