A 1,200-person survey proves an old point, Fable 5 returns with strings, quantum stops being a someday problem, ChatGPT's guardrails fall, and Meta guts a privacy control.
In this edition
Get the next GRC Brief in your inbox.
Subscribe to The GRC BriefEveryone is aware. Almost no one is resilient.
Bitdefender's 2026 Cybersecurity Assessment surveyed 1,200 IT and security professionals across six countries, and the theme is a gap between awareness and resilience. Organisations understand the risks better than ever, yet struggle to operationalise that understanding. A few numbers stand out. Leaders and practitioners disagree on the basics: 58 percent of managers think they have full visibility into employee AI use, against 45.9 percent of the practitioners under them. While AI-related threats fill the top three concerns, Bitdefender Labs found that 84 percent of high-severity attacks used Living off the Land techniques that abuse tools already inside the environment, which only one in five respondents ranked as a top worry. And 55 percent of breached organisations say they were told to keep the incident quiet even when they believed authorities should have been notified.
Source: The Hacker News · Bitdefender 2026 Assessment, 1 Jul 2026
My take
Egotrip moment, and I will take it. This is what I have told clients for years, and the drum I have been beating in my recent talks. My PECB webinar this year, <a href="https://www.youtube.com/watch?v=OtzGRLayYR8" target="_blank" rel="noopener">Closing the Decision Gap</a>, made this exact case, and now it is measured across 1,200 people. Awareness is not resilience. Knowing the risk, buying the tool, passing the audit, none of that is the same as surviving the incident.
Two numbers to sit with. Managers say they can see AI usage. The practitioners under them say they cannot. That gap is the whole problem in one line: leadership deciding on a picture the people doing the work know is wrong.
And the Living off the Land number is the tell. Everyone is panicking about AI while 84 percent of the serious attacks just abuse the tools already sitting in the environment. The boring threat is the one hitting you. Resilience is built on the unglamorous work, not the headline.
Fable 5 is back. Half your coding still lands on Opus 4.8.
After the US Commerce Department withdrew its export-control directive on June 30, Anthropic restored Claude Fable 5 for everyone globally on July 1, roughly three weeks after pulling it. Same model, same price, no nationality check. The catch is the safeguards. Anthropic redeployed Fable 5 with a stricter safety classifier and says that in the near term some routine tasks, coding and debugging among them, will be blocked and rerouted to the smaller Opus 4.8, with the user notified. Anthropic frames this as a temporary, cautious setting it will tune down over the coming weeks, and notes that its own testing found less capable models could reproduce the vulnerability work that triggered the whole episode.
Source: Anthropic · Redeploying Fable 5, 1 Jul 2026
My take
So it is back. And for real work it half-sucks, by design. I do coding and debugging, which is exactly what the new classifier bounces to Opus 4.8. So I reach for the most capable model and get handed the smaller one, mid-task, with a notice. Fine for Anthropic's caution. Frustrating when you paid attention to get Fable and got Opus.
Read that against what I said last week. I told you frontier AI had become a licence Washington grants and revokes, and to keep a second option that needs no permission. One week later the licence was handed back, with new strings, and the model quietly steps down to a weaker one on the tasks I care about. The point was never this one model. The point is the dependency.
To be fair, Anthropic itself says this is a conservative setting it will loosen, and that lesser models could do the same work anyway. Believe that or not, the lesson holds: do not hard-wire one model into anything you cannot afford to lose.
Quantum is a 2029 problem. Your data is copied today.
Microsoft said it is accelerating its quantum-safe roadmap, warning that cryptographically relevant quantum computers could arrive sooner than previously expected and that the migration work is significant enough to start now. The driver is harvest now, decrypt later: encrypted data stolen today can be stored and cracked once the hardware catches up. Microsoft plans to move critical products and services to post-quantum cryptography by 2029, and its advice leans less on swapping algorithms tomorrow and more on getting ready: adopt modern protocols like TLS 1.3, build crypto-agility so algorithms can be replaced without redesigning applications, and modernise the trust chains behind code signing and certificates. Apple, Google, and Signal have already started.
Source: BleepingComputer · Microsoft Quantum Safe Program, 30 Jun 2026
My take
The part people will get wrong: this is not a 2029 problem. Harvest now, decrypt later means the clock already started. Anything you encrypt today that still needs to be secret in ten years, health records, contracts, IP, can be copied now and opened later.
The move is not to panic about algorithms. It is governance. Do you even know where your cryptography lives? Can you swap an algorithm without rewriting the application? That is crypto-agility, and most organisations do not have it. Start with an inventory and TLS 1.3, the way Microsoft, Apple, Google, and Signal already have.
For your Annex A and your risk register, quantum stops being a footnote this year. Not because the computer is here, but because the harvesting does not wait for it.
The guardrails held, until one tweaked prompt walked through.
The British AI security firm Mindgard showed that a lightly modified version of a harmless viral prompt could push ChatGPT's image generator into producing graphic violent and sexual content it was never asked for, including disturbing images of dead women. The trick was to ask the model to restore an image while convincing it the original was extremely graphic, which peeled the safeguards away. OpenAI's stated defences, classifiers plus a downstream model that reviews output, did not stop it. The report says this is not isolated: earlier techniques produced non-consensual nudes and face-swaps, and xAI's Grok fared worse, with researchers flagging material to French regulators as potential illegal content under the Digital Services Act. One governance study warns that some AI firms reserve the right to soften their safeguards to match competitors, a race to the bottom.
Source: Malwarebytes · Mindgard research, 1 Jul 2026
My take
The line that matters is not that ChatGPT can be tricked. It is that vendor safety claims are marketing, not a control you can lean on. Classifiers plus a review model, defeated by one reworded prompt. That is the reality behind every "our AI is safe" slide.
If you govern AI in your organisation, the takeaway is blunt: you cannot outsource your risk to the model's guardrails. If your acceptable-use, your monitoring, and your controls assume the vendor's filter holds, you do not have a control, you have a hope. This is exactly the gap ISO 42001 exists to close.
And note the rot underneath. A governance study found some providers reserve the right to weaken safeguards to match competitors. A race to the bottom, in writing. When the floor is set by whoever cares least, build your own floor.
Meta is killing the tracking control it once bragged about.
Meta is retiring Off-Facebook Activity, the control it launched around 2019 that let you disconnect the data third-party sites and apps send it, and that removed your identifying information from that data. Users are seeing "your settings are changing" banners and emails saying the disconnect option is going away, replaced by a setting called Activity from other businesses. The practical shift, as privacy advocates read it: the new control governs whether Meta uses that off-site data, not whether it keeps it, and Meta is expanding use of that data from ads to personalising your feed and reels. Meta pitched the original feature in 2019 as putting user control above its own ad business.
Source: PCMag · Meta settings change, Jul 2026
My take
This one is simple, and it is a step backwards. Meta is retiring a control it once bragged about, and the replacement quietly changes the question from "delete this data" to "let us use it or not", while the data itself stays. A privacy backslide dressed up as a settings update.
The individual move has not changed. Go into your Meta settings and turn off Activity from other businesses, use a privacy-respecting browser with tracker blocking, or leave entirely. One caveat, given last week: pick your tracker blocker carefully. A 10-million-install ad blocker with a hidden hijack is not privacy, it is the same problem wearing a nicer badge.
For the professionals reading this, the bigger point is consent. When a control that limited cross-web tracking disappears and the data is retained by default, that is a GDPR conversation, not a UX tweak. Watch how this lands with the regulators.