"GenAI" is nothing new. "AI" is just software. It's not intelligent, or alive, or sentient, or aware. People can scifi sentimentalize it if they want.
It might simulate parts of things, hopefully more reliably.
It's however a different category of software which requires management that doesn't exist yet how it should.
Cybersecurity security theatre for me is using a web browser to secure and administer what was previously already done and creating new security holes from a web interface.
Then, bypassing it to allow unmanaged MCP access to internal data moats creating it's own universe of security vulnerabilities, full stop. In a secured and contained environment, using an MCP to access data to unlock insight is one thing.
It doesn't mean dont' use MCPs. It means the AI won't figure out what the user doesn't know about security around securing MCPs which is a far more massive vulnerability because users of AI have delegated their thinking to a statistics formula ("GenAI"), because it is so impressive on the surface, but no one is checking the work to make sure it stays that way. Managing quality however, is improving.
My comment is calling out effectively letting external paths have unadulterated access to your private and corporate data.
Data is the new moat. Not UI/UX/Software.
A wormhole that exposes your data makes it available for someone to put it into their data moat far too commonly, and also for it to be mis-interpretted.
"GenAI" is nothing new. "AI" is just software. It's not intelligent, or alive, or sentient, or aware. People can scifi sentimentalize it if they want.
It might simulate parts of things, hopefully more reliably.
It's however a different category of software which requires management that doesn't exist yet how it should.
Cybersecurity security theatre for me is using a web browser to secure and administer what was previously already done and creating new security holes from a web interface.
Then, bypassing it to allow unmanaged MCP access to internal data moats creating it's own universe of security vulnerabilities, full stop. In a secured and contained environment, using an MCP to access data to unlock insight is one thing.
It doesn't mean dont' use MCPs. It means the AI won't figure out what the user doesn't know about security around securing MCPs which is a far more massive vulnerability because users of AI have delegated their thinking to a statistics formula ("GenAI"), because it is so impressive on the surface, but no one is checking the work to make sure it stays that way. Managing quality however, is improving.
My comment is calling out effectively letting external paths have unadulterated access to your private and corporate data.
Data is the new moat. Not UI/UX/Software.
A wormhole that exposes your data makes it available for someone to put it into their data moat far too commonly, and also for it to be mis-interpretted.