Melanie
@melaniehendrickx.bsky.social
Leading IS & AI GRC @ METRO AG | Cybrcon advisory
Currently working on AI governance & secure AI enablement, security assurance, NIS2, scaling IS GRC
📍Düsseldorf / Eindhoven
Currently working on AI governance & secure AI enablement, security assurance, NIS2, scaling IS GRC
📍Düsseldorf / Eindhoven
Just finished reading research on AI agent security. 94% vulnerable to prompt injection. 100% to multi-agent attacks.
And companies are putting these in production. I need a coffee. Or something stronger.
#infosec #AI #AIrisk #cybersecurity
And companies are putting these in production. I need a coffee. Or something stronger.
#infosec #AI #AIrisk #cybersecurity
an elderly woman wearing a cleveland state sweatshirt says i need a drink
ALT: an elderly woman wearing a cleveland state sweatshirt says i need a drink
media.tenor.com
December 3, 2025 at 2:36 PM
Just finished reading research on AI agent security. 94% vulnerable to prompt injection. 100% to multi-agent attacks.
And companies are putting these in production. I need a coffee. Or something stronger.
#infosec #AI #AIrisk #cybersecurity
And companies are putting these in production. I need a coffee. Or something stronger.
#infosec #AI #AIrisk #cybersecurity
A CFO asked me yesterday how much securing AI would cost. My reply? 15% more than you're spending on security now. At a minimum. And that's before possible incident costs. Fun conversation.
#CISO #CyberBudget #AIrisk
#CISO #CyberBudget #AIrisk
November 28, 2025 at 10:17 AM
A CFO asked me yesterday how much securing AI would cost. My reply? 15% more than you're spending on security now. At a minimum. And that's before possible incident costs. Fun conversation.
#CISO #CyberBudget #AIrisk
#CISO #CyberBudget #AIrisk
This action hero's aging process has sped up x10 since working in the industry. Or so my grey hair tell me
#cybersecurity #infosec
#cybersecurity #infosec
People often imagine cybersecurity professionals as action heroes intercepting malware, but is the reality as exciting or is it just a tedious, soul-draining job?
Cybersecurity Stereotypes
I feel like people have these superfluous assumptions of cybersecurity professionals vigorously typing on their laptops, intercepting malware, and shutting down threats. Is reality really that cool...
reddit.com
November 13, 2025 at 3:47 PM
This action hero's aging process has sped up x10 since working in the industry. Or so my grey hair tell me
#cybersecurity #infosec
#cybersecurity #infosec
Had to explain this 3 times this week. AI risk isn't a separate thing requiring a whole new framework. It's an extension of the risk management methodology already there.
Same process. New technology. Stop reinventing the wheel.
#cybersecurity #riskmanagement #aigovernance #infosec
Same process. New technology. Stop reinventing the wheel.
#cybersecurity #riskmanagement #aigovernance #infosec
captain america is standing in the woods with the words `` here we go again '' written on the screen .
ALT: captain america is standing in the woods with the words `` here we go again '' written on the screen .
media.tenor.com
November 13, 2025 at 3:31 PM
Had to explain this 3 times this week. AI risk isn't a separate thing requiring a whole new framework. It's an extension of the risk management methodology already there.
Same process. New technology. Stop reinventing the wheel.
#cybersecurity #riskmanagement #aigovernance #infosec
Same process. New technology. Stop reinventing the wheel.
#cybersecurity #riskmanagement #aigovernance #infosec
"What do we need to do to become compliant?"
Wrong question.
Right question: "What are we trying to protect and why?"
Everyone wants the checklist but there are few who actually want to think about the why.
#cybersecurity #aigovernance #grc #compliance
Wrong question.
Right question: "What are we trying to protect and why?"
Everyone wants the checklist but there are few who actually want to think about the why.
#cybersecurity #aigovernance #grc #compliance
November 13, 2025 at 10:37 AM
"What do we need to do to become compliant?"
Wrong question.
Right question: "What are we trying to protect and why?"
Everyone wants the checklist but there are few who actually want to think about the why.
#cybersecurity #aigovernance #grc #compliance
Wrong question.
Right question: "What are we trying to protect and why?"
Everyone wants the checklist but there are few who actually want to think about the why.
#cybersecurity #aigovernance #grc #compliance
Traditional GRC never died. It just got automated and renamed “AI agent".
AI Agents Mark the End of Traditional GRC
AI agents are transforming governance and compliance from slow, manual processes into real-time, autonomous systems. By eliminating data silos, automating risk assessments, and enabling multi-modal…
securityboulevard.com
November 5, 2025 at 7:24 PM
Traditional GRC never died. It just got automated and renamed “AI agent".
The chatbot did what? AI doesn’t need to leak data to hurt a business. This chatbot story is a governance failure, not a security one.
#AIGovernance #CyberSecurity
hackernoon.com/how-an-ai-ch...
#AIGovernance #CyberSecurity
hackernoon.com/how-an-ai-ch...
How an AI Chatbot Pushed a Client to Competitors | HackerNoon
Why companies lose loyal clients because of AI bots in support. What you should really pay attention to in support and marketing. Whoever understands this first
hackernoon.com
November 5, 2025 at 9:40 AM
The chatbot did what? AI doesn’t need to leak data to hurt a business. This chatbot story is a governance failure, not a security one.
#AIGovernance #CyberSecurity
hackernoon.com/how-an-ai-ch...
#AIGovernance #CyberSecurity
hackernoon.com/how-an-ai-ch...
EU member states just ran their first major crisis exercise under the new Cyber Blueprint.
Crisis-mode simulation vs reality. Are we truly ready for when the 💩hits the fan?
digital-strategy.ec.europa.eu/en/news/memb...
Crisis-mode simulation vs reality. Are we truly ready for when the 💩hits the fan?
digital-strategy.ec.europa.eu/en/news/memb...
Member States and Commission test collective cybersecurity crisis response
Today, senior cybersecurity officials from EU Member States and the Commission took part in the 2025 edition of the 'Blueprint Operational Level Exercise' (BlueOLEx), marking the first exercise since ...
digital-strategy.ec.europa.eu
November 5, 2025 at 9:04 AM
EU member states just ran their first major crisis exercise under the new Cyber Blueprint.
Crisis-mode simulation vs reality. Are we truly ready for when the 💩hits the fan?
digital-strategy.ec.europa.eu/en/news/memb...
Crisis-mode simulation vs reality. Are we truly ready for when the 💩hits the fan?
digital-strategy.ec.europa.eu/en/news/memb...
The irony of EU officials’ location data being sold while they draft new data protection laws is… something.
Journalists in Europe found it was "easy" to spy on top European Union officials using commercially obtained location data sold by data brokers, despite the continent having some of the strongest data protection laws in the world.
Phone location data of top EU officials for sale, report finds | TechCrunch
Journalists in Europe found it was "easy" to spy on top European Union officials using commercially obtained location data sold by data brokers, despite the continent having some of the strongest data protection laws in the world.
techcrunch.com
November 5, 2025 at 12:00 AM
The irony of EU officials’ location data being sold while they draft new data protection laws is… something.
Joined Bluesky to escape “LinkedInfluencers.”
November 4, 2025 at 11:52 PM
Joined Bluesky to escape “LinkedInfluencers.”