Blog EN

AI Trust Instead of Gut Feelings: Why AI Needs Verifiable Trust Architectures

natacha.suter@infoguard.ch (Natacha Suter) — Mon, 22 Jun 2026 08:00:02 GMT

Given the growing autonomy of AI systems, trust cannot be based solely on gut feelings. Companies need to know which AI systems are active, what permissions they have, and whether their results remain traceable. Traditional security and governance models reach their limits here. They were developed primarily for people, devices, applications, and known software processes.

API security: how to effectively protect interfaces from AI attacks

andreas.winet@infoguard.ch (Andreas Winet) — Mon, 15 Jun 2026 06:30:01 GMT

APIs form the digital nervous system of modern companies. They connect cloud services, AI applications, partner platforms and IoT systems and are therefore business-critical for availability and data flows. As the interface between systems, data and business processes, they are often insufficiently visible and controlled. As their importance grows, so does the attack surface, accelerated by AI.
This article shows you the most important risks of modern APIs, including a practical guide to improving your API security in a structured way.

Email spoofing: widespread misconfiguration in Exchange Online

estelle.ouhassi@infoguard.ch (Estelle Ouhassi) — Wed, 10 Jun 2026 07:07:29 GMT

Phishing, business email compromise (BEC), CEO fraud, ransomware - almost every major cyber campaign starts with an email. Accordingly, companies invest heavily in mail gateways, spam filters and protocols such as SPF, DKIM and DMARC.

InfoGuard Threat Intelligence Report Q2/26: Europe's cyber risk, Salt Typhoon & Iran's return

Mathias Fuchs — Mon, 08 Jun 2026 08:00:00 GMT

The geopolitical cyber situation has become much more acute in the second quarter compared to the report for the first quarter of 2026. Iran, Salt Typhoon, destructive OT attacks and autonomous AI systems make it clear that Europe's cyber risk is not only due to new attacks, but also to dependencies, exposures and detection gaps that are becoming increasingly difficult to see. An analysis of the most important shifts shows where and to what extent the situation has changed since Q1/26.

NIS2 guidelines for Swiss providers: How to implement it successfully!

michael.fossati@infoguard.ch (Michael Fossati) — Thu, 04 Jun 2026 09:45:00 GMT

NIS2 makes cybersecurity a question of proof. For Swiss providers with a presence in the EU, it is no longer enough to know security standards internally or to implement them selectively - they must also be able to provide EU customers, partners and competent authorities with reliable evidence. This raises the key question for these companies: Where is there a concrete need for action?

Shorter TLS cycles: Automated certificate management becomes mandatory

natacha.suter@infoguard.ch (Natacha Suter) — Mon, 01 Jun 2026 08:01:00 GMT

The end of long TLS certificate validity periods

Until now, TLS (Transport Layer Security) certificates were often valid for over a year. This gave IT teams enough time for manual renewal processes. But now this era is coming to an end. The CA/Browser Forum (CA/B), the body that sets the global standards for certificates, has officially voted to gradually and drastically shorten the validity period of TLS certificates.

Cyber threat intelligence: recognizing risk exposures before attackers do

Sandro Bachmann — Tue, 26 May 2026 08:00:01 GMT

Hypothetically speaking, where would you launch your attack as a cybercriminal? Definitely where the effort is low and the impact is high. Most attacks do not result from highly specialized individual operations, but from opportunities. Cyber criminals look for scalable entry points, automate the search and further exploit successful access points. This turns a compromised company access point into an exploitable entry point.

Data Sovereignty in the Cloud: Who else besides you knows about your Data Flows?

michael.fossati@infoguard.ch (Michael Fossati) — Mon, 18 May 2026 08:00:01 GMT

Companies are increasingly faced with the task of managing their data confidently in line with regulatory, strategic and operational requirements. From the CISO's perspective, data sovereignty is not just a compliance requirement, but a key lever for cyber resilience, risk minimization and the ability to respond to changing threat situations with agility.

Data sovereignty means ensuring full control over storage locations, access and processing - a key factor for transparency, risk reduction, compliance and digital independence.

Agentic AI: When autonomous AI systems become a safety risk

markus.limacher@infoguard.ch (Markus Limacher) — Mon, 11 May 2026 06:00:00 GMT

From privilege escalation and uncontrolled data exfiltration to systemic security vulnerabilities - Agentic AI not only expands opportunities, but also the attack surface. Recent incidents show: Agentic AI is not only an efficiency driver, but can also become a gateway for attacks and misuse. One example is the ServiceNow incident from January 2026 (CVE-2025-12420). A hardcoded, system-wide key enabled attackers to gain administrator rights via the Virtual Agent API.

Immunity myth: Linux in the crosshairs of malware and rootkits

Stephan Berger — Mon, 04 May 2026 08:00:01 GMT

Companies rely on Linux because this operating system is considered stable, performant and secure. This assessment is no coincidence: the architecture of Linux, the rights model and the strong open source community have helped to create a very robust operating system over decades. However, this perception has also given rise to the dangerous myth that Linux is practically immune to malware.