ZeroBull$ec - Issue #04

Let's make technology simple

Author

Rohan Wickremesinghe
October 24, 2025

Editors note 

I must confess when we write these issues we are challenged with what to write next. Technology is running at such a fast speed I feel like I am running at sprint speed for an ultramarathon.

Each month we are seeing new AI tools (in virtually everything we do), and continuous advancements in AI models and what they can do.

We just literally in the last few days saw the release of OpenAI’s ChatGPT Atlas. Is this going to be a game changer in how we surf the web

or is it going to be the next security nightmare?

We are also hearing about the loss of jobs and the world is doomed as we start to see the emergence of Artificial General Intelligence (AGI) and the early signs of Artificial Super Intelligence (ASI).

Are we going to have a point where the computers shrug their shoulders and go we don’t need you - buzz off I will make my own decisions.

Some experts argue this is as little as 3-5 years away.

Suddenly do we have the emergence of the 1980’s SkyNet Super AI - from the Terminator?

Let’s educate not criticize

I have been attending a lot more meetups with other founders, business owners, and also perusing online to see that the vibe is when it comes to speaking about technology and subsequently when it comes to security.

I have similar discussions with our clients, Partners and Teams.

There is a lot of educative content online when it comes to cybersecurity, but the standout comments that keep coming up are.

Misuse of terminology

Too many acronym's

Information overload - stick head in sand

You don’t understand - stay in your lane

I am an expert - I have worked X years in this field

There are some (not all) Technologists and Cyber Experts (either true or self-proclaimed - doesn’t really matter) that spend too much time berating other people for not knowing what they are talking about - or they are wrong.

There are some great experts in the field and there is so much content online for anyone to get started, but the information overload makes it overwhelming and often scary.

This is where guidance and structure is often required.

It doesn’t help when you ask a question on Quroa or Reddit or FB - and you get berated for being stupid.

People then feel scared to ask questions for fear of being berated by a supposed security extraordinaire of 30+ years.

This sort of peacocking is truly frustrating and there is clear evidence of a lack of training and coaching that is going on when it comes to these fields.

Technology Risk and Cybersecurity are massive solar systems and it is truly impossible for one or several individuals to be masters of everything.

There are a lot of people in corporate, medium to small businesses that are overwhelmed by the demands of technology - and we haven’t even gotten to cybersecurity or technology risk principles.

Simplification of terminology is a must as it is adding to the confusion. Here are just a few I know but also saw come up when talking and researching.

Do you know what they all mean?

SIEM, FAANG, MDR, IDR, IVR, EDR, MTTA, MTTR, PCR, PIR, NIIST, GRC, GDPR

Some of these we all know, but quite a few I had to look up.

It doesn’t matter who you are - you have a tech risk and cyber responsibility.

Why? - you are most likely online in some fashion (unless you live under a rock). Even then I am sure that rock has free WIFI.

Chances are your failure to act in a safe and secure manner online will likely impact more than just you, whether its your family or your business.

Everyone has something to learn.

Everyone has something to teach.

Both need to listen.

Interesting stuff

Stuff to think about over coffee

  • Cyber Literacy - Boards need to level up or risk not being able to make credible decisions - this should have happened yesterday

  • You will get breached. If you don’t think you will then you are naïve - The GCHQ (UK) Chief issued a blunt message: “attacks will get through” — urging companies to strengthen cyber-resilience, have contingency plans, and ensure boards include cyber-literate voices.

  • VPN’s are not as safe as we think - Multi stacked security is a minimum requirement - A major vulnerability in SonicWall SSL-VPN devices is being actively exploited by the Akira ransomware group for initial access

  • Security in the supply chain - game changer for Cyber Fighters - The move to embed security into AI development is accelerating: Snyk is leading the push to make AI security part of the innovation process, not an after-thought.

  • Tools like Lovable, Bolt, V0, Cursor are changing the game when it comes to shipping code quickly. We are seeing a significant rise in the amount of hybrid coders levelling up with these tools

This weeks myth

“AI knows everything.”

AI models don’t “know” — they predict. They’re pattern machines, not prophets. They sound confident even when they’re wrong, so treat them like a very smart intern, not an oracle.

Interesting Reading

Jaguar LandRover - Third Party Supply Chain Compromise

AI Security - Using AI to Fight Back

The Future of Cloud Adoption - The next phase of AI Infrastructure

Thank you for joining our community as we look to share practical and thought provoking topics when it comes to technology and security.

We want these newsletters to be soundbites for consideration - not essays you won’t read.

If you haven’t already Click the signup button to subscribe and get the latest newsletter directly to your inbox.

We will do our best to provide well researched and tested theories. Please comment, agree, disagree, or share your own experiences.

We want this to be a safe space to share any opinions with the object of true learning and experiences.

Many thanks

Rohan