by Gary Mintchell | Mar 31, 2026 | Generative AI, News, Security
Several people involved with standards have shared with me the insight that the driving force for adoption of some of these will come from company boards due to insurance and risk management pressures. Therefore, I found this paper interesting looking at trustworthy AI from the point-of-view of risk management.
Høvik, Norway, 25 March 2026 – New research from assurance and risk management company DNV has identified the foundations to achieving trustworthy artificial intelligence in the context of safety critical industrial processes. According to the paper, Assurance of AI-Enabled Systems, established risk management principles can be adapted to meet the complexity and uncertainty of AI enabled systems. While AI introduces new risks, proven assurance methods from safety critical industries already provide a robust starting point for addressing them
The paper shows that AI reshapes risk because it does not operate as a fixed, predictable component. This makes traditional one‑time assurance insufficient, and highlights the need for continuous and adaptive assurance throughout the lifecycle
Christian Agrell, Programme Director for AI Assurance at DNV, said, “Creating trustworthy artificial intelligence does not require us to start from zero. We already have strong foundations in modern assurance and risk science and our long experience managing digital technologies in high‑risk environments. Applying these principles thoughtfully allows us to build systems that remain safe and reliable, even as they evolve. Trustworthy AI depends on predictable behaviour under uncertainty, and that is exactly what these foundations help deliver.”
The research draws on DNV’s decades-long assurance and risk management experience in critical infrastructure, including the maritime and energy sectors. The foundational principals to create trustworthy AI include:
- A system model that captures the entire AI-enabled system
- This model reflects how AI interacts with humans, digital and physical components, and its operational environment. It enables understanding of emergent behaviour, unintended interactions and context specific risks that cannot be detected by examining the AI component alone.
- Taking a modular approach
- A risk model, applying uncertainty-based assessment and modular risk principles to break down complex systems with their complex and emergent risks into manageable parts across system levels.
- Linking claims to evidence
- These structured arguments connect claims such as “the system is safe” to verifiable evidence, assumptions and rationale. This provides a transparent, auditable framework for demonstrating trustworthiness throughout the lifecycle.
- Continuous, context aware assurance that adapts as AI evolves
- AI-enabled systems change over time as models are updated, data shifts and operating conditions vary. To maintain trustworthiness, assurance must be ongoing rather than a onetime check. This includes real-time monitoring, regular updates to evidence, and reevaluating risks and requirements so that confidence in the system remains valid throughout its lifecycle
“These foundations give industry a clear, actionable way to build and maintain trustworthy AI. We are already working with companies that recognize the potential of AI, as well as the risks it can pose to the critical services they deliver. I urge more organizations to join us in addressing and managing the risks associated with artificial intelligence,” Agrell added.
The position paper is part of DNV’s broader work to help industry adopt AI responsibly and aligns with the company’s recommended practice (DNV‑RP‑0671) for AI assurance.
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Mar 27, 2026 | Enterprise IT, Security
The accumulation, retention, and analysis of data continues to provide an important foundation for digital transformation, as well as, providing a threat vector for malicious hackers. News from companies combatting the problem forms a core to any coverage these days. This news contains details about launch of another IT solution.
DH2i, a leading provider of always-secure and always-on IT solutions, announced the general availability (GA) launch of DxEnterprise v26.0 and DxOperator v2, featuring high availability (HA), disaster recovery (DR), and operational resilience capabilities enhancements for SQL Server deployments across Windows, Linux, and Kubernetes environments. Together, the releases introduce meaningful advances in availability group (AG) protection, security controls, observability, and automation for both traditional and containerized SQL Server deployments.
In today’s enterprises, a perfect storm has emerged where applications have become direct revenue channels, infrastructure complexity has increased while IT staffing has not, modernization initiatives are no longer optional, security and compliance requirements are tightening, and software update velocity has accelerated. Together, these forces expose the limits of traditional HA approaches. What once worked for small, static clusters no longer scales when SQL Server deployments span hybrid, multi-platform, and containerized environments that demand continuous availability, stronger safeguards, and higher levels of automation. DxEnterprise v26.0 and DxOperator v2 address these challenges head-on.
DxEnterprise v26.0 focuses on improving cluster resilience, visibility, and administrative confidence through enhanced monitoring, stronger safeguards against split-brain scenarios, expanded credential support, and platform modernization. DxOperator v2 extends those capabilities into Kubernetes environments, giving users greater control over scale, updates, and network configuration for SQL Server AGs running in containers.
What’s New in DxEnterprise v26.0
- Deeper SQL Server and Availability Group Intelligence
- Database-level health monitoring is now enabled by default, allowing faster detection of issues affecting individual databases within an AG
- Split-brain scenarios are prevented via automatic per-availability-group quorum enforcement by demoting or shutting down replicas when quorum requirements are not met
- Improved replica connectivity alerts provide real-time notification when replicas disconnect or when SQL Server replica configurations diverge from expected cluster state
- Improved Security and Credential Resilience
- Support for secondary SQL Server backup credentials enables automatic fallback if primary authentication fails, reducing downtime caused by credential changes or expirations
- Administrative sessions are automatically disconnected when the cluster passkey changes, ensuring only authorized users with current credentials retain access
- The DxAdmin user interface now includes clearer prompts, stronger validation, and improved feedback for passkey configuration
- Greater Stability and Observability
- Core monitoring services, including DxLMonitor, DxCMonitor, DxStorMonitor, and DxHealthMonitor, have received reliability and stability improvements to reduce unexpected restarts and improve overall cluster resilience
- Basic anonymous telemetry is now available to help improve product quality and diagnostics, with opt-out configuration for customers who prefer not to participate
- Platform and Usability Enhancements
- DxEnterprise’s Linux version now runs on the .NET 8.0 runtime, delivering improved performance, security, and long-term support alignment
- Virtual hosts can now be renamed using a new rename-vhost command, simplifying cluster management and reorganization
- Additional safeguards prevent accidental overwriting of existing data stores during SQL Server high availability virtualization
- Enhancements to DxCLI and DxPS improve command-line usability, including human-readable XML output and new PowerShell cmdlets
- The DxCollect utility now includes expanded command-line options for more targeted diagnostics and log collection.
What’s New in DxOperator v2
- Flexible Scaling Up and Down
- Availability group clusters can now be expanded or reduced dynamically
- Unlike the previous version, DxOperator v2 can safely de-configure and remove replicas from a running cluster, enabling true scale-down operations
- Automated Rolling Updates
- Administrators can automate rolling updates of SQL Server or DxEnterprise container images, allowing pods to be updated one at a time without manual intervention
- Updates can also be performed manually when desired, giving operators full control over rollout strategy
- DxOperator does not automatically check for new container versions, ensuring that administrators remain in control of when and how updates are applied
- Advanced Network and Service Configuration
- Flexible service templates allow load balancers and other network services to be fully specified and automatically deployed per availability group replica
- This enables more consistent connectivity across different Kubernetes environments and cloud providers
- Redesigned Custom Resource and StatefulSet Adoption
- The custom resource definition has been redesigned for greater flexibility and now leverages Kubernetes StatefulSets
- By delegating pod creation, storage allocation, and rolling upgrades to Kubernetes, DxOperator v2 simplifies internal logic while benefiting from native Kubernetes reliability and lifecycle management
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Feb 13, 2026 | Security
Dragos has more news coming next week. In the meantime, news of a collaboration with, who else for industrial software, Microsoft. How many Microsoft mentions squeezed into one sentence—Dragos brings proven energy and industrial cybersecurity, seamlessly deployed on Microsoft Azure, integrated with Microsoft Sentinel and readily accessible through Microsoft Marketplace.
Dragos Inc., a global leader in cybersecurity for operational technology (OT) environments, announced February 3, an expanded collaboration with Microsoft to help organizations modernize and secure their cyber-physical operations amid accelerating digital transformation, cloud adoption, and AI-driven change.
This collaboration focuses on integrating Dragos’s capabilities with Microsoft’s cloud and security platforms. By deploying the Dragos Platform on Microsoft Azure, integrating with Microsoft Sentinel, and enabling streamlined procurement through Microsoft Marketplace, organizations can more tightly align IT and OT security operations while adopting robust protections purpose-built for operational environments.
The collaboration addresses Microsoft customers’ on-premises OT security needs and enables Dragos to expand its cloud reach, creating deployment flexibility that serves customers’ diverse infrastructure strategies. Importantly, Dragos, a Microsoft partner, addresses a long-standing capability gap for organizations seeking to modernize operations without introducing unacceptable operational risk.
They provide a list of benefits:
- Unified IT/OT security operations through native integrations with Microsoft Sentinel Flexible deployment options across cloud, hybrid, and on-premises environments to support diverse infrastructure strategies
- Improved visibility into industrial assets, threats, and operational impact, enabling faster, more informed response
- Reduced procurement friction via Microsoft Marketplace and alignment with customers’ Azure consumption commitments
- A future-ready foundation for securing AI-enabled, connected, and automated operations
- This integrated approach enables organizations to accelerate cloud and AI initiatives while maintaining the safety, availability, and compliance requirements essential to cyber-physical environments.
Four integration pillars:
- Flexible Deployment Options—Beginning in Q1 2026, the Dragos Platform will support SaaS deployments on Azure, in addition to on-premises and hybrid models.
- Microsoft Sentinel Integration—OT-specific telemetry, threat intelligence, and asset context from Dragos flow directly into Microsoft Sentinel, enabling unified IT/OT detection, investigation, and response.
- Microsoft Marketplace Availability—Customers can procure Dragos through Microsoft Marketplace and apply Azure consumption commitments (MACC), aligning OT security investment with broader cloud and AI initiatives.
- Looking Ahead—This collaboration establishes a scalable foundation for continued innovation, enabling deeper technical integration and coordinated go-to-market execution as OT, cloud, and AI environments become increasingly interconnected. For customers, it provides a clear, future-ready path to secure modernization, establishing Dragos’s OT-native cybersecurity as an integral capability within one of the world’s most important enterprise technology ecosystems.
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Feb 4, 2026 | Generative AI, News, Process Control, Security, Software
This news came last week. Just as I was contemplating the business model of cybersecurity firms following another acquisition, this news of a new company launch with a unique take on security. This company will be interesting to watch. The news comes from Amsterdam concerning the launch of a company called Indurex. Naturally they have AI in their product offering and manage to work in an older term—cyber-physical systems.
The quick take: An AI-powered, human-in-the-loop platform that brings together process safety and cybersecurity, turning complex signals into trusted decisions for resilient critical infrastructure.
Indurex, a pioneering artificial intelligence (AI) and cyber-physical systems (CPS) security company, announced on January 27 its official launch to help protect critical infrastructure, smart manufacturing, and connected industrial operations. The company’s mission is to deliver robust, adaptive security solutions that safeguard both the physical and digital worlds as they increasingly converge.
Founded by a team of seasoned experts in operational technology (OT), cybersecurity, and process safety systems, Indurex enters the market at a decisive time. Operators across energy, utilities, and manufacturing sectors face mounting challenges from IT-OT convergence, cyber sabotage, and cascading system failures — putting both process safety and cybersecurity integrity under increasing pressure and exposing essential assets to unprecedented risk. Traditional tools, designed for isolated IT networks or legacy control systems, can no longer assure the level of operational, safety, and cyber integrity required in today’s highly connected industrial environments.
Industrial organisations continue to face a critical gap between process safety and cybersecurity, which are managed in disconnected silos. Existing tools generate high volumes of alerts without sufficient industrial or engineering context, leading to alert fatigue and a limited ability to assess real operational and safety impact. At the same time, a new class of AI-enabled and cyber-physical threats is emerging — capable of exploiting process behaviour, safety dependencies, and human workflows. Detecting and stopping these threats requires AI-native technologies designed for industrial systems, combined with human-in-the-loop intelligence to ensure explainability, trust, and effective decision-making.
Indurex bridges this gap with an AI-native, interoperable platform that unifies engineering context and cybersecurity intelligence — an approach the company defines as Engineering Cyber Intelligence.
This delivers measurable returns across three dimensions:
- Operational Excellence & Safety Integrity: Fewer trips and faster recovery through unified situational awareness and continuous assurance of Safety Integrity Functions (SIF)
- Cyber Resilience: Contextualized detection and response across digital and physical domains, aligned with operational and safety impact
- Cost & Compliance: Automated reporting and defensible evidence of risk, control maturity, and safety integrity across critical systems
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Feb 2, 2026 | Business, News, Security
I posted news last September that Mitsubishi announced plans to acquire cybersecurity firm Nozomi Networks. That acquisition is now complete.
The viability of all these cybersecurity firms as independent businesses has always sparked curiosity in me. The latest press release puts Nozomi revenues at about $100M. Not a sizable business by today’s standards. But their product certainly hits a sweet spot of demand for customers. Boards and insurers increasingly pressure management to assure security.
An acquiring firm of a generalist technology will always face concerns from companies who don’t use their products. Will we be phased out unless we switch suppliers. These concerns are addressed. Nozomi Networks assures customers it will be operating independently as a wholly owned subsidiary delivering vendor‑agnostic OT/IoT cybersecurity solutions to its global customer and partner community.
From the news release:
Nozomi Networks announced January 27, 2026 that Mitsubishi Electric Corp. has completed its acquisition of the company. Originally announced on September 9, the transaction marks the start of a new phase of growth for Nozomi Networks while preserving the company’s independent operations, vendor‑neutral technology roadmap, and established go‑to‑market partnerships. As a wholly owned subsidiary, Nozomi Networks will continue to support the full OT/ICS ecosystem with the same open, multi‑vendor approach that has made it a trusted partner to critical infrastructure operators worldwide.
I’m not sure how a company knows the financial details of its privately held competitors. But Nozomi Networks states it is also the first privately held OT cybersecurity company to achieve sustained cash flow and break‑even performance – further underscoring the strength of its model, the durability of its platform, and the confidence organizations place in its independent, vendor‑agnostic approach.
Other notable milestones the company achieved in 2025 include:
- Significant new and expanded partnerships with global technology leaders including Schneider Electric, Hitachi Cyber, Nvidia, Dispel, and Xona
- 24% employee headcount growth
- Among the fastest growing companies in North America on the 2025 Deloitte Technology Fast 500
- Named to Fast Company’s World’s Most Innovative Companies 2025 list
- Named a Leader in the Gartner Magic Quadrant for CPS Protection Platforms and is a Leader in the Forrester Wave for IoT Security, as well as the only recognized Customers’ Choice in Gartner’s Voice of the Customer for CPS Protection platforms
- Recognized by Gartner as “The Company to Beat for AI in CPS Protection Platforms”
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Jan 20, 2026 | Security
Ransomware continues to grow as a threat to manufacturing firms of various sizes according to this new report from the GuidePoint Research and Intelligence Team (GRIT). It reveals a 58% YoY increase in ransomware victims as record activity becomes the new norm.
GuidePoint Security announced January 15 the release of the GuidePoint Research and Intelligence Team’s (GRIT) annual Ransomware & Cyber Threat Report.
The GRIT 2026 Ransomware & Cyber Threat Report provides exclusive in-depth research, insights and analysis on a year of record-breaking ransomware activity, examining who cybercriminals are targeting (and why), the top tactics threat actors are using and how shifting ransomware group dynamics are redefining the threat landscape.
“The GRIT 2026 Ransomware & Cyber Threat Report shows the most active year for ransomware we’ve ever recorded, revealing a 58% year-over-year increase in ransomware victims,” said Jason Baker, Lead Threat Analyst at GuidePoint Security. “While law enforcement disruptions have reshaped the Ransomware-as-a-Service (RaaS) ecosystem, group fragmentation is driving new patterns of high-volume, repeatable operations, pushing overall activity to record-breaking levels. The rise of Qilin as the most active group we’ve ever tracked — surpassing even LockBit at its peak — underscores how the ecosystem is evolving. For organizations, well-resourced defenders, proactive vulnerability management and real-time threat intelligence will be critical for mitigating risk in the year ahead.”
Findings from this year’s report include:
- Ransomware victim numbers hit a new all-time high. 2,287 ransomware victims were posted in Q4 2025 alone — the largest number recorded in a single quarter since the report’s inception.
- The number of threat groups has reached record levels. 124 distinct ransomware groups were active in 2025, the highest ever recorded and a 46% year-over-year increase.
- The United States remains a top geographic target for ransomware attacks. In 2025, more than half (55%) of ransomware victims were based in the U.S.
- A new RaaS leader has emerged. Qilin’s activity levels in 2025 were the highest of any group ever observed.
- The Manufacturing industry was most heavily impacted by ransomware, accounting for 14% of attacks. The Technology (9%) and Retail/Wholesale (7%) industries followed closely behind.
- High ransomware activity levels should continue in 2026. December 2025 was the most active month for claimed ransomware victims on record with 814 successful attacks — a 42% year-over-year increase.
The report also explores the growing use of AI in ransomware attacks, examines the impact of zero-day vulnerabilities on ransomware and takes an in-depth look at major ransomware operators throughout the year, including an analysis of ransomware payments made to the Qilin and Akira groups.
The GRIT 2026 Ransomware & Cyber Threat Report is based on data obtained from publicly available resources, vendor threat research, internal incident response case data and open-source intelligence collected from illicit forums and marketplaces.
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
