by valino | May 27, 2026 | Hacking, Compliance
The most expensive backup recovery failure we triaged in 2026 was caused by a recovery procedure that had not been tested under load since 2021. The backups themselves were intact. The encryption keys were available. The storage tier was online. The recovery script,...
by valino | May 26, 2026 | Hacking, Compliance
The most damaging insider threat case we worked in 2026 was not malicious. It was a senior engineer, two weeks before voluntarily leaving a company, who copied a folder of design documents to a personal cloud account because he wanted to remember what he had built. He...
by valino | May 25, 2026 | Hacking, Compliance
The most useful zero trust implementation we have audited in 2026 took six years and produced an environment in which a compromised laptop could not, by itself, reach any production system. The least useful zero-trust implementation we have audited took eighteen...
by valino | May 25, 2026 | Hacking, Compliance
This is the third Sunday letter we have written for the executive who is reading on a quiet evening with the laptop half-closed. The first focused on the questions to ask. The second focused on personal liability. This one focuses on the question that quietly governs...
by valino | May 23, 2026 | Hacking, Compliance
The most consequential AI security finding we shipped to a client in 2026 had nothing to do with prompt injection or model jailbreaks. It was an internal customer-support copilot that an enterprising employee had pointed at the company’s complete document...
