The UK’s National Cyber Security Centre (NCSC) established the Vulnerability Research Initiative (VRI) to expand vulnerability discovery, including plans to target AI-powered weaknesses. Recognizing the limitations of their internal team, NCSC will collaborate with third-party researchers to investigate both common and specialized tech vulnerabilities. The program will coordinate expert efforts, share findings with industry, and aim to proactively identify and mitigate risks before they’re exploited—particularly those tied to AI modules and supply-chain components.

The European Union published a voluntary Code of Practice for general-purpose AI, complementing its upcoming AI Act set to take effect August 2, 2025. Crafted by independent experts and stakeholders, the code emphasizes safety, transparency, security, and copyrighted content use. Signatories—potentially including major LLM providers—will benefit from reduced administrative burdens and clearer legal frameworks. The move signals the EU’s embrace of ‘secure-by-design’ AI while controlling risk, especially relevant for sectors managing sensitive data and vendor-produced AI systems.

A new LevelBlue report reveals that only 23% of enterprises have high visibility into their software supply chains—even though 40% of CEOs consider it their top security risk . Poor visibility correlates with breaches: 80% of under‑informed organizations suffered incidents in the past year, versus 6% for those with strong visibility. Emerging regulations (EU Cyber Resilience Act, U.S. SBOM mandates) are accelerating action, but risk remains. Firms must embrace software bills of materials and integrate AI‑driven monitoring to reduce third‑party exposure.

Deepfake governance attacks are evolving social-engineering weapons. Cloned voices bypass human trust, exploiting familiarity & honor-based workflows. This isn’t just a government threat; CEOs face it too. We need new authentication for communications & decision-making to combat this rising risk. Trust must be earned—every time.