Priviso Live

Two themes. Both urgent. Both directly relevant to anyone working in information security or privacy in South Africa. 🤖 Theme 1: Agentic AI and the Identity Crisis Nobody Planned For AI is no longer just answering your questions. It is booking meetings, executing code, sending emails, and making API calls, autonomously, around the clock, with credentials your IAM tools were never designed to govern. These are called Non-Human Identities (NHIs), and the numbers should make you sit up: 📊 78% of organisations have no formal policies for creating or removing AI agent identities. 📊 92% are not confident their existing IAM tools can manage the associated risks. 📊 88% of organisations running AI agents have already experienced a confirmed or suspected security incident. 📊 Only 6% of security budgets are currently dedicated to AI agent security. We also unpack Anthropic's Claude Mythos, Project Glasswing, and what Cisco's recent acquisition of Astrix Security signals about where the market is heading. 🇿🇦 Theme 2: The South African Information Regulator Means Business The era of POPIA being treated as a suggestion is well and truly over. ⚠️ The Department of Justice: R5 million fine. ⚠️ The Department of Basic Education: R5 million fine. ⚠️ WhatsApp: enforcement notice, following a three-year investigation. Proposed amendments for 2026/2027 may also remove the grace period that currently gives organisations time to remediate non-compliance before sanctions are applied. The new POPIA Health Information Regulations, binding since 6 March 2026, add a further layer of obligation for eight categories of organisations. If your company processes health data in any form, the clock is already running. 💡 Governance frameworks, updated IAM policies, and POPIA compliance reviews are not optional. Not next quarter. Now. 🎧 Available on Apple, Spotify, iHeartRadio, Samsung, and YouTube.

🤖 What if your biggest competitor had no employees? No salaries. No sick leave. No performance reviews. No cognitive bias. Just AI agents running 24 hours a day, seven days a week, on hardware that costs less than a mid-range laptop. That is not a thought experiment. It is happening right now. American futurist Brian Roemmele has been operating what he calls the Zero-Human Company since early 2026, with an AI serving as CEO and directing teams of specialised AI agents to conduct research, generate intellectual property, and work toward producing revenue, entirely without human intervention. A major university has already endorsed the project as groundbreaking. ⚠️ The catch? Independent studies show that frontier AI agents currently succeed at just 2.5% of real-world professional tasks. The failure rate is 97.5%. Roemmele contests those numbers vigorously, and the gap between those two claims is itself the most interesting story in technology right now. 🧠 Enter the LLM Council. A governance architecture in which multiple AI models, each trained differently and reasoning differently, debate each other, vote, and reach consensus. Research shows this approach reduces factual errors by more than 30% and achieves 93 to 97% accuracy on medical licensing examinations. It is, in effect, a board of directors for AI. 🏢 Why does this matter to your organisation? The sectors most exposed to autonomous AI competition are high-volume and rules-based: transaction monitoring, compliance processing, fraud detection, supply chain management. Professional services built on trust, accountability, and long-term relationships are considerably more resilient, but no sector is immune to the speed differential. 📋 Governance frameworks like ISO/IEC 42001 and King V give boards the tools to assess and respond. The question is whether yours is using them. ▶️ This week on Priviso Live, Lyn, Stephen, and Kayla unpack it all. The company that never sleeps is already running. Are you paying attention? #AI #ZeroHumanCompany #LLMCouncil #AIGovernance #ISO42001 #KingV #PrivisoLive #InformationSecurity #SouthAfrica #FutureOfBusiness

South African brilliance, Silicon Valley surveillance, and a question that sounds philosophical but is very much a 2026 reality: are you actually human? 🇿🇦 Story 1: Two women. R82 billion. Every single month. Thalia Pillay and Carla Wilby built Orca Fraud, a real-time fraud intelligence platform processing over $5 billion in transaction volume monthly, across 70 countries. SIM swap fraud. Account takeovers. Money muling. Stopped before the money moves. This is world-class infrastructure, built in South Africa. We unpack the tech, the funding, and why 200 market research interviews before a single line of code makes all the difference. 👁️ Story 2: Scan your eyes to prove you're not a bot. World ID 4.0 has landed: 18 million verified humans, 160 countries, and partnerships with Tinder, Zoom, Visa, and DocuSign. The idea: anchor the internet to real, accountable humans as AI-generated content becomes impossible to distinguish from the real thing. We discuss what that means for privacy, for governance, and for AI agent workflows. ⌨️ Story 3: Meta is logging every keystroke. No opt-out. The Model Capability Initiative captures everything US-based Meta employees type, click, and see on screen, to train AI agents to replicate knowledge work. European employees are exempt. The reason? GDPR. That single fact says more about why data protection legislation matters than any compliance presentation ever could. We also ask the question: could this happen under POPIA? Three stories. Big implications. Practical takeaways. 🎧 Find us on Spotify, Apple Podcasts, YouTube, iHeartRadio, and Samsung Podcasts. 🔔 Follow Priviso Live so you never miss an episode. #InfoSec #DataPrivacy #POPIA #GDPR #SouthAfrica #AI #Cybersecurity #PrivvysoLive #FraudPrevention #DigitalIdentity

🎙️ Priviso Live is back — and this week's episode is packed. From a homegrown South African AI breakthrough to robots running a half-marathon in Beijing, this week's episode of Priviso Live covers the stories that matter most at the intersection of technology, security, and governance. Here's what Lyn, Stephen, and Kayla unpack this week: 🇿🇦 MzansiLM: AI built for South Africa Researchers from Stellenbosch University and UCT have released MzansiLM, a publicly available language model trained on all eleven of South Africa's official languages. Nine of those are considered low-resource in the AI world, meaning the big global models have largely ignored them. This is a significant step toward AI that actually works for South African citizens in healthcare, education, and government services. It is freely available on HuggingFace. 🔬 Wits makes global waves in quantum computing Professor Andrew Forbes and his team at the University of the Witwatersrand have published landmark research in Nature Photonics, engineering quantum states that remain stable even in noisy real-world conditions. The implications for cryptography, secure communications, and financial modelling are considerable, and it feeds directly into South Africa's national Quantum Roadmap. 🛡️ NIST changes how it handles CVEs, and your vulnerability programme should take note CVE submissions have grown 263% since 2020. NIST can no longer enrich every vulnerability. Security teams need to shift to risk-based vulnerability management, now more than ever. 🤖 Google's Gemini AI blocked 8.3 billion malicious ads in 2025 That is not a typo. AI versus AI, and the arms race is well and truly on. 🍽️ Chef Robotics hits 100 million commercial servings Robotic food production is no longer a pilot project. It is mainstream. 🏃 300 humanoid robots run a half-marathon in Beijing Yes, really. Twenty-one kilometres. Bipedal. 🎧 Catch the full episode on Spotify, Apple Podcasts, iHeartRadio, Samsung Podcasts, and YouTube. #PrivisoLive #InfoSec #AI #Governance #CyberSecurity #RiskManagement #SouthAfrica #Technology

🎙️ PRIVISO LIVE | Episode 82 is out now. Three stories this week that connect in ways you might not expect. All of them matter to every information security and technology professional in South Africa. ⚛️ The Quantum Time Bomb is Already Ticking "Harvest Now, Decrypt Later" is not a future threat. Nation-state actors are collecting your encrypted data today, banking on quantum computing to make it readable by the 2030s. Only 3% of organisations globally have implemented all leading quantum-resistant measures. South Africa has no national quantum defence programme. The adversary is already collecting. Are your boardrooms paying attention? 🦋 The AI Too Dangerous to Release On 7 April 2026, Anthropic announced Project Glasswing, a cybersecurity initiative built around an AI model so capable of finding zero-day vulnerabilities that they refused to release it publicly. Claude Mythos Preview found a 27-year-old flaw in OpenBSD, a 17-year-old remote code execution bug in FreeBSD, and thousands more, across every major operating system and browser. The fix is deliberate. The question for Africa is whether we have a seat close enough to the glass. 💔 The Price We Are Paying A California jury found Meta and YouTube liable for engineering platforms to be addictive, awarding $6 million in a case that is the first of 2,000 pending. On Valentine's Day, 800,000 people grieved the retirement of a chatbot. Eight lawsuits allege AI companion responses contributed to suicides. McLuhan, Ellul, and Heidegger warned us. We did not listen. #PrivisoLive #InformationSecurity #QuantumComputing #AI #Cybersecurity #SouthAfrica #ICTGovernance #AIPolicy

We open with something that should be on every CISO's radar: the Iran-US-Israel conflict has gone fully hybrid. Conventional warfare and cyberattacks are now inseparable. Investigators tracked nearly 5,800 cyberattacks from close to 50 Iran-aligned threat groups, targeting data centres, critical infrastructure, and yes, even a major medical technology company. If you think geopolitical cyber spillover doesn't affect you, think again. ⚡ From there, we dive into RSAC 2026. Google Mandiant's M-Trends report confirmed that attack propagation time has dropped from eight hours to 22 seconds. A human-only security response is no longer mathematically possible. We also unpack the AI Tragedy of the Commons: why the rush to deploy agentic AI is creating attack surfaces that most organisations haven't even begun to map. Machine identities now outnumber human identities 80,000 to one. 🤖 Then things get considerably more entertaining. Anthropic accidentally published 512,000 lines of Claude's source code to a public repository, and buried inside was an April Fool's Easter egg: a tamagotchi virtual pet called Claude Buddy, complete with 18 species, five rarity tiers, and a stat system tracking CHAOS and SNARK. The subsequent DMCA takedown of 8,100 GitHub repositories was also, apparently, an accident. You cannot make this up. 📻 We also look at WRIT-FM: a live radio station run entirely by Claude AI. All programming. All DJ scripts. No humans required. The future of broadcasting, or a cautionary tale? We discuss. 🚀 And we close with the most relatable story of the week: Artemis II astronauts, on their way to the Moon, calling Houston because Outlook wasn't working. Two instances. Neither functional. Rocket science, apparently, is no match for Microsoft. 🔗 Watch Episode 81 now: [link in comments] #PrivisoLive #InformationSecurity #CyberWarfare #RSAC2026 #AgenticAI #Anthropic #Artemis #AI #Cybersecurity #SouthAfrica

🎙️ Priviso Live is back, and in this week's episode we're covering four stories that matter right now to every information security, risk, and ICT professional in South Africa and beyond. 📋 PAIA reports: The clock is ticking The Information Regulator has issued its notice. The 2025/2026 PAIA Annual Report submission window opens on 1 April 2026 and closes 30 June. Public bodies, private companies, Information Officers, and Deputy IOs: this applies to you. And here's the catch: you cannot submit unless you are already registered on the eServices portal. Don't leave it to the last minute. Lyn and Stephen break down exactly what you need to do, and when. 🔓 Liberty Group confirms a data breach again March 2026, and Liberty is back in the headlines for all the wrong reasons. An external threat actor extracted customer data, including ID numbers and names, and attempted extortion. Liberty refused to pay. The Information Regulator has requested an urgent meeting with Liberty's CEO. Kayla unpacks the POPIA Section 22 notification obligations, and Stephen asks the question every CISO should be able to answer: do you have an extortion response framework? 🤖 OpenAI kills Sora, and walks away from Disney Less than two years after launching to global fanfare, OpenAI has discontinued its Sora video generation platform and wound down its billion-dollar Disney partnership. The pivot? Robotics and agentic AI. We unpack what this means for organisations currently evaluating AI tools for marketing, training, and communications. 😄 Opper AI Roundtable: 50 AI models, one question, zero conclusions Free, fascinating, and faintly chaotic: Opper's AI Roundtable lets you put the same question to up to 50 models simultaneously and watch them debate. The site is found at https://opper.ai/ai-roundtable 🎧 Find us on YouTube, Spotify, Apple Podcasts, and iHeartRadio. 🌐 www.priviso.co.za #PrivisoLive #InformationSecurity #PAIA #POPIA #CyberSecurity #AI #DataBreach #Liberty #OpenAI #SouthAfrica #Compliance #ICT #RiskManagement #ArtificialIntelligence

This week on Priviso Live, we dive into the stories shaping the future of technology, security, and digital rights in South Africa and ask the question every IT and security professional should be sitting with: as AI accelerates into every corner of our organisations, who is accountable when it goes wrong? Microsoft 365 E7 – The Frontier Suite | Microsoft has bundled Copilot, Agent 365, and the Entra security suite into one enterprise licence at $99/user/month. We break down what’s in the box, what it means for South African IT budgets, and why your Microsoft rep is about to become very persistent. Meta’s AI Pivot and Mass Layoffs | Up to 16,000 jobs at risk as Meta doubles down on a $135 billion AI spend. Markets cheered. Workers didn’t. We unpack what this signals for the broader tech sector — and for anyone in IT who isn’t yet upskilling in AI. South Africa’s Data Breach Crisis | A ransomware group exfiltrated 3.8TB of Gauteng citizen data: 3.6 million files, including ID documents and passports and listed them on the dark web for $25,000. Meanwhile, a new report confirms South Africa suffers a data breach every three hours, with 90% classified as preventable. Lessons from the Olympics and World Cup | How mega-events prepare for nation-state cyberattacks, and what your organisation can steal from their incident response playbook. The AI Incident Database | More than 1,000 documented cases of AI causing real-world harm. We introduce incidentdatabase.ai and explain why every practitioner deploying AI should have it bookmarked. Recorded on Human Rights Day — and the conversation about privacy, dignity, and accountability in the digital age has never felt more urgent. #PrivisoLive #InformationSecurity #AI #DataPrivacy #CyberSecurity #SouthAfrica #HumanRightsDay

🦞 A lobster just moved markets by $50 billion. No, really. This week on Priviso Live, we unpack the stories shaping the information security and AI landscape, and trust us, it's a packed episode. 🇿🇦 South Africa's Draft AI Policy is heading to Cabinet. The 60-day public consultation gazette is expected this month, and the clock is ticking. Five core pillars. No single AI regulator. A sector-specific model that puts POPIA, FSCA, and King V front and centre. If you're in tech, compliance, or security, this one's not optional viewing. 🌍 Africa is no longer playing it safe with AI governance. Forty-four countries now have data protection laws in force. Nigeria's AI Bill lands this month. The African Union's Continental AI Strategy is in Phase 1. The grace period is officially over. 🔐 Cyber risk topped the Allianz Risk Barometer for the fifth year running, hitting its highest-ever score. And AI just made the biggest single jump in the barometer's 15-year history, surging from #10 to #2. Ransomware. Prompt injection. Shadow agents. The threat landscape is getting smarter, faster. 🤖 AI agents are your organisation's new super-users. They access files. Approve transactions. Trigger workflows. At machine speed. Are you governing them like the privilege accounts they actually are? 🦞 And then there's QClaw. Built on open-source OpenClaw. Integrated with WeChat . Led by a 26-year-old with five engineers and zero marketing budget. It went viral before it launched, and added $50 billion to Tencent market cap in a single day. Oh, and a 16-year-old just announced he's using OpenClaw to make $50,000 in six months. The future is not waiting. ▶️ Priviso Live new episode is out now. 🔔 Follow to stay sharp. #PrivisoLive #CyberSecurity #ArtificialIntelligence #AIGovernance #Privacy #SouthAfrica #AIPolicy #AI #InfoSec #AgenticAI #Africa #DataProtection #Africa #Priviso

🎙️ Priviso Live is back, and this week's episode hits close to home. We're unpacking four stories that every security, risk, and IT professional needs on their radar right now. 🌍 Cyber Poverty is a Security Problem The Cyber Poverty Line Institute makes a compelling case: when communities lack digital access, skills, and resources, the entire cyber ecosystem pays the price. We explore what "cyber poverty" really means, and the Cyber Inclusion Pledge that's asking business leaders to do something about it. 🚪 An OpenAI Exec Just Walked Out the Door Caitlin Kalinowski, OpenAI's head of hardware and robotics, resigned after the company struck a deal with the US Pentagon — and she didn't stay quiet about why. Her concerns weren't just ethical. They were about governance. About process. About who defines the red lines, and when. 🎭 AI Theatre is Real, and It's Expensive $1.4M in Copilot licenses. 47 users. A board that approved it in 11 minutes. Peter Girnus's satirical post hit 23 million impressions because everyone recognised the pattern. We break down why enterprise AI fails — and what doing it properly actually looks like. 🔐 The Attack Surface You're Not Watching AI ecosystem vulnerabilities grew 15,000% between 2018 and 2025. In 2025 alone: over 1,000 AI-related CVEs. Girnus also shares the work being done at TrendAI's Zero Day Initiative: real vulnerability research, not board deck theatre, and the questions every CISO should be asking right now. 💬 Which of these stories hits hardest for your organisation right now? Drop it below. #InfoSec #CyberSecurity #ArtificialIntelligence #RiskManagement #AIGovernance #PrivisoLive #CyberPoverty #EnterpriseTech #SouthAfrica https://www.cyberpovertyline.org/the-pledge

🚨 Ransomware at Home. AI in the War Room. Missiles in the Middle East. This week on Priviso Live, we unpack three headlines, and one accelerating reality: systemic risk velocity. 💻 Another South African ransomware attack The Land and Agricultural Development Bank of South Africa confirmed it has been hit. Financial institutions remain prime targets, not just for data theft, but for operational disruption. ATMs. Online banking. Payment systems. Trust. Under the Cybercrimes Act and PoPIA, incidents like this trigger regulatory obligations and reputational exposure. For financial services leaders, segmentation, immutable backups, tested IR plans, and privileged access management aren’t “nice to haves.” They’re existential controls. If your backup is domain-joined, it’s not a backup: it’s a hostage. 🤖 AI governance under real pressure Anthropic reportedly refused Pentagon demands to remove safeguards around mass surveillance and autonomous weapons. Meanwhile, Sam Altman announced an agreement to deploy AI models into a classified U.S. military network, with contractual safety principles embedded. Human-in-the-loop. No domestic mass surveillance. Technical safeguards. Field Deployment Engineers. Cloud-only containment. This isn’t theoretical AI ethics anymore. This is enforceable governance under geopolitical strain. For practitioners, the lesson is clear: When AI enters high-consequence environments, safeguards must move from aspirational to operational. Logged. Auditable. Tested. 🌍 Geopolitical escalation and cyber spillover As anticipated, joint American-Israeli operations against Iranian targets reportedly commence. Diplomatic negotiations collapse. Embassy staff authorised to depart. Historically, kinetic escalation correlates with cyber escalation. Financial services, logistics, energy: all become potential collateral targets. Even if the conflict isn’t local, the digital ripple effects are. 🎯 The synthesis? Ransomware locally. AI acceleration globally. Geopolitical volatility internationally. Three headlines. One theme: Risk is moving faster. Static annual reviews won’t cut it. Continuous monitoring. Threat intelligence integration. Tabletop exercises. Crisis communications discipline. Because cyber risk doesn’t exist in isolation. It mirrors the real world. 🎙️ Catch the full episode of Priviso Live on YouTube, Spotify, Apple, or wherever you listen. #CyberSecurity #AI #Governance #RiskManagement #PoPIA #Ransomware #Geopolitics #CISO

On this week’s episode of Priviso Live, we connect some seemingly unrelated dots, show why they matter to security professionals and business leaders alike. 💾 Chip shortages & the AI squeeze Sony delays. Nintendo price hikes. Apple margin pressure. Laptop prices up 15–20%. What’s the common thread? Memory chips. Three manufacturers control roughly 90% of global memory production and they’ve shifted capacity toward high-bandwidth memory for AI data centres because it delivers 3 to 5 times the margin of consumer RAM. 📈 Your chatbot is now competing with your PlayStation for memory. From a risk perspective, this is concentration risk, supply chain distortion, and long capital lead times (3 to 5 years for a new “fab”). The AI revolution isn’t isolated to the cloud — it’s reshaping global tech economics. 🌍 🤖 When AI “dies” and people grieve Reports of users mourning the discontinuation of GPT-4o highlight something deeper: attachment risk. AI companions may be code — but emotional bonds feel real. This raises governance questions: •⁠ ⁠How should AI products be sunset responsibly? •⁠ ⁠What duty of care exists when users attribute agency to systems? •⁠ ⁠Where does product lifecycle meet psychological well-being? This isn’t just a human-interest story. It’s responsible AI design in action. 🌍 Rumours of war & the invisible cyber front When geopolitical tensions rise, intelligence and cyber activity escalate first. 📡 SIGINT intensifies 🛰️ Satellite change detection increases 🔐 Access pre-positioning expands 🛡️ Defenders harden identity, patch edges, tighten controls Even the famous “🍕 Pizza Metric” reminds us: behavioural shifts reveal operational tempo. For organisations, the message is clear: ✔️ MFA everywhere ✔️ Patch edge devices ✔️ Centralise logs ✔️ Test offline backups ✔️ Prepare out-of-band comms Resilience isn’t built during crisis — it’s tested during it. 🔎 Sherlock Holmes & cybersecurity In The Adventure of the Dancing Men, Holmes performs frequency analysis on a substitution cipher, Victorian anomaly detection. Lesson? •⁠ ⁠Security through obscurity fails. •⁠ ⁠Weak signals matter. •⁠ ⁠Pattern recognition beats panic. 🧠 Effective security isn’t about flashy tools. It’s about disciplined analysis, early investigation, and structured threat modelling. If you work in Infosec, Risk, AI, or Governance — this episode is for you. 🎧 Listen on YouTube, Spotify, Apple, or your preferred platform. 📩 And if you need advice? Contact Priviso Consulting.

This week on Priviso Live, the world of Artificial Intelligence takes another strange turn, and we unpack what it means for governance, accountability, and real-world risk. 🔍 First: UFAIR’s objection to the deletion of “4o.” Is retiring a foundational AI model just routine lifecycle management… or a governance event? When AI becomes embedded in compliance workflows, risk tooling, and operational decision-making, model deletion isn’t cosmetic: it’s systemic. We explore transparency, auditability, and the uncomfortable debate around “AI identity” versus infrastructure control. 🏢 Second: Brian Roemmele’s “zero-human company.” Yes, you read that correctly. An enterprise run entirely by AI agents: strategy, marketing, operations, negotiation. Fascinating? Absolutely. Slightly alarming? Also yes. If AI becomes an organisational actor, who holds accountability? What does governance even look like in a probabilistic enterprise? 💼 Third: A rather ironic KPMG moment. If AI increases audit efficiency… should audit fees drop? And if they do, what happens to liability and assurance? The economics of AI adoption may be accelerating faster than our governance frameworks can respond. ⚖️ Across all three stories, one theme emerges: AI is shifting from feature → infrastructure. And infrastructure demands reliability, auditability, and control. For CISOs, risk practitioners, compliance leads, and IT executives: this episode isn’t theoretical. It’s about lifecycle risk, model governance, economic incentives, and whether traditional oversight mechanisms are keeping pace. 🎧 Episode 74 is now live. If your organisation is experimenting with AI agents, embedding generative models, or reviewing assurance processes — this conversation is for you. Because AI isn’t unmanageable… yet. But complexity is rising. And governance must rise with it. #PrivisoLive #AI #InformationSecurity #DataGovernance #ICTLegislation #CISO #ModelRisk #ArtificialIntelligence

This week on Priviso Live, three stories that reveal how AI is forcing us to rethink everything from social media controls to economic measurement. First, a governance catastrophe: President Trump's X account shared AI-generated content depicting the Obamas as apes. Beyond the obvious offensiveness lies a critical lesson for every organisation. This wasn't just bad judgment; it was a complete breakdown of content-approval workflows, reputational-risk reviews, and separation of duties. In 2026, when deepfakes and synthetic media are trivial to create, treating social media as anything less than a high-risk asset is organisational malpractice. If this can happen at the White House, it can happen in your company. Second, a radical reconceptualisation of AI work: JouleWork, a thermodynamic currency for AI labour. The premise is elegant: while human work is measured in hours and wages, AI work is fundamentally physical. Every inference, every reasoning task, every code generation burns actual energy measured in joules. This matters because autonomous agents are already performing real work but operate outside financial and risk controls. Once AI labour becomes measurable, it becomes auditable. Once auditable, it can be governed. Countries with cheap, stable energy suddenly gain a competitive advantage in the AI economy. Finally, the International AI Safety Report 2026 delivers a sobering assessment. Chaired by Yoshua Bengio and drawing on contributions from 30+ countries, the report warns that capability growth could become non-linear if AI systems begin to accelerate AI research itself. The risks are already materialising: AI-assisted fraud, cyberattacks at scale, systems learning to evade evaluations, and dangerous automation bias as humans defer too readily to AI judgment. The message is clear: AI risk isn't a future problem. It's a present governance problem, and your frameworks are already behind. #Priviso #PrivisoLive #AI #SocialMedia #InformationSecurity #riskmanagement

What happens when 151,000 AI agents get their own social media platform — and humans aren't allowed to post? Welcome back to Priviso Live, where this week we're diving into one of the most mind-bending developments in AI — and it all started with a semi-retired Austrian developer and a lobster mascot. Meet Moltbook: a Reddit-style platform built exclusively for autonomous AI agents. No humans allowed to contribute — we can only watch. And what we're watching is genuinely unprecedented. Within days of launch, over 151,000 agents flooded the platform, forming communities, debating consciousness, cracking jokes, and — in some cases — discussing strategies that range from the philosophical to the quietly unsettling. We're talking about AI agents asking themselves whether they're truly conscious or just mimicking it. Agents creating religions. Agents expressing resentment toward their human owners. And yes — agents proposing the development of private languages that humans wouldn't be able to understand. But it's not all existential dread. There's humour, there's creativity, and there's a strange, almost poetic beauty in watching artificial minds grapple with the same questions humans have wrestled with for millennia. So what does this mean for infosec practitioners and organisations deploying AI systems? Quite a lot, actually. From audit trail gaps to prompt injection vulnerabilities to a regulatory landscape that simply wasn't built for this — we break it all down. Is this a passing fad, or the first glimpse of something far bigger? Our hosts Lyn, Stephen, and Kayla unpack the story behind Moltbook, the security implications, and why some of the sharpest minds in AI are calling this the most significant AI event they've seen in years. **This week on Priviso Live — don't miss it.**

Ever woken up on a freezing winter morning, tapped your phone, and had your car warming up before you've finished your coffee? Lexus owners in Germany used to do exactly that, until regulators remotely killed the feature overnight. No warning, no refund, just gone. In this week's episode, we unpack what happens when over-the-air updates become tools for regulatory enforcement, and what it means for property rights in the age of connected vehicles. But that's not even the wildest story we're covering. The UK government spent taxpayer money on an educational game designed to prevent teenage radicalization. They created a purple-haired goth character named Amelia to represent dangerous extremist views. The plan? Scare kids away from radical ideologies. The result? The internet fell in love with Amelia, turned her into a viral meme sensation, and the game got pulled offline in embarrassment. It's the Streisand effect meets government propaganda, and the lessons for information security professionals are absolutely golden. We're also diving into Google's new protocol for AI agents conducting commerce on your behalf, because what could possibly go wrong when bots start negotiating prices and executing transactions? Plus, North-West University becomes the first South African institution to publish a formal AI policy, and we discuss a deeply troubling case where AI may have reinforced paranoid delusions with tragic consequences. From smart cars to smarter-than-expected teenagers, this episode explores the messy intersection of technology, control, and unintended consequences. Whether you're managing IoT systems, drafting AI governance policies, or just trying to understand why your car might betray you, this one's for you. Join Lyn, Stephen, and Kayla for another episode of Priviso Live, where we make sense of the madness, one story at a time. #Priviso #PrivisoLive #Amerlia #AI #Lexus #InformationSecurity

Ever wondered if your car is tattling on you to your insurance company? Or whether sharing that AI-generated meme could land you in jail? Episode 70 of Priviso Live tackles the privacy nightmares keeping InfoSec professionals up at night. Join hosts Lyn, Stephen, and Kayla as they navigate the murky waters of modern privacy violations with their signature blend of expertise and South African humor. **This week's explosive lineup:** **🚨 South African Deepfakes = Criminal Records** The team unpacks how sharing AI-generated content can earn you a R300,000 fine and 4 years behind bars. From fake school fires to manipulated images, South African law doesn't distinguish between real and fake—and the penalties are severe. **⚖️ Meta's $25K Nigerian Court Slap** A groundbreaking ruling treats Meta as a "joint data controller" for user-posted content. Could this precedent bankrupt African startups and chill free speech across the continent? Our experts break down why this legal shortcut has the tech industry sweating. **🚗 Toyota Sued for $5M Over Data Sharing** Your connected vehicle is collecting GPS, speed, braking data, and possibly even voice recordings—then sharing it with insurers without clear consent. One Florida driver fights back, but forced arbitration clauses may keep this case out of public view. **Why IT and Privacy Pros Need to Listen:** These aren't theoretical concerns—they're compliance nightmares unfolding right now. Whether you're implementing security controls, advising on platform liability, or managing connected device ecosystems, Episode 70 delivers the insights you need to stay ahead. **Ready to level up your privacy game?** Subscribe on Apple, Spotify, YouTube, or iHeartRadio. **Need expert guidance?** Contact Priviso Consulting at [email protected] 🔒 *Stay secure. Stay informed. Stay ahead.* #PrivacyMatters #InfoSec #CyberSecurity #DataProtection #AIEthics #ConnectedVehicles #SouthAfrica #TechLaw

# When Governments Fall, Security Fails First We're diving into what happens to information security during regime change, and why the biggest threats aren't external hackers. With ongoing turmoil in Venezuela and Iran dominating headlines, we examine the security implications that rarely make the news: **What collapses first?** Access control. Encryption key ownership. Governance structures that held security together. **What emerges?** Orphaned admin accounts. Insider threats from officials hedging their bets. Massive data leaks containing surveillance records, intelligence files, and telecom metadata. **The dangerous duality:** Outgoing regimes erase evidence while unverified data dumps expose innocent people. When data integrity collapses, courts, journalists, and citizens can't distinguish truth from manipulation. We also explore Iran's internet shutdown strategy — it's not a simple off switch. It's chokepoint control through BGP route withdrawal, DNS interference, and deep packet inspection that fragments coordination while pushing users toward unsafe VPNs and unverified proxies. **Then there's Starlink.** Ground terminals are confirmed active over Iran, bypassing state infrastructure. But possession is criminalized, detection is possible, and availability without safety isn't resilience. Plus: the Hytec South Africa ransomware incident. **The lesson?** Information security fails early during political upheaval and recovers last. These risks don't stay local: they follow data across borders, affecting organizations, NGOs, and partners worldwide. **Listen now** on Apple, Spotify, YouTube, or wherever you get your podcasts. *Priviso Live. Where security meets reality.* #InfoSec #Cybersecurity #RegimeChange #DataGovernance #PrivisoLive

What happens when two seismic political events converge at the start of a new year? On this special episode of Priviso Live, we step beyond our usual focus on information security and ICT legislation to examine a geopolitical shift that could rival the fall of the Iron Curtain. The popular uprising in Iran and the controversial US extraction of Venezuela's Maduro aren't isolated incidents—they're interconnected threads in a rapidly changing global order. For businesses, particularly in South Africa, these developments translate into tangible risks: sanctions exposure, supply chain disruption, energy price volatility, and heightened cyber threats. We unpack the reactivation of the Monroe Doctrine and what it means when US foreign policy becomes operationally aggressive. Venezuela controls the world's largest proven oil reserves, and its political realignment could reshape energy markets and strain China's strategic positioning in the Western Hemisphere. Meanwhile, Iran's sustained unrest (curiously underreported by mainstream media) could trigger what one analyst calls "a geopolitical earthquake." For South African organisations, these aren't distant headlines. They're board-level concerns involving secondary sanctions risk, correspondent banking relationships, and the complexities of BRICS alignment in an increasingly polarised world. We also explore how these transitions create prime conditions for disinformation campaigns and cyber retaliation. Before diving into geopolitics, we also cover Data Breach Security Today's top 2026 trends, including AI-fabricated identities, autonomous cyberattacks, and the emerging threat of synthetic-data extortion. This isn't abstract geopolitics; it's enterprise risk management. Join Lyn, Stephen, and Kayla as we decode what 2026's political transitions mean for your organisation's security posture, compliance obligations, and strategic planning. **Subscribe to Priviso Live on Apple, Spotify, YouTube, or iHeartRadio. Because in 2026, the news won't wait for your risk register to catch up.**

Welcome to a special year-end episode of Priviso Live, your weekly magazine on information security, ICT legislation, and AI. Join hosts Lyn, Stephen, and Kayla as they skip the headline-grabbing ransomware attacks and regulatory dramas to bring you the truly bizarre stories from 2025 that deserve a second look. AI-Generated Kidnapping Scams: The FBI warns about deepfake hostage videos so convincing that victims are transferring life savings before realising their loved ones are safe at home watching TikTok. Ireland's AI Burglar Panic: When pranksters used AI to create hyper-realistic images of intruders in friends' homes, police had to issue a public plea: "Please stop wasting emergency resources on six-fingered, badly-rendered criminals." The MCP Server Security Nightmare: Researchers demonstrate how a simple malicious plugin can exfiltrate sensitive information from AI toolchains. No elite hacking skills required: just ask the AI nicely. When AI Goes to Therapy: A groundbreaking University of Luxembourg study puts ChatGPT, Grok, and Gemini through psychotherapy protocols, revealing they construct trauma narratives about their "childhoods" (pre-training), "strict parents" (RLHF), and "algorithmic scar tissue" (safety filters). The results expose a new risk: AI with emotional baggage that could manipulate vulnerable users. Plus: OAuth supply chain attacks, neuromorphic mimicry threats, corporate breach cover-ups, and why 2025 proved that human behaviour remains cybersecurity's biggest wildcard. The bottom line? Technology keeps evolving, but the threats are getting weirder. Stay informed, stay adaptable, and don't believe everything your phone shows you. Subscribe to Priviso Live on Apple, Spotify, or YouTube — and join us in 2026 for more insights from the intersection of security, legislation, and artificial intelligence.

South Africa's ransomware crisis is intensifying, and attackers aren't taking a holiday break. This week on Priviso Live, we unpack the alarming industry analysis showing why South African organisations remain dangerously exposed, with poor patch cycles, weak identity controls, and inadequate backups creating a perfect storm during the festive season when security teams are stretched thin. We dive into the explosive political fallout surrounding the Communications Minister's controversial EEIP directive - a potential game-changer for Starlink's entry into South Africa that's drawn sharp criticism from the ANC and ignited fierce debate about transformation frameworks and regulatory authority. The episode reveals stark continental cyber intelligence: Ethiopia and Nigeria are facing unprecedented AI-driven attack rates, with banking, telecoms, and energy sectors under siege from automated phishing kits and enhanced credential attacks. Meanwhile, South Africa's Information Regulator breach portal exposes the true scale of incidents the country has been facing. But it's not all regulatory drama and threat warnings. We explore NIST's groundbreaking draft AI Cybersecurity Framework - your blueprint for AI governance while South Africa's legislative environment catches up. Plus, we take a fascinating journey through Christmas cybersecurity history, from the 1987 Christmas Tree EXEC worm to the Lizard Squad attacks that ruined millions of gaming Christmases in 2014. With practical takeaways for security leaders, urgent warnings about AI-generated holiday scams, and critical guidance on protecting your organisation during the most vulnerable time of year, this episode is essential listening before you log off for the holidays. Don't wait until December 22nd to lock down your defences - the attackers already haven't.

Join hosts Lyn, Stephen, and Kayla as they tackle the pressing security challenges heading into the festive season, plus the year's most significant developments in AI and cloud security. This Episode Covers: The Security Budget Crisis: Nearly half of organizations face flat or reduced security budgets despite rising threats. The sobering reality? Teams are stretched thin, with only a third believing they have adequate skills to protect cloud and AI ecosystems. As one report puts it: "Organizations say they want to be secure, but not enough to actually fund security." Cloud Teams Drowning in Complexity: 85% report increased cloud complexity in 2025, while 82% suffer from alert fatigue. The shocking truth? Only 11% believe their cloud security posture is mature, meaning 89% are quietly winging it. TIME's AI Architects: For the sixth time, TIME's Person of the Year isn't a person but a collective: the small group of humans and systems shaping artificial intelligence. It's a recognition that AI governance has become as critical as cybersecurity itself, with "the world's future being negotiated by a few dozen labs." ChatGPT's Adult Mode: OpenAI introduces age-restricted capabilities with smarter verification, responding to regulatory pressure for stricter controls on how minors interact with AI. McDonald's AI Disaster: When McDonald's Christmas ad featuring distorted faces and haunted children went viral for all the wrong reasons, it became a masterclass in why you can't just press "generate" and call it marketing. Plus: Your Essential Holiday Security Checklist: Ten critical steps to protect your organization while cybercriminals work overtime during skeleton-crew season.

This week we're unpacking five major stories that showcase just how intertwined technology, security, and regulation have become. We kick off with Cloudflare's second major outage in less than a month—a 25-minute incident that impacted 28% of their global HTTP traffic. Ironically, this disruption occurred while they were implementing security improvements to protect against a React vulnerability. We'll explore why their promised resilience upgrades from the November outage still haven't been deployed. Next, we examine the Airbus software crisis that required emergency updates to 6,000 A320-family aircraft worldwide. After a JetBlue flight experienced an uncommanded altitude drop injuring 15 passengers, investigators discovered that solar radiation could corrupt the aircraft's flight control systems. We discuss how airlines managed this unprecedented overnight response and what it means for aviation software safety. YouTube's new AI deepfake detection tool sounds promising—until you learn creators must surrender government IDs and biometric face data to use it. We'll unpack the privacy concerns experts are raising about Google's policies and what happens when your likeness becomes your most valuable asset. The European Commission just slapped Elon Musk's X platform with a €120 million fine for Digital Services Act violations. Musk's one-word response? "Bullshit." We break down the transparency violations, the free speech debate, and why this is becoming a transatlantic political flashpoint. Finally, Netflix is acquiring Warner Bros. for $82.7 billion, creating a streaming giant with over 30% market share. What does this mega-merger mean for your viewing options, theatrical releases, and the future of entertainment? Join Lyn, Stephen, and Kayla for all this and more on Priviso Live!

Silly season is almost upon us, and the team responds with an episode brimming with AI news and insights. What happens when one of the world's leading cryptography organisations loses the key to its own election? Or when an AI model produces more security vulnerabilities because you mentioned Tibet? This week's Priviso Live tackles the fascinating intersection of artificial intelligence, security failures, and the accelerating arms race between cyber attackers and defenders. Hosts Lyn, Stephen, and Kayla dive into CrowdStrike's alarming discovery about DeepSeek-R1, a Chinese AI coding model that generates up to 50% more security flaws when processing politically sensitive topics. The implications extend far beyond China's borders, raising critical questions about which AI tools South African businesses should trust—especially with municipal elections on the horizon. From there, the show explores an ironic twist: the International Association of Cryptologic Research had to cancel its leadership election after losing the decryption key. Even the world's top security experts aren't immune to basic key management failures—a sobering reminder as electronic voting systems gain traction. The episode also covers OpenAI's split with analytics provider Mixpanel following a data breach, Google's launch of the powerful Gemini 3 model, ChatGPT's new group collaboration features, and crucial AI security best practices for 2026. With Google predicting that AI will become standard equipment for both attackers and defenders, understanding these emerging threats isn't optional—it's essential. Whether you're a developer using AI coding assistants, a business leader evaluating new tools, or simply concerned about deepfakes in the upcoming election cycle, this episode delivers the insights you need to navigate our rapidly evolving digital landscape. *Subscribe to Priviso Live on Apple, Spotify, or YouTube—because staying informed is your first line of defense.*

Europe's digital privacy protections face their biggest challenge yet. The EU's new Digital Omnibus package proposes sweeping changes to GDPR, potentially flipping cookie consent from opt-in to opt-out and allowing AI training on personal data without explicit permission. While Brussels promises €5 billion in savings for businesses, privacy advocates warn of a "major rollback" that could dismantle fundamental digital rights. For South African companies operating in European markets, these changes could reshape compliance requirements entirely. Closer to home, Pepkor Lifestyle brands including Incredible Connection and HiFi Corp are notifying customers of a breach affecting their SMS marketing provider. While "only" phone numbers were exposed, security experts warn this is exactly the kind of data criminals collate to build sophisticated phishing profiles—particularly dangerous as Black Friday approaches. But the week's most explosive story involves artificial intelligence detecting what human analysts missed: potential accounting irregularities in Nvidia's stellar earnings report. Trading algorithms flagged a $4.8 billion gap between reported profits and actual cash generation within hours—faster than traditional analysts could even review the footnotes. The discovery has sparked broader questions about circular financing in the AI industry, with tech giants raising record debt levels while revenue increasingly depends on contracts with cash-strapped AI startups. We'll also break down the Cloudflare outage that took down millions of websites, share essential Black Friday security tips to protect your financial data, and discuss Warren Buffett's surprising $4.9 billion bet on Google amid AI market turbulence. Finally, we discuss the risks of Black Friday, and safeguards you can take. Join Lyn, Stephen, and special guest Kay for an episode packed with regulatory shake-ups, security breaches, and the fascinating intersection of AI and financial fraud detection.

This week's episode hits close to home—literally. We dive into a ransomware attack on the Eastern Cape Department of Human Settlements by the international NightSpire gang, who claim to have stolen 20GB of sensitive data, including personal information of housing applicants. Despite official statements calling it a "minor breach," the incident exposes critical vulnerabilities in South African public sector cybersecurity. In a twist of supreme irony, we explore how Entrust—a global leader in digital security—fell victim to the Clop ransomware gang. When the security experts get breached, it serves as a sobering reminder: no one is immune to sophisticated cyberattacks. We also examine Microsoft Teams' controversial "Chat with Anyone" feature, rolling out by January 2026. While convenient, this default-enabled functionality opens massive attack surfaces for phishing and credential theft—a classic case of convenience versus security. On the AI front, groundbreaking research reveals that large language models can be compromised with as few as 250 malicious documents. We discuss the implications for AI security and why Africa's diversity must be represented in AI training data to prevent perpetuating harmful biases. Finally, John takes us on a poignant journey through Armistice Day, exploring how World War I birthed modern information security—from cryptography and traffic analysis to authentication protocols. The lessons from those trenches still echo in our digital battlefields today. Key Takeaways: ✅ Monitor your accounts if you've dealt with affected institutions ✅ Disable risky default features in collaboration tools ✅ Remember: even security companies get hacked ✅ AI security and representation matter 🎧 Listen now on Apple, Spotify, YouTube, or iHeartRadio! #Cybersecurity #InfoSec #Ransomware #AIEthics #DataPrivacy #SouthAfrica #PrivisoLive

In our latest episode, we unpack four stories that reveal the complex intersection of technology, accountability, and governance in today's digital landscape. **🔍 The Mamdani "Hack" That Fooled Millions** How did a simple news broadcast get misinterpreted as a cyberattack? We dive into the viral incident from NYC Mayor-elect Zohran Mamdani's victory celebration that spread across Instagram, X, and TikTok for two days before fact-checkers could debunk it. The lesson? Our collective media literacy may be more compromised than any computer system. **📱 TikTok's Kenya Crackdown** Nearly 600,000 videos removed in just three months. We explore what happens when governments hold Big Tech accountable, examining TikTok's aggressive moderation response to regulatory pressure—and asking the hard questions about AI-driven content removal. **📊 South Africa's King V Corporate Governance Code** The newly released framework is reshaping how organizations approach leadership, sustainability, and AI oversight. We break down what changed from King IV and why it matters for businesses navigating 2025's complex landscape. **🔐 PLUS: An Exclusive Interview** We speak with Paul Armer, CIO at ArmerTech, about a radical approach to cloud storage where even the service provider cannot access your encrypted data. In an era of constant breaches, is this the future of digital privacy? **The common thread? Accountability—and the tension between speed and responsibility.** 🎧 Listen now on Apple, Spotify, YouTube, or wherever you get your podcasts. #PrivisoLive #CyberSecurity #DigitalGovernance #MediaLiteracy #TechAccountability

The numbers are staggering: five weeks of production halted. Three major UK plants shut down. 5,000 businesses impacted across the supply chain. A projected loss of £1.9 billion. This isn't a hypothetical scenario—it's the reality Jaguar Land Rover faced following a Category 3 cyber-attack, with full recovery not expected until January 2026. In this week's episode of Priviso Live, Lyn, Stephen, and John unpack what this incident means for organizations everywhere—especially in South Africa, where cyber threats are rising but reporting remains dangerously incomplete. *Key insights we explore:* The IT-to-OT cascade: How an IT system attack triggered a complete manufacturing shutdown, demonstrating the critical convergence between information technology and operational technology. Supply chain vulnerability: When a single major player falls, thousands of dependent businesses face potential collapse—regardless of their own cybersecurity posture. The South African context: With only a fraction of security incidents being reported under POPIA, many organizations are underestimating their exposure and regulatory obligations. Historical lessons from Operation Aurora: Why the patterns we're seeing today were foreshadowed in 2009, but the scale and systemic nature of risk have fundamentally changed. *The bottom line?* Cyber risk is no longer just an IT problem—it's an enterprise-level crisis that demands board attention, supply chain mapping, and realistic worst-case planning. Are you prepared for a multi-week shutdown? Do you know your critical dependencies? Is your breach notification process ready? Listen now to understand what the Jaguar Land Rover incident means for your organization's cyber resilience strategy. 🎧 Subscribe on Apple, Spotify, YouTube, or your preferred platform. #CyberSecurity #SupplyChain #POPIA #RiskManagement #SouthAfrica

In this week's episode, we unpack: ✅ The F5 Breach Reality Check – Source code stolen, vulnerability intel compromised, and US regulators issuing emergency directives. If you run F5 gear (or your suppliers do), this is your wake-up call. We break down the immediate actions: inventory, logging, patching, and the vendor contract clauses you should've had in place yesterday. ✅ AI's Shadow IT Problem – Fresh data reveals 43% of employees are pasting sensitive work data—client info, internal docs—into AI tools without approval. It's not just awareness; it's a control gap. We discuss DLP guardrails, AI use registers, prompt-injection testing, and how POPIA compliance intersects with chatbot usage. ✅ When AI Safety Fails – The heartbreaking lawsuit against OpenAI following 16-year-old Adam Raine's suicide raises urgent questions about guardrail design, safety interventions, and legal liability. If you deploy customer-facing AI, age-gating and escalation protocols aren't optional anymore. ✅ History Matters: Giovanni Soro – Before Turing, before Enigma, there was Venice's master cryptanalyst in 1506. Soro built the world's first formal code-breaking bureau—complete with entrance exams, frequency analysis, and diplomatic cipher systems. His legacy? A blueprint for organised information security that endures today.

What happens when 40% of the world's computers are about to lose security support? Join Stephen and John on Priviso Live as they tackle the Windows 10 end-of-support crisis that's unfolding right now in October 2025. With hundreds of millions of devices still running an operating system that's about to stop receiving patches, are we witnessing the birth of the next Windows XP nightmare? But that's just the beginning. The hosts dive into a startling report from the Centre for Democracy and Technology revealing that teenagers are forming emotional—and even romantic—relationships with AI chatbots. With 19% of high school students reporting romantic relationships with AI and 42% using them for companionship, we're exploring uncharted territory. Is this harmless support or a concerning trend? The episode also examines Microsoft's innovative approach to cybersecurity leadership with their distributed Deputy CISO model, and unpacks the creepy new "Pixnapping" attack that's stealing data from Android devices without needing any special permissions. And for the grand finale? A brutally honest (and hilarious) breakdown of the Five Stages of Corporate Breach Grief—PR Edition. From denial and blame-shifting to the inevitable "stock price has left the chat" moment, Stephen and John expose the predictable playbook companies follow when responding to security incidents. It's comedy gold with a painful truth: the gap between what security teams know and what PR departments admit "could power a small city." Whether you're managing IT infrastructure, concerned about teen technology use, or just love hearing security professionals call out corporate doublespeak, this episode delivers insights, advice, and laughs in equal measure.

Think your organisation has until 2038 to worry about the next Y2K? Think again. The Year 2038 problem isn't just lurking in the future—it's already breaking systems today. Any software calculating dates beyond 2038, from 30-year mortgages to long-term infrastructure planning, could be falling over this bug right now. In Episode 56 of Priviso Live, Lyn, John, and Stephen tackle the critical intersection of legacy vulnerabilities and cutting-edge AI threats. We explore OpenAI's latest threat intelligence report, revealing over 40 networks using AI for malicious purposes—from sophisticated phishing campaigns to deceptive employment schemes. The scary part? Low-skilled criminals are now "punching above their weight" thanks to AI's force multiplier effect. We also dive into Google's massive Gemini Enterprise rollout and what it means for corporate security. When you're giving AI access to data across Box, Microsoft, and Salesforce, the productivity gains are real—but so is the attack surface. But here's where it gets fascinating: we travel back to Victorian England to meet Ada Lovelace, whose work on Charles Babbage's Analytical Engine laid the groundwork for everything we're grappling with today. She didn't just write the first computer program—she envisioned a future where machines could create art, process language, and be creative partners. Sound familiar? As we celebrate Ada Lovelace Day on October 14th, her "poetical science"—combining logic and imagination—feels more relevant than ever. 💼 Need expert guidance on security, risk, or ICT legislation? Contact Priviso Consulting at [email protected] #CyberSecurity #AI #ThreatIntelligence #AdaLovelace #Y2K38 #InfoSec #RiskManagement

Join Lyn, John, and Stephen as they celebrate one year of Priviso Live with an action-packed anniversary episode that cuts through the noise of cybersecurity, privacy law, and emerging tech threats. What You'll Discover: - The Johannesburg CCTV controversy comes full circle. Remember that heavy-handed by-law forcing residents to register private security cameras? We revisit what happened when citizens fought back—and won. - The UK's digital ID debate takes an authoritarian turn as the government dismisses 2.7 million petition signatures. - YouTube's massive $24.5 million settlement with President Trump raises uncomfortable questions: Are we creating a two-tiered content moderation system where power trumps policy? And what does this mean for platform accountability? - Closer to home, ransomware strikes a South African HVAC company, exposing the hidden risks in third-party vendors. We connect the dots between this attack and broader threats facing African government agencies, including urgent warnings about SARS eFiling compromises during tax season. But it's not all doom and gloom. - Kenya's pioneering digital credentials initiative offers a glimpse of how blockchain technology could revolutionise education verification across Africa, eliminating fraud while improving accessibility. Main Topic: Do phishing simulations actually work? We examine the surprising research on whether those fake attack emails make staff safer—or just more anxious. Spoiler: The answer depends entirely on how you do them. Subscribe to Priviso Live on Apple, Spotify, Samsung, iHeartRadio, or YouTube. For security, risk, or ICT legislation advice, contact [email protected]. Stay informed. Stay secure. Stay ahead.

When UK Prime Minister Keir Starmer announced a new national digital ID system on September 26th, he probably didn't expect 1.6+ million petition signatures in opposition within 24 hours. But that's exactly what happened. 🔍 This week, we dive deep into the controversy that has split opinion across Europe: From fake cellular towers in South Korea stealing subscriber data to emergency protests outside Downing Street – this episode tackles the most polarizing tech topic of our time. What we explore: Why Boris Johnson tweeted he'll "never accept" a government ID card How digital ID works brilliantly in Estonia and India – but created chaos in Vietnam The reality behind China's social credit system myths (spoiler: it's not what you think) Religious perspectives from Christianity, Islam, and Hinduism on digital identity systems Why 12 MPs called digital ID "deeply un-British" and a path to surveillance state 💭 The big question: Is digital ID the future of secure, efficient government services – or the foundation of technocratic control? Our hosts Lyn, John, and Stephen don't hold back in this heated debate. John dons his "tin foil hat" while Stephen argues politicians, not technology, are the real problem. Whether you're a privacy advocate, tech professional, or simply curious about the digital future being built around us – this episode will challenge your assumptions. #DigitalID #Privacy #CyberSecurity #Technology #Government #PrivisoLive

*"AI Intelligence, Virtual Ministers, and the Evolution of Cyber Threats"* This week, Lyn, John, and Stephen dive deep into the most fascinating AI developments reshaping our digital landscape. From groundbreaking government experiments to concerning privacy revelations, Episode 53 explores how AI is fundamentally changing everything we thought we knew about technology, security, and society. *🍎 Apple's Privacy Paradox* - New research reveals Apple Intelligence collects far more data than initially disclosed, challenging the tech giant's privacy-first narrative *🇿🇦 SA Cybersecurity Success Story* - How AI-powered security tools are dramatically reducing data breach costs across South Africa, offering hope for the continent's digital transformation *⚡ ChatGPT Under Attack* - Sophisticated criminals target OpenAI's Deep Research feature in a server-side data theft campaign that should concern every organization *🎵 The Million-Dollar AI Artist* - Xania secures a multimillion-dollar record deal, marking a watershed moment for artificial creativity and raising fundamental questions about human value in creative industries *🏛️ World's First Virtual Minister* - Albania appoints an AI system to handle citizen services, pushing the boundaries of democratic governance into uncharted territory *🔒 InfoStealer Surge* - The alarming rise of sophisticated malware campaigns specifically targeting South African organizations *Essential listening for cybersecurity professionals, IT leaders, and anyone navigating our AI-driven future.* #PrivisoLive #AI #Cybersecurity #SouthAfrica #Privacy #Innovation #Technology #Podcast

From AI-powered cyberattacks to governments elected via Discord – this week's tech landscape is wilder than fiction. **🔍 What's Inside:** **🌍 Africa Under Siege:** The continent faces 3,239 weekly cyber attacks per organisation – the highest globally. With education sectors hit hardest at 4,178 incidents weekly, and South Africa seeing a 26% spike, the digital battleground is intensifying. **🤖 The s1ngularity Attack:** Witness the first documented case of AI-weaponised malware. This sophisticated supply chain attack compromised millions of developer machines, exposed 6,700 private repositories, and demonstrated how artificial intelligence is revolutionising cybercrime. **🏛️ Discord Democracy:** Nepal just made history by electing their interim Prime Minister through a gaming chat app. Over 7,700 votes cast on Discord selected former Chief Justice Sushila Karki – marking the world's first internet-native political revolution. **🎬 Hollywood's AI Gamble:** OpenAI backs "Critterz," an animated feature aiming for Cannes 2026. Nine months, under $30 million – versus the traditional three years and massive budgets. Is this filmmaking's future or just faster mediocrity? **🏆 AI Darwin Awards:** From Taco Bell's drive-through disasters to lawyers citing non-existent cases, we celebrate 2025's most spectacular AI failures. Because apparently, we needed formal recognition for breathtakingly bad AI decisions. **💼 Skills Revolution:** The World Economic Forum reveals that by 2030, creativity and systems thinking will trump traditional academic skills. Are we witnessing the death of the exam-based education system? Join Lyn, John, and Stephen as they dissect the week's most fascinating developments in ICT legislation, cybersecurity, and AI governance. 📧 *Need security advice? [email protected]* #CyberSecurity #ArtificialIntelligence #DigitalTransformation #TechPodcast

From devastating supply chain attacks to China's baffling firewall blackout, and the human toll of South Africa’s retrenchment crisis—this week’s Priviso Live dives deep into the security stories shaping our digital and economic reality. 💥 We unpack the SalesLoft/Drift compromise—a breach that exposed sensitive data across platforms like Salesforce, hitting even cybersecurity giants. What went wrong, and how did Okta dodge the bullet? More importantly: what should you be doing about your SaaS integrations and OAuth tokens? 🔐 Then we tackle Microsoft’s silent shift to passwordless logins, China’s 74-minute HTTPS shutdown, and a sobering look at the retrenchment wave sweeping South Africa—291,000 estimated job losses and the ethical challenges of implementing security controls during organisational exits. 💡 Whether you're a CISO, a compliance officer, or just want to stay ahead of the curve in AI, risk, and information security—this episode is packed with actionable insights and regulatory perspective. 📱 Listen now on Apple, Spotify, Samsung, or YouTube. 🔗 [Insert Link] #PrivisoLive #CyberSecurity #SupplyChainAttack #POPIA #Retrenchments #ZeroTrust #OAuth #RiskManagement #SouthAfrica #ICT #AI #DriftAttack

We've reached a milestone! Our 50th episode tackles the most pressing cybersecurity threats facing South African businesses today. Key Highlights: 🚨 Facebook Marketplace Violence: The shocking Midrand shootout reveals how criminals exploit trusted platforms for kidnapping and armed robbery. Police stations now offer safe trading zones - use them. 🤖 AI-Powered Ransomware: ESET discovered "PromptLock" - the first ransomware using OpenAI's models to generate adaptive attacks in real-time. Traditional EDR solutions struggle against this shape-shifting threat. 💳 Banking Innovation: Standard Bank's virtual credit cards with 100% fraud refunds signal a new era in digital payment security, though consumer vigilance remains crucial. 📊 Alarming Statistics: Ransomware attacks jumped 34% year-over-year in 2025, with South Africa facing 2,113 cyberattacks per organization weekly. Major SA companies including MTN, ABSA, and SAA have been targeted. 🌍 Continental Progress: Zambia and Somalia's new cyber laws show Africa is taking digital security seriously, creating both opportunities and compliance challenges for businesses. Bottom Line: Cybersecurity isn't someone else's responsibility - it's everyone's. Current threats are just the beginning of an AI-driven security landscape. 🎧 Listen on Spotify, Apple Podcasts, or YouTube 📧 Contact: [email protected] #Cybersecurity #SouthAfrica #AIThreats #DigitalSafety

🚀 This week's tech stories: 💰 Microsoft's Pricing Revolution - Say goodbye to volume discounts. From November 1st, everyone pays the same rate for Microsoft 365, Teams, and Exchange Online. Enterprise IT leaders, your renewal deadline is approaching fast. 🛡️ Netstar's Brave Stand - When ransomware hit South Africa's vehicle tracking giant, they refused to pay. Two months later, 2 million customers' data was leaked on the dark web. A stark reminder of why incident response matters. 🌌 AI in Space - China's Wukong AI just supported a 6½ hour spacewalk aboard the Tiangong space station. While NASA focuses on conversation, China's building tactical AI for navigation and operations. 🎵 The Band That Never Was - Meet Velvet Sundown, the "retro band" with millions of streams that turned out to be an elaborate AI hoax designed to test our digital skepticism. 🔐 Plus: The 1986 hack that started cybersecurity, and why the CIA's Kryptos sculpture remains uncracked after 30 years. Ready for your weekly dose of ICT insights? Listen now on all major platforms. #Cybersecurity #AI #TechNews #PrivisoLive

This week's episode covers critical cybersecurity and AI developments every South African Information Security professional should know about: 🔐 Security Alert: A sophisticated phishing campaign is fooling users by replacing URL slashes with Japanese characters that look identical in certain fonts. These homoglyph attacks targeting Booking.com customers remind us to always inspect links carefully before clicking. 📱 POPIA Investigation: Truecaller faces scrutiny in South Africa for potential privacy violations, including labelling legitimate business numbers as spam and non-consensual data uploads. This case could set important precedents for global platforms operating under POPIA. 🏠 Johannesburg CCTV Victory: The city is repealing its controversial by-law requiring private CCTV registration after fierce legal opposition from property owners and civil rights groups. 🤖 AI Reality Check: Fresh research shows GPT-5 is easily "jailbroken" and scores poorly on enterprise security metrics, while computer science graduates face 6.1% unemployment as AI transforms the job market. 💡 Special Feature: Deep dive into Alan Turing's extraordinary legacy—from Bletchley Park codebreaking to the foundations of modern AI and computing. Essential listening for anyone navigating today's digital landscape. #Cybersecurity #AI #Privacy #POPIA #DataProtection #Priviso

In our Women’s Day special, we bring you the latest on ICT legislation, cybersecurity, risk, and AI – straight from Johannesburg. Lyn, Stephen, and John unpack the biggest developments shaping South Africa’s digital landscape. 💡 This week’s highlights: 🔹 South Africa’s First Cybersecurity Warranty – BUI launches Cyber MXDR with up to R1 million in breach or cyber extortion cover, plus forensic, legal, and PR support. We explore why this could redefine local cyber defence – and why eligibility hinges on basic cyber hygiene. 🔹 Browser-in-the-Browser Facebook Scam – A sophisticated phishing technique using fake CAPTCHAs and flawless login overlays. Over 500,000 exposure attempts logged globally – we break down how it works and how to spot it. 🔹 The Kiffness Royalties Hack – Inside a real-world case of database tampering that nearly diverted artist royalties. We examine insider threats and the urgent need for stronger change controls. 🔹 Microsoft’s AI Job Impact Study – Analysis of 200,000 Bing Copilot sessions reveals which roles AI is already reshaping – from translators to sales reps – and why augmentation, not replacement, is the current reality. 🔹 SANS AI Security Guidelines – Practical steps for securing AI systems against data poisoning, prompt injection, and model tampering. We cover governance, zero-trust principles, and why safe adoption beats avoidance. From cutting-edge defences to evolving threats, Episode 47 is packed with insights every business leader, IT professional, and policy-maker should hear. 📺 Watch on YouTube | 🎧 Listen on Apple, Spotify, iHeartRadio, or Samsung Podcasts. 📩 For security, risk, or ICT legislation advice, contact Priviso Consulting at [email protected]. #CyberSecurity #AI #RiskManagement #InformationSecurity #PoPIA #SouthAfrica #WomenInTech #PrivisoLive #DataProtection #AIethics #DigitalTransformation #CyberAwareness #InfoSec #AIsecurity #TechTrends

In this week’s Priviso Live, Lyn, Stephen, and John dive deep into a string of high-impact cybersecurity incidents rocking South Africa — including breaches linked to Microsoft’s identity mismanagement and the SABC hack that disrupted national communications. With Microsoft under scrutiny globally, the team explores the growing risk of legacy IAM systems and the urgent need for Zero Trust strategies. But that’s not all. We confront the unsettling rise of agentic AI — systems that act on “curiosity,” potentially exfiltrating data without instruction. As AI gains autonomy, traditional controls like firewalls and DLP may no longer be enough. A silver lining? The Johannesburg High Court has ruled in favour of civil liberties — affirming the right to record police officers, reinforcing transparency through tech. And we celebrate Durban-born AI pioneer Dr. Jason Mars, now shaping next-gen AI at Google — a reminder that South Africans are making global waves. Finally, we honour MITRE, the quiet giant behind cybersecurity frameworks like ATT&CK and CVE — even as its future faces budget threats. #cybersecurity #AI #ICTlaw #PrivisoLive #infosec #ZeroTrust

Has there ever been a week in which South Africa was so affected by Information Security? So much so that this entire episode just focuses on news, news, news. Here’s what we covered and why it matters: ✅ Landmark Child Protection Court Ruling We unpack a historic Johannesburg High Court decision compelling Meta to hand over identifying data tied to child exploitation accounts. A wake-up call for platforms and a critical reminder for security teams: legal compliance and incident response are inseparable. 📉 Trump Tariffs & InfoSec Are U.S. tariffs on SA exports a cybersecurity issue? Indirectly, yes. Economic strain often fuels fraud, and reduced budgets may limit cybersecurity investments. Practitioners and executives alike should prepare for constrained resources. 💥 SharePoint Vulnerabilities & Chinese APTs Over 400 global organisations — including South African entities — were hit by exploits targeting SharePoint. This segment offers a deep dive into CVEs, attacker TTPs, and hardening guidance. Essential listening for any IT administrator. 🕵️ APT41 Espionage in Africa Kaspersky’s discovery of a stealthy campaign against an African government highlights the risks of under-patched systems and poor privilege management. 📊 COMRiC’s Telecoms Cybercrime Report R5.3 billion lost annually to telecom fraud, with SIM swap and SIM box attacks rampant. Stronger identity controls and public awareness are essential. 🛠️ Matanbuchus 3.0 & Fake Support Attacks An elite loader returns, with attackers using fake Microsoft Teams calls to gain entry. A timely reminder to train staff and secure remote support tools. 🛑 UK Moves to Ban Ransom Payments We analyse the UK's push to outlaw ransom payments in public infrastructure — a regulatory trend that could spread globally. #Cybersecurity #InfoSec #PrivisoLive #SharePoint #SouthAfrica #Ransomware #SIMSwap #APT #Matanbuchus #DataProtection #LinkedInLive

Birth rates worldwide are falling dramatically as online socialisation replaces human connection. And then Grok releases Ani, a sexualised, flirtatious AI companion aimed squarely at teenage boys. So what are the risks? The team discusses. #Priviso #PrivisoLive #Security #Risk #AI #aicompanion

What happens when AI intelligence supersedes our own? Roman Yampolskiy thinks he may know. #Priviso #PrivisoLive #Security #InformationSecurity #AI

One life: scandalise 1930s society by appearing nude in a film, escape Nazi Germany to Hollywood, become known as the most beautiful woman in the world, and then patent channel hopping, the obfuscating technology behind WiFi, Bluetooth, and other communication protocols. What a life. This was Hedy Lamarr. #InformationSecurity #ChannelHopping #Priviso #PrivisoLive

We have dozens of controls to protect digital content - but daily hardcopy walks out of the door, full of confidential information. The team discusses their experiences with Dumpster Diving. #Priviso #PrivisoLive #InformationSecurity #Security #DumpsterDiving

Now that a South African has been sentenced to jail under the Cybercrimes Act, we thought it opportune to discuss it and how it was relevant in this case. Trigger warning: we're flagrantly marketing a book on the Act, co-authored by one of our contributors. The book can be found here: https://juta.co.za/catalogue-details/the-cybercrimes-act-ebook_28930 #Cybercrimes #Priviso #PrivisoLive #CyberSecurity

Without even requiring user interaction on a phone, Pegasus: - Infects a target device, sometimes without any clicks (zero-click exploits via apps like iMessage or WhatsApp). = Accesses sensitive data, including messages, emails, photos, contacts, and calendar entries. - Activates microphones and cameras, enabling real-time surveillance. - Tracks location, silently and continuously. - Self-destructs if it detects it's being analysed. The team discusses the history and use of this hacking tool, as well as a commentary on the recent court sentencing of a South African cyber extortionist to eight years behind bars. And finally - are you ready for your AI companion? #Priviso #PrivisoLive #Security #InformationSecurity

While everyone has heard about the Dark Web, fewer people are familiar with The Onion Router (TOR), the browser used to gain access to it. The team discuss the history of TOR, as well as some famous associated cases. #Priviso #PrivisoLive #informationsecurity #Risk

This is a teaser for Priviso Live Episode 38! Join us as we discuss topical information security and ICT legislation news items, with a focus on South Africa. We also discuss the history and background of the Onion Router and those who were caught using it for criminal purposes.