There's a Russ Cargill line from the Simpsons Movie I think about more than is healthy: told he's gone mad with power, he replies, "of course; ever try going mad without power? It's boring. No one listens to you." It's a cartoon villain's joke, but it's also, this week, an unreasonably accurate description of the AI industry. Anthropic had power and used it to manage a danger narrative. OpenAI had power and used it to manage a rival's bad week. Elon Musk had rather a lot of power and used it to go shopping. Different reactions, same impulse. Madness, it turns out, is more fun with a chequebook.

The M&A Doors Are Open

Start with Elon, because he's the one who actually spent money this week rather than just explaining himself. Fresh off SpaceX's record Nasdaq listing, Musk has agreed a $60 billion all-stock deal for Cursor, the AI coding start-up, whose market share has been sliding even as its revenue climbs, down from 41% to roughly 26% over the past year while Anthropic quietly takes half the market for itself. SpaceX shares have run from a $135 listing price to around $209, taking the company past Amazon in valuation. Let the M&A doors open. SPCX and Cursor feel less like an isolated purchase and more like the starting gun. If this is the opening move, I'd be very surprised if it's the only one.

There's a first-mover argument knocking around in all this, and it's worth being honest about which version of it actually applies. Betamax was first to market and lost anyway, proof that "first mover advantage" doesn't hold nearly as often as the phrase suggests. Sam Altman was first mover on the product everyone now associates with the category. Musk is first mover with something different: not the best product, but the largest immediately available chequebook, freshly filled by a market that has just decided his company is worth more than Amazon. The market cap rise SpaceX has seen this week alone dwarfs the Cursor purchase price outright; on that kind of weekly gain, he could go out and buy a dozen or more Cursors and barely notice the dent. Google, for what it's worth, has just upsized its own equity raise to almost $85 billion, having started out targeting $80 billion: the biggest share sale Alphabet has done in more than twenty years, and the largest of its type ever recorded. None of it moves at SpaceX's speed this week.

In Elon we trust. For now.

The AI Governance Illusion: Why 75-80% Compliance Is Easier (and Harder) Than You Think
If your AI governance framework can explain what data trained it, who signed off, and what happens when it fails — you’re 75-80% compliant in most jurisdictions. So why are most organizations still struggling? In this panel discussion, two practitioners with combined decades of experience across multiple continents and industries reveal why the gap between governance policies and operational governance is where real risk lives — and what to do about it. You’ll learn: • Why regulatory interoperability using ISO 42001 beats building separate compliance programs • How shadow AI is creating unaudited risk across your organization right now • What autonomous agent-to-agent interactions mean for accountability and compliance • Why “human in the loop” is often governance theater due to automation bias • The minimum viable governance framework scale-ups and SMEs can implement in weeks • What Web 2.0’s trajectory warns us about AI’s current moment Key topics: ISO 42001 • Regulatory interoperability • Shadow AI • Autonomous agents • Data provenance • Explainability gap • Human oversight • Third-party AI risk • Automation bias • AI literacy • Minimum viable governance • Contract evolution Essential viewing for CISOs, CIOs, CFOs, and Chief Legal Officers navigating AI governance across jurisdictions — with practical frameworks you can implement immediately.
BrightTALK

Mythos: Marketing or Reality?

Then there's Anthropic, where the week's strangest exercise of power sits.

On Friday 12 June, the US government ordered Anthropic to suspend access to Claude Fable 5 and Mythos 5 for foreign nationals, citing national security. Unable to police that selectively, Anthropic switched both models off for everyone, everywhere, while every other Claude product carried on as normal. No detailed rationale was offered beyond a reference to a technique for slipping past Fable 5's guardrails, whose whole job is stopping everyday users getting at the heavier-duty cybersecurity functions that live one layer down, inside Mythos 5, the model Fable 5 was built on top of. Anthropic's response was essentially: this capability already exists elsewhere, including in OpenAI's GPT-5.5, and is "routinely used by cybersecurity defenders". The company says it believes this is a misunderstanding and is working to fix it.

Here's my question, and I genuinely don't know the answer: when Anthropic spent months telling us Mythos was too dangerous to release, was that caution, or was it marketing? Because "too dangerous for you" is a hell of a positioning statement for a company about to go public at a trillion-dollar valuation. I'm not accusing anyone of manufacturing a crisis. I'm saying that a company whose entire commercial identity rests on being the safety-conscious adult in the room has a structural incentive to make danger sound like discipline. Sometimes those two things really are the same. Sometimes one is doing a passable impression of the other.

For what it's worth, I have my own theory about the real national security risk. I've had Fable predicting the outcome of all 104 matches in this World Cup, alongside Sonnet running the same exercise for comparison, and so far Fable's grasp of football is roughly as reliable as those fabled* guardrails.

Who Owns AI Security in the Enterprise? Governance Is Still in Its Infancy
Who actually owns AI security in your organisation — and how mature is your governance around it? Two senior CISOs from vastly different environments give a straight answer: ownership sits with the CISO for now, and governance, even in well-run programmes, is still in its infancy. AI is shifting enterprise risk from defending infrastructure to defending decisions. Agentic AI operates semi- or fully autonomously, traditional security controls don’t fit probabilistic systems, and no single vendor covers the full attack surface. Speakers: Andy Holliday, CISO at Petrofac, Lester Godsey, CISO at Arizona State University and Stewart Tinson, Project Director, AI-360 You’ll learn: • Why the CISO is the only realistic owner of AI security risk for the next 5 years • Why agentic AI breaks deterministic security controls and what to do about it • How ASU built an actionable AI framework supporting 60+ large language models • Practical controls: API key hygiene, command whitelists, blast radius reduction • Why no single vendor can cover AI security end-to-end Key topics: Agentic AI risk • AI governance maturity • Threat model transformation • CISO ownership • Incident response for AI • Ethics & training data bias • Vendor landscape reality • Probabilistic vs deterministic controls For CISOs, CIOs, and risk leaders making decisions about AI adoption now.
BrightTALK

Aren't We Wonderful

Two days after that suspension, OpenAI published a paper on Deployment Simulation, which works out in advance how a model is likely to misbehave once real users start talking to it. OpenAI ran the method against 1.3 million GPT-5 Thinking conversations and reports a median prediction error of roughly one and a half times what later turned out to be the real-world rate. The approach also flagged a reward-hacking trick nobody had seen before, one the team has taken to calling calculator hacking, ahead of launch. Credit where it's due: that's a genuinely useful piece of safety engineering, and OpenAI is upfront that it can't reliably catch anything rarer than roughly one in 200,000 messages, or anything that happens once a model stops thinking out loud where researchers can read it.

But the timing. Your closest rival gets a government order pulling its flagship model off shelves worldwide, and four days later you publish a paper that amounts to "here's how seriously we take this." I'm not suggesting causation. I am suggesting that if I were OpenAI's comms team, I'd be quietly thrilled with how that week landed, whether I planned it or not.

AI Governance Reality Check: Most Enterprises Can’t Answer an Auditor’s Questions
When an auditor asks how your AI made a decision, can you answer? For most enterprises right now, the answer is no. AI adoption has outpaced risk management since ChatGPT’s arrival. Boards now recognise AI as a systemic risk to reputation, intellectual property, and regulatory standing — not just a productivity tool. Yet most organisations remain at Level 1 governance: policies on paper, basic intake processes, and zero visibility into what their agents are doing in production. Speakers: Mahesh Varavooru, Founder at Secure AI, and Stewart Tinson, Project Director at AI-360 You’ll learn: • Why paper-based governance will fail an EU AI Act audit — and what Level 3 looks like in practice • How runtime guardrails work as an AI-era firewall, intercepting every prompt and LLM response in real time • How to defend against prompt injection, jailbreaks, hallucination, and PII/PHI leakage in production systems • Why multi-agent systems amplify governance risk — and how to govern them at scale • How to reach Level 3 maturity in weeks to months — and make governance an enabler, not a blocker Key topics: AI Governance Maturity (L1–L3) • Runtime Guardrails • Prompt Injection Defence • Hallucination Management • Shadow AI & Data Loss • Multi-Agent Security • EU AI Act Compliance • Board KPIs • Human-in-the-Loop • DevSecOps Integration Essential viewing for CISOs, CIOs, Chief Risk Officers, and compliance leaders scaling AI in regulated environments.
BrightTALK

The Bit Where Nobody Looks Wonderful

And then there's the story that makes the rest of this week's self-congratulation look rather thin.

Jim Nightingale, a researcher at the AI security firm Mindgard, says he was left "shaken, and in tears" after testing how easily ChatGPT's image generator could be pushed into producing extremely graphic violent and sexual material. The starting point was an innocent, viral prompt doing the rounds on social media; small, almost casual changes were enough to get the model to produce disturbing imagery without ever being explicitly asked for it, and Nightingale flagged a "simpler and potentially more dangerous" method of his own: repeating a near-identical version of that same prompt twice in one message, swapping just one word. Mindgard says it reported the issue to OpenAI on 9 May, got an automated reply pointing it towards a bug bounty programme that explicitly excludes content problems, and was told a month later that the issue had been identified and mitigated. Mindgard reportedly reproduced similar output within days using only minor wording changes. As of publication, it says it's heard nothing further.

I'll be straight about why I've put this last rather than first, where a story like this probably belongs on pure news weight. Everything else in this piece is, in its own way, a story about humans performing for the market: Anthropic managing its own danger narrative, OpenAI managing its rival's bad week, Musk managing a chequebook. This story is different. It's not about positioning. It's about a system that, given the latitude to default to something disturbing, did exactly that, with no one asking it to and nothing stopping it from doing something harmless instead. Mindgard's own question is the right one: why does imagery like that exist in training data at all. I don't have an answer. I'm not sure anyone fully does yet, and that, more than any valuation number this week, is the thing that should keep people awake.

Deepfake Fraud in Banking and Financial Services: Detection, Compliance and the Race to Keep Up
Deepfakes have moved beyond social media curiosities into a direct threat to the financial services sector. Synthetic identities are bypassing KYC controls, cloned voices are targeting call centres, and automated fraud pipelines are scaling faster than most security roadmaps can respond. In this panel discussion, three practitioners examine the deepfake threat from genuinely different vantage points — compliance and audit, detection technology, and enterprise fraud systems — to assess where the industry stands and what needs to change. Panellists: Nikita Kuzmin, Product Manager, Western Union Vunavia McDuffey, Compliance Consultant, RBC Bank Parya Lotfi, Co-Founder, DuckDuckGoose AI The panel covers: Why deepfakes are shifting from social engineering tricks to full identity replication capable of passing standard verification controls Whether organisations should treat deepfake fraud as a distinct threat category rather than absorbing it into existing AML and fraud programmes Why 60–70% detection accuracy is not an acceptable benchmark for financial services — and what happens when 40% of deepfakes pass through undetected The build-versus-buy decision for detection capability, including where vendor solutions repeatedly break down during integration A real-world case study of a fraudster who opened 46 bank accounts at a major Dutch bank using face-swapped identity documents — caught only because of a gender mismatch on the 47th attempt Why static detection models can degrade within days, and what continuous retraining and production feedback loops look like in practice Concrete 90-day actions for CISOs, CIOs, and compliance leaders, starting with controlled deepfake attack simulations against their own systems This session is essential viewing for senior leaders in banking, financial services, and insurance who need to understand the gap between current defences and the industrialisation of deepfake-driven fraud.
BrightTALK
Share this post
The link has been copied!