Your VP of Sales forwards you an email at 5pm. Subject: "Vendor Security Assessment : Please Complete by Friday." You open the document. 120 questions. Section 8: "AI/ML Security Controls" : 47 questions you've never seen before. "How do you prevent prompt injection attacks?" "Have you conducted third-party red teaming on your LLM?" "What controls prevent sensitive data leakage through AI outputs?" You write vague answers. Procurement comes back with follow-ups. The deal s

What Happened in the CISA ChatGPT Incident? In August 2025, Madhu Gottumukkala, the acting director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), uploaded sensitive government documents marked "For Official Use Only" (FOUO) to the public version of ChatGPT. CISA's automated security systems immediately triggered multiple alerts, launching a Department of Homeland Security investigation. CISA ChatGPT Incident Key Facts: Who : Acting CISA Director Madhu G