Stern Security

05/08/2025

Spicy leadership + new beginnings 🌶️🎉
We celebrated Cinco de Mayo the best way we know how—team bonding over tacos, laughter, and a jalapeño challenge that brought the heat (shoutout to our CEO for setting the bar 🔥).

Even more special? It was the first day for our newest team member!
What a way to kick things off—with a full table, full hearts, and lots of chips.

Somewhere between bites, a great conversation came up:
Can you love being around people and still need space to recharge?

Especially in tech, where so many identify as introverts, we’re learning that the best teams are the ones that honor different energies—those who thrive in the buzz, those who shine in the quiet, and everything in between.

💡 Fun fact: Cinco de Mayo isn’t Mexico’s Independence Day—it celebrates the Battle of Puebla, an underdog victory. Fitting, right?

We’re celebrating thoughtful leadership, introvert-friendly workplaces, and this amazing crew.

How do you balance social energy and your need for solitude? Drop your thoughts below—we’d love to hear from you!

05/01/2025

A new study, “Refusal in Language Models Is Mediated by a Single Direction”, reveals something surprising: the way AI models say “no” to harmful requests is controlled by a single internal vector. Tweak it, and suddenly your safety system is off.

Researchers tested 13 open-source models and found that their refusal behavior—designed to block harmful instructions—can be turned off or inverted by changing just one direction in the model’s inner workings.

Real-World Risk: We've already seen organizations unintentionally overshare sensitive information with AI tools. Whether it's employee data or customer PII, once access and permissions are granted too broadly, it becomes difficult to contain exposure.

According to IBM’s 2023 AI Adoption Index, nearly 60% of organizations using AI haven’t implemented formal AI governance policies. That’s a wide open door for risk.

Imagine your security system has just one switch… and anyone who finds it can disable the entire alarm. That’s how fragile current refusal mechanisms in AI can be.

🙋‍♂️ Thought leaders and higher Ed are actively exploring how AI systems can remain both useful and safe. But the speed of deployment can’t outpace responsibility.

✅ Takeaway: As your org adopts AI tools, especially LLMs, test for more than just output accuracy—test for manipulation resistance.

#

04/18/2025

Keeping active is one of the best things you can do for your body and mind. Just a little movement each day can boost your mood and even lower your risk of things like dementia. Every bit counts!

Related article: https://www.pbs.org/newshour/show/how-exercise-may-be-the-most-potent-medical-intervention-ever-known

A recent study shows the benefit of being a middle-aged ‘weekend warrior’ who only exercises once or twice a week, writes Prof Devi Sridhar, chair of global public health at the University of Edinburgh

04/17/2025

Happy National High Five Day! 🙌 You’re the real MVP! Whether you’re holding down the fort at work, making someone smile, or just showing up every day. Tag someone who deserves a high five today and let’s spread some love and good vibes! Who’s someone that always lifts your spirits or has your back? Tag them below and give them a virtual high five! 👇👇💙

04/11/2025

💻🔒 Over 90% of data breaches are caused by human error. Don’t let mistakes be your downfall. Stay alert, stay safe, and secure the planet with Stern Security! What steps are you taking to protect your data? Share in the comments!

04/11/2025

Had a great time at the Third Party Risk Association (TPRA) Conference in Myrtle Beach! I joined an insightful panel on Metrics and Reporting in Third-Party Risk Management with Jennifer Wilkinson, Laura Arnott, and Andrew Moyad—expertly moderated by Julia Yuabov, Esq.

It was great reconnecting with colleagues like Julie Gaiaschi, Steve Cobb, Gregory Rasner, and many others. Always a pleasure to dive deep into third-party risk and hear the unique journeys of professionals in the space.

Also, shoutout to TPRA for the innovative digital badges—interactive, informative, and unlike anything I’ve seen before. Just another way the industry is leveling up.

04/04/2025

🔍 Fun Fact Friday
This week, we’re spotlighting 5 surprising cybersecurity facts that every professional should know.
Whether you’re in the field or just security-conscious, these insights highlight the evolving landscape of cyber threats and defenses. Let’s dive in.

04/02/2025

Google has recently put into place an update that allows End-to-End Encryption for Enterprise Gmails. It is currently in beta and is able to be used now.
Learn more: https://thehackernews.com/2025/04/enterprise-gmail-users-can-now-send-end.html

Gmail launches client-side E2EE beta on its 21st birthday, simplifying encryption and boosting admin control.

03/28/2025

Introducing Reconnaimate: The ultimate open-source tool for managing and automating pe*******on testing tasks! Streamline your workflow with dynamic scheduling, real-time process monitoring, and organized log management. Ready to level up your security ops? Click on the link to check out the new blog post: https://www.sternsecurity.com/blog/introducing-reconnaimate-advanced-process-management-for-pe*******on-testing/

03/28/2025

Ever wonder where the term ‘phishing’ came from? 🎣 It’s just like fishing—hackers use bait to catch sensitive info. Stay alert and don’t get hooked! 🛑 What are your tips for staying safe online? Share in the comments!