{"id":5480,"date":"2026-07-12T19:32:27","date_gmt":"2026-07-13T00:32:27","guid":{"rendered":"https:\/\/www.cybersecurityinstitute.com\/blog\/?p=5480"},"modified":"2026-07-12T19:32:27","modified_gmt":"2026-07-13T00:32:27","slug":"the-ciso-brief-july-12-2026","status":"publish","type":"post","link":"https:\/\/www.cybersecurityinstitute.com\/blog\/?p=5480","title":{"rendered":"The CISO Brief \u2014 July 12, 2026"},"content":{"rendered":"<style>\n.single .entry-title,\n.single .entry-header .entry-title,\n.single .post-title,\n.single header.entry-header h1,\n.single h1.entry-title,\n.single .page-title,\n.post-template-default h1.entry-title,\n.post-template-default .entry-header,\narticle .entry-header,\narticle .entry-title { display: none !important; }\n.single .entry-header { margin: 0 !important; padding: 0 !important; }\n.single .entry-content { margin-top: 0 !important; padding-top: 0 !important; }\n<\/style>\n<table role=\"presentation\" class=\"wrapper\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\" width=\"100%\">\n<tr>\n<td align=\"center\">\n<table role=\"presentation\" class=\"container\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\" width=\"680\">\n<p>        <!-- Banner --><\/p>\n<tr>\n<td class=\"banner\">\n<p class=\"date\" style=\"color:#ffffff !important;\">July 12, 2026 &middot; Weekly Edition<\/p>\n<h1 style=\"color:#ffffff !important;\">The CISO Brief<\/h1>\n<p class=\"tagline\" style=\"color:#ffffff !important;\">A fresh crop of CISOs takes the chair at Coinbase, Solana, Google Cloud and Blue Mountain just as TikTok and Madison Square Garden face breach litigation, the UK unveils a national agentic-AI defense plan, and the CIO trade press wrestles with why AI&#8217;s ROI is so hard to pin down.<\/p>\n<\/td>\n<\/tr>\n<p>        <!-- At a glance --><\/p>\n<tr>\n<td class=\"content\">\n<h2>At a glance<\/h2>\n<p>It was a leadership-heavy week. Coinbase hired Unit 42 CTO Michael Sikorski as CISO, the Solana Foundation named former Twitter\/Mozilla security chief Michael Coates to the same role, life-sciences software vendor Blue Mountain elevated Paul Adams to CISO, and Google Cloud&#8217;s Chris Betz gave his first interview since taking the CISO title there \u2014 all within days of a new publication, CISO HQ, launching specifically to help executives triage exactly this kind of news firehose. Read together, the moves underline how contested and visible the CISO seat has become across crypto, cloud and regulated-industry software alike, with security leadership increasingly treated as a headline-worthy hire rather than a back-office appointment.<\/p>\n<p>Breach-driven litigation kept pace on the legal side: a proposed class action accuses TikTok of exposing the private information of more than 2.4 billion users in a June database compromise, while a separate suit against Madison Square Garden Entertainment alleges the June ShinyHunters intrusion exposed biometric data MSG has used since 2018 to build visitor &#8220;threat assessments&#8221; \u2014 a detail that could reshape how facial-recognition and surveillance programs get scrutinized in discovery. On the regulatory side, the FTC secured a $2.25 million settlement with tenant-screening firm RentGrow over Fair Credit Reporting Act violations, and the UK government paired a national &#8220;Cyber Shield&#8221; agentic-AI defense blueprint from NCSC\/GCHQ with a voluntary Cyber Resilience Pledge signed by 60 companies \u2014 a soft-power move commentators read as the precursor to harder mandates under the pending Cyber Security and Resilience Bill.<\/p>\n<p>Rounding out the week, a MetaCompliance survey found 78% of European CISOs believe their C-suite doesn&#8217;t fully grasp employee-driven cyber risk, and a cluster of CIO.com pieces dug into why AI ROI remains so hard to measure, what courses exist to help IT leaders manage AI-driven organizational change, and why business-process rigidity \u2014 not IT capability \u2014 is the real bottleneck holding back AI value. A SecurityWeek profile of CISO Tarah Wheeler closes out this week&#8217;s foundational reading with a meditation on the industry&#8217;s lack of ground truth and statistics.<\/p>\n<p>            <!-- Topic map --><\/p>\n<div class=\"topic-map\">\n              <img decoding=\"async\" src=\"https:\/\/www.cybersecurityinstitute.com\/blog\/wp-content\/uploads\/2026\/07\/topic-map-ciso-2026-07-12-2.png\" alt=\"Topic map of this week's CISO Brief themes\" loading=\"eager\"><\/p>\n<p class=\"caption\">This week&#8217;s topic map \u2014 the CISO appointment wave (Coinbase\/Sikorski, Solana\/Coates, Blue Mountain\/Adams, Google Cloud\/Betz), the breach-lawsuit wave (TikTok, Madison Square Garden\/ShinyHunters), the UK&#8217;s Cyber Shield and Cyber Resilience Pledge, the FTC-RentGrow settlement, the board-CISO trust gap, and the AI ROI\/change-management cluster.<\/p>\n<p>              <!-- INTERACTIVE_MAP_LINK_START --><\/p>\n<p style=\"margin:10px 0 0;text-align:center;\"><a href=\"https:\/\/www.cybersecurityinstitute.com\/blog\/?p=5479\" target=\"_blank\" rel=\"noopener\" style=\"display:inline-block;padding:8px 18px;background-color:#0f172a;color:#ffffff !important;text-decoration:none;border-radius:6px;font-size:13px;font-weight:600;\">View interactive topic map &rarr;<\/a><\/p>\n<p><!-- INTERACTIVE_MAP_LINK_END -->\n            <\/div>\n<p>            <!-- Article index --><\/p>\n<h2>Article index<\/h2>\n<h3>Cluster 1 \u2014 New CISO appointments<\/h3>\n<div class=\"cluster-intro\">Four organizations named new security chiefs this week, and a new publication launched specifically to help executives make sense of a news cycle this dense.<\/div>\n<table class=\"index-table\">\n<tr>\n<th>Article<\/th>\n<th>Source<\/th>\n<th>Published<\/th>\n<\/tr>\n<tr>\n<td>1. <a href=\"https:\/\/newsblaze.com\/business\/security\/ciso-hq-launches-to-help-security-leaders-turn-cybersecurity-news-into-action_215369\/\">CISO HQ Launches to Help Security Leaders Turn Cybersecurity News Into Action<\/a><\/td>\n<td class=\"src\">NewsBlaze<\/td>\n<td class=\"dt\">Jul 5, 2026<\/td>\n<\/tr>\n<tr>\n<td>2. <a href=\"https:\/\/fxnewsgroup.com\/forex-news\/executives\/coinbase-hires-unit-42-cto-michael-sikorski-as-its-new-ciso\/\">Coinbase Hires Unit 42 CTO Michael Sikorski as Its New CISO<\/a><\/td>\n<td class=\"src\">FX News Group<\/td>\n<td class=\"dt\">Jul 7, 2026<\/td>\n<\/tr>\n<tr>\n<td>3. <a href=\"https:\/\/www.infosecurity-magazine.com\/interviews\/google-cloud-new-ciso-chris-betz\/\">Google Cloud&#8217;s New CISO Chris Betz on Integrating AI in Cyber Defenses<\/a><\/td>\n<td class=\"src\">Infosecurity Magazine<\/td>\n<td class=\"dt\">Jul 7, 2026<\/td>\n<\/tr>\n<tr>\n<td>4. <a href=\"https:\/\/crypto.news\/solana-foundation-appoints-former-twitter-security-chief-michael-coates-as-ciso\/\">Solana Foundation Appoints Former Twitter Security Chief Michael Coates as CISO<\/a><\/td>\n<td class=\"src\">crypto.news<\/td>\n<td class=\"dt\">Jul 8, 2026<\/td>\n<\/tr>\n<tr>\n<td>5. <a href=\"https:\/\/www.globenewswire.com\/news-release\/2026\/07\/08\/3324100\/0\/en\/Blue-Mountain-Appoints-Paul-Adams-as-Chief-Information-Security-Officer.html\">Blue Mountain Appoints Paul Adams as Chief Information Security Officer<\/a><\/td>\n<td class=\"src\">GlobeNewswire<\/td>\n<td class=\"dt\">Jul 8, 2026<\/td>\n<\/tr>\n<\/table>\n<h3>Cluster 2 \u2014 Breach-driven litigation<\/h3>\n<div class=\"cluster-intro\">Two proposed class actions this week target companies whose breaches touched extraordinarily sensitive data \u2014 global-scale user records at TikTok, and biometric threat-assessment profiles at Madison Square Garden.<\/div>\n<table class=\"index-table\">\n<tr>\n<th>Article<\/th>\n<th>Source<\/th>\n<th>Published<\/th>\n<\/tr>\n<tr>\n<td>6. <a href=\"https:\/\/www.classaction.org\/news\/tiktok-data-breach-lawsuit-claims-june-2026-incident-exposed-info-of-over-2.4-billion-users\">TikTok Data Breach Lawsuit Claims June 2026 Incident Exposed Info of Over 2.4 Billion Users<\/a><\/td>\n<td class=\"src\">ClassAction.org<\/td>\n<td class=\"dt\">Jul 7, 2026<\/td>\n<\/tr>\n<tr>\n<td>7. <a href=\"https:\/\/www.classaction.org\/news\/lawsuit-claims-2026-msg-data-breach-exposed-sensitive-biometric-info-used-for-threat-assessments\">Lawsuit Claims 2026 MSG Data Breach May Have Exposed Sensitive Biometric Info Used For Threat Assessments<\/a><\/td>\n<td class=\"src\">ClassAction.org<\/td>\n<td class=\"dt\">Jul 8, 2026<\/td>\n<\/tr>\n<\/table>\n<h3>Cluster 3 \u2014 Regulation and enforcement<\/h3>\n<div class=\"cluster-intro\">The FTC closed out a consumer-reporting enforcement action while the UK government rolled out a nationwide agentic-AI defense blueprint alongside a voluntary industry pledge.<\/div>\n<table class=\"index-table\">\n<tr>\n<th>Article<\/th>\n<th>Source<\/th>\n<th>Published<\/th>\n<\/tr>\n<tr>\n<td>8. <a href=\"https:\/\/www.ftc.gov\/news-events\/news\/press-releases\/2026\/07\/rentgrow-pay-225-million-settle-ftc-allegations-company-violated-fair-credit-reporting-act-ftc-act\">RentGrow to Pay $2.25 Million to Settle FTC Allegations the Company Violated the Fair Credit Reporting Act and FTC Act<\/a><\/td>\n<td class=\"src\">FTC<\/td>\n<td class=\"dt\">Jul 9, 2026<\/td>\n<\/tr>\n<tr>\n<td>9. <a href=\"https:\/\/www.securityweek.com\/uk-government-rolls-out-agentic-ai-defense-plan-alongside-industry-pledge\/\">UK Government Rolls Out Agentic AI Defense Plan Alongside Industry Pledge<\/a><\/td>\n<td class=\"src\">SecurityWeek<\/td>\n<td class=\"dt\">Jul 9, 2026<\/td>\n<\/tr>\n<\/table>\n<h3>Cluster 4 \u2014 Board and executive alignment<\/h3>\n<div class=\"cluster-intro\">A European CISO survey puts numbers on a familiar frustration: security leaders still don&#8217;t feel their C-suite understands the risk employees create day to day.<\/div>\n<table class=\"index-table\">\n<tr>\n<th>Article<\/th>\n<th>Source<\/th>\n<th>Published<\/th>\n<\/tr>\n<tr>\n<td>10. <a href=\"https:\/\/www.infosecurity-magazine.com\/news\/cisos-fear-execs-dont-understand\/\">75% CISOs Fear Executives Don&#8217;t Understand Cybersecurity Risks Employees Face<\/a><\/td>\n<td class=\"src\">Infosecurity Magazine<\/td>\n<td class=\"dt\">Jul 9, 2026<\/td>\n<\/tr>\n<\/table>\n<h3>Cluster 5 \u2014 AI ROI and the change-management burden<\/h3>\n<div class=\"cluster-intro\">Three CIO.com pieces this week converge on the same uncomfortable question: enterprises have adopted AI everywhere, but almost nobody can cleanly measure what it&#8217;s actually returning \u2014 and the bottleneck increasingly looks like process, not technology.<\/div>\n<table class=\"index-table\">\n<tr>\n<th>Article<\/th>\n<th>Source<\/th>\n<th>Published<\/th>\n<\/tr>\n<tr>\n<td>11. <a href=\"https:\/\/www.cio.com\/article\/4183502\/why-is-it-so-hard-to-measure-the-roi-of-ai.html\">Why Is It So Hard to Measure the ROI of AI?<\/a><\/td>\n<td class=\"src\">CIO.com<\/td>\n<td class=\"dt\">Jul 8, 2026<\/td>\n<\/tr>\n<tr>\n<td>12. <a href=\"https:\/\/www.cio.com\/article\/4044424\/6-courses-for-it-leaders-navigating-ai-change-management.html\">10 Courses for IT Leaders Navigating AI Change Management<\/a><\/td>\n<td class=\"src\">CIO.com<\/td>\n<td class=\"dt\">Jul 9, 2026<\/td>\n<\/tr>\n<tr>\n<td>13. <a href=\"https:\/\/www.cio.com\/article\/4192383\/its-not-the-it-holding-ai-back-its-the-business-processes.html\">IT Isn&#8217;t Holding AI Back, Your Business Processes Are<\/a><\/td>\n<td class=\"src\">CIO.com<\/td>\n<td class=\"dt\">Jul 9, 2026<\/td>\n<\/tr>\n<\/table>\n<h3>Cluster 6 \u2014 Foundational: the CISO as a person<\/h3>\n<div class=\"cluster-intro\">This week&#8217;s longer-form read profiles a CISO whose path into the role, and whose concerns about the field&#8217;s lack of hard data, offer a candid counterpoint to the appointment-announcement news above.<\/div>\n<table class=\"index-table\">\n<tr>\n<th>Article<\/th>\n<th>Source<\/th>\n<th>Published<\/th>\n<\/tr>\n<tr>\n<td>14. <a href=\"https:\/\/www.securityweek.com\/ciso-conversations-tarah-wheeler-cybersecurity-leader-thought-leader-and-original-thinker\/\">CISO Conversations: Tarah Wheeler, Cybersecurity Leader, Thought Leader and Original Thinker<\/a><\/td>\n<td class=\"src\">SecurityWeek<\/td>\n<td class=\"dt\">Jul 7, 2026<\/td>\n<\/tr>\n<\/table>\n<p>            <!-- Detailed write-ups --><\/p>\n<h2>Detailed write-ups<\/h2>\n<div class=\"article\">\n<h4>1. A CISO hiring wave: Coinbase, Solana and Blue Mountain all name new security chiefs<\/h4>\n<p class=\"meta\">FX News Group &middot; crypto.news &middot; GlobeNewswire &middot; July 7&ndash;8, 2026<\/p>\n<p>Three organizations filled their top security seat within 48 hours of each other. Coinbase hired Michael Sikorski, Unit 42&#8217;s CTO for the past four years (with earlier stints at Mandiant, FireEye and the NSA), as CISO, with Sikorski framing the move as stepping &#8220;out of the advisory seat&#8221; to secure a &#8220;decentralized&#8221; financial-services ecosystem against &#8220;AI-enabled attackers&#8221; directly. The Solana Foundation named Michael Coates &mdash; Twitter&#8217;s first CISO and a former Mozilla security chief &mdash; to lead security across a network he says now processes more transactions daily than most of the crypto industry combined, citing tens of billions in daily stablecoin volume as the reason the role mattered enough to take. And life-sciences EAM vendor Blue Mountain elevated its existing security lead, Paul Adams, to CISO, explicitly tying the promotion to AI governance: the company is racing to align its ISO 42001 and FDA AI\/ML compliance programs before &#8220;the timeline between a gap in governance and a real compliance event&#8221; compresses further, in Adams&#8217;s words. Taken together, these three appointments span crypto, Web3 infrastructure and regulated life-sciences software &mdash; a signal that security leadership hiring is accelerating across sectors with very different risk profiles but a shared driver: AI is moving faster than the governance and compliance frameworks built to contain it.<\/p>\n<p style=\"font-size:13px;color:#6b7280;margin-top:6px;\">Sources: <a href=\"https:\/\/fxnewsgroup.com\/forex-news\/executives\/coinbase-hires-unit-42-cto-michael-sikorski-as-its-new-ciso\/\" style=\"color:#1d4ed8;text-decoration:none;\">FX News Group<\/a> &middot; <a href=\"https:\/\/crypto.news\/solana-foundation-appoints-former-twitter-security-chief-michael-coates-as-ciso\/\" style=\"color:#1d4ed8;text-decoration:none;\">crypto.news<\/a> &middot; <a href=\"https:\/\/www.globenewswire.com\/news-release\/2026\/07\/08\/3324100\/0\/en\/Blue-Mountain-Appoints-Paul-Adams-as-Chief-Information-Security-Officer.html\" style=\"color:#1d4ed8;text-decoration:none;\">GlobeNewswire<\/a><\/p>\n<\/p><\/div>\n<div class=\"article\">\n<h4>2. Google Cloud&#8217;s new CISO Chris Betz on integrating AI in cyber defenses<\/h4>\n<p class=\"meta\">Infosecurity Magazine &middot; July 7, 2026<\/p>\n<p>In his first interview since assuming the CISO title at Google Cloud &mdash; a promotion from VP of infrastructure security, with the Office of the CISO now reporting directly to him &mdash; Chris Betz laid out a three-pillar framework for AI-powered security defense: the security expert, the harness, and the model, deliberately in that order. His central claim is counterintuitive in an industry obsessed with model benchmarks: &#8220;a less capable model with a good harness and a good expert is more powerful than the best model without a good harness or good experts.&#8221; Betz, who previously held CISO roles at AWS and Capital One, described running multiple AI models simultaneously (including via Anthropic&#8217;s Project Glasswing) rather than standardizing on one, both to hedge against any single model&#8217;s blind spots and to manage token cost. He also detailed Google&#8217;s vulnerability-finding pipeline &mdash; Naptime, then Big Sleep, now CodeMender for fixing what&#8217;s found &mdash; and flagged that CISOs he&#8217;s spoken with in France, Germany and the UK are each seeing more than 10x the vulnerability volume they used to. For CISOs building their own AI-defense roadmap, Betz&#8217;s framework is a useful gut-check against vendor pitches that lead with model capability alone.<\/p>\n<p style=\"font-size:13px;color:#6b7280;margin-top:6px;\">Sources: <a href=\"https:\/\/www.infosecurity-magazine.com\/interviews\/google-cloud-new-ciso-chris-betz\/\" style=\"color:#1d4ed8;text-decoration:none;\">Infosecurity Magazine<\/a><\/p>\n<\/p><\/div>\n<div class=\"article\">\n<h4>3. TikTok data breach lawsuit claims June 2026 incident exposed info of over 2.4 billion users<\/h4>\n<p class=\"meta\">ClassAction.org &middot; July 7, 2026<\/p>\n<p>A proposed class action filed in California federal court (Mortazi v. TikTok Inc.) alleges the company&#8217;s negligence allowed cybercriminals to deploy malware and exfiltrate an unencrypted internal database containing names, usernames, emails, phone numbers, birth dates, gender, language and location data for more than 2.4 billion users &mdash; first reported publicly on June 11. The complaint argues TikTok collects and retains this data specifically for targeted-advertising profiling, and that the company&#8217;s own privacy notices promising &#8220;strong protections&#8221; created a duty it failed to meet, citing FTC data-security guidance as the applicable standard. Notably, the suit doesn&#8217;t allege payment or government-ID data was taken, but argues the sheer scale and combination of identifiers (enough to build a detailed behavioral and location profile per user) creates a lifelong phishing, identity-theft and social-engineering risk for the class. For CISOs at consumer platforms handling comparable data volumes, the case is another data point in the plaintiffs&#8217;-bar pattern of using scale of exposure, rather than sensitivity of any single field, as the primary damages narrative.<\/p>\n<p style=\"font-size:13px;color:#6b7280;margin-top:6px;\">Sources: <a href=\"https:\/\/www.classaction.org\/news\/tiktok-data-breach-lawsuit-claims-june-2026-incident-exposed-info-of-over-2.4-billion-users\" style=\"color:#1d4ed8;text-decoration:none;\">ClassAction.org<\/a><\/p>\n<\/p><\/div>\n<div class=\"article\">\n<h4>4. Lawsuit claims 2026 MSG data breach may have exposed sensitive biometric info used for threat assessments<\/h4>\n<p class=\"meta\">ClassAction.org &middot; July 8, 2026<\/p>\n<p>A separate proposed class action (Granados v. Madison Square Garden Entertainment Corp.) alleges that the ShinyHunters group&#8217;s June 16 intrusion &mdash; which the group claims accessed 26 million unencrypted records &mdash; compromised more than routine PII. MSG has collected facial scans and other biometric data since 2018, per the complaint, combining it with social-media activity and other signals to build &#8220;threat assessment&#8221; profiles not just of visitors and celebrities but of local protesters and even law firms that might litigate against the venue &mdash; the same biometric program previously challenged in a separate suit over MSG&#8217;s use of facial recognition to ban rival attorneys from its venues. The complaint also notes this is MSG&#8217;s third publicized cybersecurity event since 2015 (a point-of-sale compromise in 2015&ndash;16, a 2025 Cl0p\/Oracle EBS-linked breach, and now this). For CISOs at venues, retailers or any organization running facial-recognition or behavioral-profiling programs, the case is a preview of how discovery into biometric threat-assessment systems &mdash; not just the breach itself &mdash; is likely to become a growing source of litigation exposure.<\/p>\n<p style=\"font-size:13px;color:#6b7280;margin-top:6px;\">Sources: <a href=\"https:\/\/www.classaction.org\/news\/lawsuit-claims-2026-msg-data-breach-exposed-sensitive-biometric-info-used-for-threat-assessments\" style=\"color:#1d4ed8;text-decoration:none;\">ClassAction.org<\/a><\/p>\n<\/p><\/div>\n<div class=\"article\">\n<h4>5. UK government rolls out agentic AI defense plan alongside industry pledge<\/h4>\n<p class=\"meta\">SecurityWeek &middot; July 9, 2026<\/p>\n<p>The NCSC published details of Cyber Shield, GCHQ Director Anne Keast-Butler&#8217;s blueprint for &#8220;a national-scale, collaborative approach to agentic cyber defense,&#8221; inviting academia, critical-infrastructure operators, frontier AI labs and the cyber-defense sector to help build six core capabilities: reliable\/explainable AI, federated agents, vulnerability discovery and mitigation, coordinated detection and response, national-level scanning, and national-level mitigation. On the same day, science and technology secretary Liz Kendall launched the voluntary Cyber Resilience Pledge with 60 founding signatories, committing to three modest asks &mdash; board-level cybersecurity ownership, enrollment in NCSC&#8217;s early-warning service, and Cyber Essentials implementation across the supply chain. Independent commentators quoted in the piece are skeptical Cyber Shield addresses today&#8217;s actual breach causes (process and configuration failures, not sophisticated AI-driven attacks) and note most critical-infrastructure operators remain constrained by legacy systems and patching timelines that no amount of agentic tooling fixes on its own. The more consequential signal, per one analyst, is that the Pledge arrives alongside the pending Cyber Security and Resilience Bill &mdash; voluntary asks today reading as a preview of mandatory ones tomorrow.<\/p>\n<p style=\"font-size:13px;color:#6b7280;margin-top:6px;\">Sources: <a href=\"https:\/\/www.securityweek.com\/uk-government-rolls-out-agentic-ai-defense-plan-alongside-industry-pledge\/\" style=\"color:#1d4ed8;text-decoration:none;\">SecurityWeek<\/a><\/p>\n<\/p><\/div>\n<div class=\"article\">\n<h4>6. Why AI&#8217;s ROI stays so hard to pin down &mdash; and why the bottleneck is process, not IT<\/h4>\n<p class=\"meta\">CIO.com &middot; July 8&ndash;9, 2026<\/p>\n<p>Three CIO.com pieces this week form a coherent argument about the current state of enterprise AI value. The lead feature surveys companies like Novo Nordisk, which used AI-powered process mining (a Celonis-built &#8220;digital twin&#8221; of clinical operations) to discover its own workflows didn&#8217;t match documentation before it could even attempt to measure AI&#8217;s impact &mdash; and found that true ROI on a years-long drug-development cycle simply won&#8217;t be visible for a while yet. A companion piece cites Deloitte&#8217;s 2026 Global Leadership Technology Study finding 75% of IT leaders believe operating models and business processes, not technology, must change before AI delivers more value; as one VP put it, &#8220;if you can&#8217;t diagram how your work flows from intake to completion, you&#8217;re not ready for AI augmentation.&#8221; The third piece rounds up ten executive-education programs (Harvard, MIT, Stanford, Northwestern and others, ranging from $15 to $18,630) aimed at helping IT leaders manage the organizational-change side of AI adoption specifically, rather than the technology itself. For CISOs increasingly asked to justify security-AI spend to the same skeptical board raising these ROI questions, the throughline is useful ammunition: the measurement problem is enterprise-wide, not a security-program failing, and baseline-setting before deployment (not after) is the recurring fix cited across all three pieces.<\/p>\n<p style=\"font-size:13px;color:#6b7280;margin-top:6px;\">Sources: <a href=\"https:\/\/www.cio.com\/article\/4183502\/why-is-it-so-hard-to-measure-the-roi-of-ai.html\" style=\"color:#1d4ed8;text-decoration:none;\">Why Is It So Hard to Measure the ROI of AI?<\/a> &middot; <a href=\"https:\/\/www.cio.com\/article\/4044424\/6-courses-for-it-leaders-navigating-ai-change-management.html\" style=\"color:#1d4ed8;text-decoration:none;\">10 Courses for IT Leaders Navigating AI Change Management<\/a> &middot; <a href=\"https:\/\/www.cio.com\/article\/4192383\/its-not-the-it-holding-ai-back-its-the-business-processes.html\" style=\"color:#1d4ed8;text-decoration:none;\">IT Isn&#8217;t Holding AI Back, Your Business Processes Are<\/a><\/p>\n<\/p><\/div>\n<p>            <!-- Watch list --><\/p>\n<div class=\"watchlist\">\n<h2>On our watch list<\/h2>\n<ul>\n<li><strong>The new CISOs&#8217; first 100 days.<\/strong> Watching what Sikorski, Coates, Betz and Adams prioritize first &mdash; especially whether crypto-sector CISOs (Coinbase, Solana) treat AI-enabled attacker sophistication as differently urgent than their enterprise-software peers.<\/li>\n<li><strong>Discovery in the MSG biometric suit.<\/strong> If plaintiffs get access to MSG&#8217;s threat-assessment methodology, expect the details of what &#8220;threat assessment&#8221; data actually covers (protesters, law firms) to become a template for challenging similar corporate surveillance programs elsewhere.<\/li>\n<li><strong>Whether the UK&#8217;s Cyber Resilience Pledge becomes mandatory.<\/strong> Watching how quickly board-level cybersecurity ownership and Cyber Essentials-across-supply-chain move from the voluntary Pledge into the pending Cyber Security and Resilience Bill.<\/li>\n<li><strong>Whether AI-ROI measurement standardizes.<\/strong> With Deloitte, Novo Nordisk and multiple executive-ed programs all converging on &#8220;baseline your processes first,&#8221; watching whether this becomes a documented best practice CISOs can point boards to, rather than ad hoc consulting advice.<\/li>\n<li><strong>The scale of the TikTok breach class as it develops.<\/strong> At 2.4 billion users, this is one of the largest breach class actions ever filed; watching whether the case survives early motions given the mix of foreseeability and duty-of-care arguments plaintiffs are using.<\/li>\n<\/ul><\/div>\n<\/td>\n<\/tr>\n<p>        <!-- Footer --><\/p>\n<tr>\n<td class=\"footer\">\n<p class=\"brand\">The CISO Brief<\/p>\n<p>A weekly intelligence bulletin from Security Radar LLC.<br \/>\n            Curated by Paul Davis &middot; <a href=\"mailto:paul.davis@security-radar.com\">paul.davis@security-radar.com<\/a><\/p>\n<p>&copy; 2026 Security Radar LLC. All rights reserved.<\/p>\n<p>Article titles and summaries are excerpted for review and commentary; all linked articles remain the copyright of their respective publishers and authors.<\/p>\n<p>*|LIST:ADDRESS|*<\/p>\n<p><a href=\"*|ARCHIVE|*\">View this email in your browser<\/a> &middot; <a href=\"*|UNSUB|*\">Unsubscribe<\/a><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>July 12, 2026 &middot; Weekly Edition The CISO Brief A fresh crop of CISOs takes the chair at Coinbase, Solana, Google Cloud and Blue Mountain just as TikTok and Madison Square Garden face breach litigation, the UK unveils a national agentic-AI defense plan, and the CIO trade press wrestles with&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,12,42],"tags":[],"class_list":["post-5480","post","type-post","status-publish","format-standard","hentry","category-editorial","category-regulations","category-security-industry-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/5480","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5480"}],"version-history":[{"count":0,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/5480\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5480"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5480"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5480"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}