IT SecurityNIS-2Cyber Risk Management
Crisis Organization When It Counts: When No One Knows What to Do Now
In a crisis exercise, the team lead's first words were: "Wait, where does it say what I'm supposed to do?" Crisis organization is not a PDF. Either it works – or it does not exist.
Alexander Busse Mar 20, 2026
Read more 
AI GovernanceArtificial IntelligenceCyber Risk ManagementBusiness Leadership
Prompt Injection: Why AI Agents Have a Governance Problem That Cannot Be Patched Away
OpenAI reveals: prompt injection attacks succeed despite protective mechanisms in 50 percent of cases. Why this is not a technical but a governance problem, and which five principles organizations should implement now.
Alexander Busse Mar 13, 2026
Read more 
NIS-2ComplianceCyber Risk Management
NIS-2 Incident Reporting Under Pressure: Why Friday Evening at 5:30 PM Is the Ultimate Test
NIS-2 incident reporting fails not because documentation is missing, but because the process breaks down under stress. What mid-sized businesses need to do now.
Alexander Busse Mar 11, 2026
Read more