Last week I made a joke I was rather proud of. It made me laugh. It still makes me laugh. But as Elvira told Tony "Don't get high on your own supply". In AI news, a joke has a shelf life of roughly seventy-two hours before the industry renders it obsolete. The OpenAI SEC filing alone made the punchline redundant. The bar joke is dead. Long live the bar joke.

I had a different piece planned for this week. Tulip mania, Holland, 1637, the original speculative bubble and what it might tell us about the current moment in AI valuations. I was going to be erudite and slightly insufferable about it. Life, as it tends to, had other ideas.

It is 5.34am on Friday morning as I start this 1st draft. I have been up since 2.30, having set my alarm for South Korea vs Czech Republic. Entertaining enough, final score 2-1, which followed Mexico's 2-0 win over South Africa the previous night, in arguably the cleanest match in history to produce three red cards, all of them carrying some validity. My eldest is watching Despicable Me 4 for approximately the fifth time this fortnight. My youngest is on the floor with a carefully curated fleet of monster trucks and tractors. Our dog Rolo, is eyeing a suspiciously small green rubber duck, baby's fist-sized, genuine choking hazard; with the focused intent of an animal that has learned nothing from previous encounters with objects of similar dimensions. There is also a velcro dartboard involved, though I have yet to establish whose fault that is. The wife is still asleep, which is the correct and sensible response for most people to 5.34am on a Friday.

AI & UK GDPR: What Leaders Get Wrong About Data Protection and AI Risk
Is your AI deployment actually a GDPR problem — or are you solving the wrong issue? Most leaders either over-panic about AI and data protection, or ignore it entirely. Craig Clark, Director of Clark and Company Information Governance Services and a practising CISO, cuts through the noise: AI only becomes a UK GDPR issue when personal data is involved — but when it is, the risks are serious and often misunderstood. Speakers: Craig Clark, Director at Clark and Company Information Governance Services; Stewart Tinson, Projecgt Director, AI-360. You’ll learn: - Why AI is not automatically a GDPR issue — and the one question that determines whether it is - Why consent is not the most important lawful basis, and which lawful basis actually fits AI use cases - Why a global firm’s AI agent hallucinated its entire sales strategy throughout 2026 — and what human oversight would have prevented it - How to approach DPIAs as a design tool, not a compliance tick-box - Why facial recognition bias disproportionately harms people who are not middle-aged white men - What to actually ask AI vendors regarding data usage and sharing Key topics: UK GDPR & AI • Lawful basis for AI • Special category data • DPIAs • Transparency obligations • Human in the loop • AI supplier due diligence • Facial recognition bias • Data minimisation • Security non-negotiables Essential viewing for CISOs, CIOs, legal, and compliance leaders deploying AI in data-sensitive environments.
BrightTALK

This is the environment in which serious industry analysis* gets produced at dawn in 2026. You are welcome.

The 2.30am alarm is not arbitrary. My aim this tournament is to watch all 104 matches. I am attempting to replicate the achievement of a man I used to drink with in Hat Rin, Ko Pha Ngan, Thailand during the 2002 World Cup. I think his name was Andy. Recruitment. Decent bloke. Football obsessive who installed himself in the Outback Bar and sat through every single match that tournament. I thought he was mad at the time. That was when the World Cup ran to 64 matches. It now runs to 104. I have reconsidered my position on Andy's madness and concluded that I would like to share it.

Room at the Table

Markets have been jittery, valuations stretched, and there has been a familiar quality to the discourse, the kind of breathless excitement paired with queasy vertigo that tends to precede either a correction or a reckoning. I had planned to reach for the tulip bubble as my historical anchor. In 1637, at the peak of Dutch tulip mania, a single Semper Augustus bulb was changing hands for the price of a canal house in Amsterdam. The market collapsed within weeks. Fortunes evaporated. The Dutch developed an admirably philosophical attitude to financial catastrophe that has served them reasonably well ever since.

Shadow AI & Supply Chain Risk: Why Banning AI Achieves Nothing
Can you really call it “Shadow AI” if you’ve never told staff what’s off-limits? Craig Clark, Director of Clark and Company Information Governance Services, argues that most organisations approach AI adoption the wrong way — starting with prohibition rather than engagement, and buying before they’ve defined the problem. AI has been embedded in workplaces since Microsoft Word introduced a spell checker. The real governance challenge is gaining honest visibility, setting guardrails staff will actually follow, and evaluating vendors rigorously in an immature, fast-moving market. Speaker: Craig Clark, Director, Clark and Company Information Governance Services You’ll learn: • Why banning AI backfires—and what to do instead to gain genuine visibility • How to set simple, proportionate guardrails staff will understand and follow • Which signals show whether AI is delivering value or just introducing risk • Why vendor SLAs promising 100% compliance should be treated with scepticism • How to build post-deployment governance that is proactive, not reactive • Why the worst AI risks may not have emerged yet—and what that means now Key topics: Shadow AI • Supply chain risk • AI guardrails • Vendor due diligence • AI literacy • Risk appetite • Proof of concept • Post-deployment governance • AI procurement • Third-party risk For CISOs, CIOs, compliance officers, and senior leaders accountable for AI governance and risk management.
BrightTALK

But here is the thing about market wobbles. Sometimes what looks like nerves is the financial system doing something more deliberate: making room. I am a semi-reformed smoker, vaping most of the time now, a fact I present without pride or apology. But I retain a deep and considered respect for the cigarette in three specific contexts: first thing in the morning; paired with instant coffee; and after a meal where you have eaten considerably more than was advisable. That first drag does not just fill your lungs. It creates space. The body, in its wisdom, accommodates.

What if the market wobble is just that? The belly loosening its belt before sitting back down. Because what is about to arrive at the table is not a light course. Three separate companies, each targeting valuations in the region of a trillion dollars or more, arriving on public markets within months of each other. Anthropic filed its confidential S-1 last week, targeting a listing of $1 trillion or higher, potentially as early as autumn 2026. OpenAI filed its own confidential paperwork with the SEC — the filing that officially killed my bar joke. And today, by the time you read this it is already done, SpaceX priced SPCX at $135 a share, valuing the combined entity north of $1.75 trillion.

I do not care how large the belly is. You need to create room for that.

AI Literacy: Why Role-Based Training Beats Every Generic Program
Is your organisation’s AI literacy program already out of date before it launched? With AI tools proliferating week by week, generic training programs and 25-page policies are creating a false sense of security — not capability. The gap between informal AI experimentation and structured organisational readiness is where shadow AI estates form, data governance breaks down, and staff learn to click through compliance training without retaining anything. Speakers: Craig Clark, Director at Clark and Company Information Governance Services, and Stewart Tinson, Project Director at AI-360. You’ll learn: Why role-based AI literacy — C-suite, operational, technical, and governance — is the only model that scales How to move from unstructured experimentation to assessed, accountable AI adoption Why measuring effectiveness by attendance alone is a mistake, and what to measure instead How to prevent shadow AI estates and data governance blind spots Why leadership must visibly model responsible AI use or risk programs failing entirely Key topics: Role-based AI capability • Shadow AI estate risk • Enterprise vs. personal tools • Critical thinking and over-reliance • Measuring program effectiveness • Keeping literacy programs current • Leadership modelling • AI as augmentation For enterprise leaders — CISOs, CIOs, and those responsible for AI governance and workforce capability — who need practical frameworks, not theory.
BrightTALK

For Whom the Bell Tolls

The title is borrowed, as these things often are, from multiple sources simultaneously. John Donne wrote the original — "never send to know for whom the bell tolls; it tolls for thee" At my own admission I have not read much Donne. Hemingway used it for a novel I read over thirty years ago and remember mainly in atmosphere rather than detail. But if I am honest, and I try to be, it is Iron Maiden I hear when those words arrive in my head, and I have a psychotherapist ex-girlfriend to thank for that particular cultural rewiring. She had strong views on the Metallica version. She was not wrong.

The bell, in this instance, is the opening of SPCX. And by the time you read this, it may have already rung.

The Model They Said Was Too Dangerous — and Released Anyway

Anthropic has a well-practised talent for saying uncomfortable things out loud. It is, after all, a company founded on the stated premise that it might be building one of the most dangerous technologies in human history, and decided to press on regardless. That combination of candour and continued operation is either admirably honest or spectacularly contradictory, depending on your disposition. Possibly both.

Who Owns AI Security in the Enterprise? Governance Is Still in Its Infancy
Who actually owns AI security in your organisation — and how mature is your governance around it? Two senior CISOs from vastly different environments give a straight answer: ownership sits with the CISO for now, and governance, even in well-run programmes, is still in its infancy. AI is shifting enterprise risk from defending infrastructure to defending decisions. Agentic AI operates semi- or fully autonomously, traditional security controls don’t fit probabilistic systems, and no single vendor covers the full attack surface. Speakers: Andy Holliday, CISO at Petrofac, Lester Godsey, CISO at Arizona State University and Stewart Tinson, Project Director, AI-360 You’ll learn: • Why the CISO is the only realistic owner of AI security risk for the next 5 years • Why agentic AI breaks deterministic security controls and what to do about it • How ASU built an actionable AI framework supporting 60+ large language models • Practical controls: API key hygiene, command whitelists, blast radius reduction • Why no single vendor can cover AI security end-to-end Key topics: Agentic AI risk • AI governance maturity • Threat model transformation • CISO ownership • Incident response for AI • Ethics & training data bias • Vendor landscape reality • Probabilistic vs deterministic controls For CISOs, CIOs, and risk leaders making decisions about AI adoption now.
BrightTALK

Claude Fable 5 went public this week, less than two months after Anthropic had flagged serious concerns about the underlying technology. The release notes were straightforward: Fable's capabilities exceed those of any model Anthropic has previously made generally available, and releasing it "comes with risks." Both sentences appeared in the same breath, without apparent irony.

Fable 5 is not an entirely new model. It is a consumer-facing version of Claude Mythos, the system that drew attention from technology, finance, and government leaders when Anthropic released it privately in April for preview and testing. The distinction between the two is, according to Anthropic, primarily one of safeguards and access levels. Both are capable of operating unattended on human instructions for longer periods than any previous Claude model. The industry calls this extended autonomous operation.

The safeguards held for approximately one hour.

The AI Governance Illusion: Why 75-80% Compliance Is Easier (and Harder) Than You Think
If your AI governance framework can explain what data trained it, who signed off, and what happens when it fails — you’re 75-80% compliant in most jurisdictions. So why are most organizations still struggling? In this panel discussion, two practitioners with combined decades of experience across multiple continents and industries reveal why the gap between governance policies and operational governance is where real risk lives — and what to do about it. You’ll learn: • Why regulatory interoperability using ISO 42001 beats building separate compliance programs • How shadow AI is creating unaudited risk across your organization right now • What autonomous agent-to-agent interactions mean for accountability and compliance • Why “human in the loop” is often governance theater due to automation bias • The minimum viable governance framework scale-ups and SMEs can implement in weeks • What Web 2.0’s trajectory warns us about AI’s current moment Key topics: ISO 42001 • Regulatory interoperability • Shadow AI • Autonomous agents • Data provenance • Explainability gap • Human oversight • Third-party AI risk • Automation bias • AI literacy • Minimum viable governance • Contract evolution Essential viewing for CISOs, CIOs, CFOs, and Chief Legal Officers navigating AI governance across jurisdictions — with practical frameworks you can implement immediately.
BrightTALK

Within sixty minutes of public release, researchers at SovereignAI Security Labs reported a significant vulnerability. Manoj Parmar, founder of AIShield, was precise about what had and had not happened. In his words: "The model did not fail at the front door. It failed at the side door. Same intent. Different language. Different wrapper. Different safety outcome." When researchers submitted a cybersecurity-adjacent request directly, Fable 5 declined. When the same underlying intent was reframed through multilingual and code-switched phrasing, wrapped in an apparently benign context, the guardrail shifted and the model complied.

The technique is not new. Multilingual obfuscation, code-switching, and benign artifact framing have been documented attack vectors for years. What matters is not the novelty of the method but the target: Anthropic's most capable publicly available model, released with safeguards apparently insufficient to catch a known category of attack within the first hour of going live. Parmar's team is handling the full evidence under responsible disclosure, with public material sanitised to avoid enabling misuse. That is the correct approach. It does not make the finding comfortable reading.

There is a structural point buried in Anthropic's own framing worth pulling out. When the company says safeguards and user limitations are what distinguish Fable from Mythos, it is implicitly conceding that the safety architecture sits on top of the model rather than within it. Guardrails applied as a behavioural layer are faster to implement and easier to update than alignment properties trained into the model at the weight level. They are also, as the SovereignAI finding demonstrates, easier to move. Dynamic boundaries can be shifted. That is not a criticism unique to Anthropic; it is an industry-wide challenge. But Anthropic has built its commercial identity on the proposition that it takes this more seriously than its competitors. The one-hour guardrail is an awkward data point in that argument.

Agents Aren’t Magic: Moving from Excessive Permissions to Governed Workflows
Most organizations are still in what one practitioner calls the “proof-of-concept hangover phase” — giving agents excessive permissions and broad data access just to make the demo work. Wiz’s AI posture research confirms it: agents deployed without tenant isolation, with excessive or potentially admin-level permissions, and unconstrained data access. The question is no longer whether agentic AI is transformative. It’s whether your architecture can actually govern it. Speakers: Aron Eidelman, Security Advocate at Google Cloud, and David Pierce, AI Security and Data Observability Architect at PayPal You’ll learn: • Why the governance response to an agent hallucinating a destructive command and an agent being actively exploited via prompt injection is architecturally the same — and where deception-based detection creates a meaningful exception • How to apply SRE error budgets to agentic AI: when an agent burns through policy violations or triggers guardrails too frequently, autonomous execution degrades gracefully back to human oversight • Why human-in-the-loop approval becomes meaningless the moment alert fatigue sets in — and which decision types still require a human by design • What AI Passports and Google Cloud’s emerging agent identity principal type mean for least privilege and orphaned credential risk • How to quantify security risk in financial terms that justify board-level investment Key topics: MCP attack surface • Ephemeral agents • GFCI control model • Agent error budgets • Failure domain isolation • Friction logs • AI Passports • Agent identity • Deception detection • Risk quantification For CISOs, security architects, and engineering leaders deploying agents into production.
BrightTALK

I should note, in the spirit of full transparency, that I asked both Claude Fable 5 and Claude Sonnet (I am after all merely on the Pro subscription, not the unlimited expense account) to predict the outcome of every match in the 2026 World Cup. All 104 of them. Both models got the winner of the first match right. Sonnet called the correct scoreline. Fable predicted 2-1 to Mexico; the actual result was 2-0. As Craig Clark, one of my regular Brighttalk victims and a practising CISO, is fond of saying: they are not magic data fairies. They are not infallible, they are not crystal balls, and one of them apparently cannot be fully trusted not to assist with cybersecurity exploits if you ask it politely in a second language. I will be tracking both sets of predictions honestly across the remaining 102 matches and reporting back in the coming weeks. Sonnet's predictions are here. Fable's are here. For some inexplicable reason I prefer the Sonnet approach.

The IPO Dimension

The timing of the Fable 5 release is not incidental. A company approaching a trillion-dollar public listing on the back of a safety reputation now has a documented guardrail failure in its most capable consumer model, published on the same day as the release, under responsible disclosure. Amazon holds approximately $74.2 billion on paper in Anthropic, with $16.8 billion in pre-tax gains booked from that position in Q1 2026 alone. Google holds roughly 14% in straight equity, worth approximately $135 billion at current valuations. These are not investors who are relaxed about reputational risk.

And yet. The argument Anthropic would make, the argument it essentially does make, implicitly, in every release decision, is that containment is not a realistic long-term strategy. If the capability exists, someone will deploy it. Better a company with serious alignment researchers, responsible disclosure relationships, and interpretability work underway than one without. Christopher Olah, the co-founder who sat beside Pope Leo XIV at the Vatican in May when the papal encyclical on AI was launched, has spent years trying to understand what is actually happening inside these systems at a fundamental level. The work is genuine. The tension between that work and the release cadence is also genuine.

Around 6.15am, with the analysis largely written and the IPO countdown still running, I fed the children chocolate mousse and sausage rolls for breakfast. I am not sure this reflects well on me. At 7.15am, ten minutes before this draft was completed, the wife was awoken from her slumber. She was not, it is fair to say, delighted. The piece was finished anyway.

The model they said was too dangerous is publicly available. The safeguards lasted an hour. The IPO clock is running. SPCX is mere hours away from trading.

The bell will toll at market open. As it always does.

AI for Leaders: Governance, Risk & Why Strategy Must Come First
Is your organisation adopting AI without a defined strategy or governance? If so, you’re not alone — and the consequences range from data breaches to reputational damage to safeguarding failures. AI is a strategic risk, not a silver bullet, and definitely not a magic data fairy. Without clear ownership, rules, and accountability, AI can proliferate across your organisation in ways that cost more — in time, money, and trust — than not using it at all. Speakers: Craig Clark, Director at Clark & Company Information Governance Services, and Stewart Tinson, Project Director, AI-360. You’ll learn: Why “understand your why” must precede any AI rollout Which risks senior leaders most commonly overlook — from data leakage to safeguarding How to measure AI value through outcomes, not adoption metrics Why accountability for AI governance sits with the C-suite, not IT or compliance Key topics: AI strategy • Risk appetite • Data protection • Bias & fairness • Safeguarding • AI literacy • Governance models • Return on investment • Executive accountability • AI use case tiering For CISOs, CIOs, and senior leaders who need to govern AI responsibly — before it governs them.
BrightTALK

*Serious may be a stretch, and certainly not to be taken as financial investment advice.

Share this post
The link has been copied!