Cyber Defense Magazine: How to Keep Your Organization Secure When Implementing Open-Source AI
Cyber Defense Magazine’s April issue featured insights from NetSPI Advisory CISO & Managing Director, Phil Morris, on how organizations can securely adopt open-source AI. He outlined key strategies including strong governance, cross-functional collaboration, employee training, and red teaming to help companies mitigate emerging AI risks while driving innovation. Read the preview below or view it online.
+ + +
As organizations integrate open-source GenAI models and tools to accelerate innovation and enhance productivity, executives and security leaders need to be aware of the inherent security risks these tools pose. To put this into perspective, in February 2019 there were a little more than 10,000 open models available on Hugging Face, the online AI open-source repository. As of mid-February 2025, there are nearly 1,500,000. That level of growth means an increased potential for bad actors to introduce vulnerabilities into your ecosystem if you are implementing, or plan to implement, open-source AI. To mitigate potential risks, there are steps companies should take in order to best protect against today’s latest threats. Let’s explore what those are.
You can read the full article here.
Authors:
Explore More News
AI’s Role in the Next Era of Pentesting
This article discusses how AI can accelerate penetration testing, but without human expertise to validate findings and apply business context, organizations risk confusing faster output with stronger security.
Why Continuous Security Validation is Becoming a Security Imperative
CTO Magazine interviewed NetSPI's Field CISO, Nabil Hannan, for a June 11, 2026, article about how cloud-native architectures, continuous deployment pipelines, APIs, and AI-assisted development have accelerated change across enterprise environments.
Canvas breach puts global education cyber risk in focus
ITBrief interviewed NetSPI's Field CISO, Nabil Hannan, for a May 24, 2026 article about a major data breach in Instructure's Canvas learning management system disrupting final exams at universities.