Welcome to your essential briefing on threats at the intersection of cybersecurity and critical infrastructure, brought to you by Neeve, the edge cloud security platform for smart buildings, making built spaces secure, intelligent, and sustainable.

This Week’s Cyber Insights

• 📊 CISA KEV Catalog Expanded 20% in 2025, Topping …

• 🤖 How AI Agents Are Turning Security Inside-Out

• ⚖️ Industrial Cyber Governance Hits Inflection Poi …

• 📰 Further Alerts & Insights

📊 CISA KEV Catalog Expanded 20% in 2025, Topping 1,484 Entries

CISA added 245 security defects to its Known Exploited Vulnerabilities list throughout AI agents created by no-code employees can execute business logic across finance, HR, CRM, and cloud infrastructure without passing through traditional SDLC, creating AppSec blind spots as these autonomous applications operate with high privileges and increasingly opaque behavior that looks indistinguishable from external compromise.

• Traditional AppSec models assuming static behavior break down as AI agents operate at runtime. Two agents with identical configurations can produce radically different outcomes based on input data or prompt changes, with small prompt tweaks altering execution paths as meaningfully as code changes.

• Organizations accumulate thousands of automations and AI agents that pull external data, call internal APIs, reason over documents, and take action in real time. If misconfigured, they can leak data, corrupt records, or trigger unauthorized workflows faster than external attackers without audit trails or clear root cause analysis.

• Continuous discovery becomes foundational requirement as agents appear quickly outside central pipelines while existing agents gain new capabilities without redeployment. Static application inventories become outdated almost immediately as data flows change without code changes.

• Security debt scales at machine speed as each agent introduces logic, permissions, and data paths that must be secured. Organizations face familiar vulnerabilities including unsafe input handling, injection paths through prompts or connectors, insecure API usage, excessive trust in external data, and weak validation between chained actions.

🤔 The Bigger Picture: 

Building automation systems running on older Windows platforms or using Fortinet, Ivanti, and SonicWall products face heightened ransomware risk as 24 KEV entries were exploited in attacks. Facility operators must monitor the KEV list for vulnerabilities affecting HVAC controllers, access control systems, and building management platforms, prioritizing patches for command injection and authentication flaws that could allow attackers to gain control of critical building infrastructure and disrupt operations.

Read the full article

🤖 How AI Agents Are Turning Security Inside-Out

Middle East technology market will reach $174.9 billion in 2026 with AI and cyber security as the biggest issues influencing strategy and spending, as AI transitions from experimentation to production-grade deployments across government, finance, and energy sectors.

• AI evolves from supplementary tool to foundational enterprise layer as organizations move beyond pilots. 34% already use AI and machine learning in IoT deployments, with agentic AI embedding into specific business processes rather than consumer-facing applications.

• Cyber security shifts from static defense to adaptive resilience as attackers use AI to enhance ransomware and phishing campaigns. Organizations leverage machine learning, generative, and agentic AI as foundational capabilities while cyber security teams face burnout from intensified threat landscapes.

• Sovereign AI emerges as strategic priority though definitions remain fluid. Key risk is whether regional investments can keep pace with global innovation, with datacentres becoming critical national infrastructure despite challenges around power consumption and sustainability.

• Talent landscape enters uncertainty as AI agents could reshape recruitment from hiring full-time staff to orchestrating hybrid human-machine teams, making market entry harder for new graduates despite high demand for AI and cyber security skills.

🤔 The Bigger Picture: 

If facility operators create no-code automations that access BMS credentials or sensor data, AppSec blind spots can arise in building automation systems that deploy AI agents for energy optimization or predictive maintenance. These agents can leak operational data, trigger unauthorized equipment changes, or corrupt building control records without passing through security reviews, requiring runtime behavioral monitoring and least privilege enforcement to prevent internal failures that escalate like external breaches.

Read the full article

⚖️ Industrial Cyber Governance Hits Inflection Point

Industrial cyber governance reaches tipping point as legacy models fail to keep pace with converging IT, OT, cloud, and AI-driven control systems, with regulatory pressure from NIS2, CISA guidance, and disclosure requirements assigning cyber risk accountability directly to boards and senior officers.

• Organizations shift from siloed governance to unified IT/OT risk councils where safety engineers and CISOs share common language of operational impact. Executive incentives are being tied to operational resilience metrics like Mean Time to Recover after cyber events rather than abstract compliance checkboxes.

• Quantified risk approaches link potential downtime, safety impact, and financial loss to capital planning, reframing OT security spending as risk mitigation with measurable business value. Next-generation governance translates technical vulnerabilities into "dollars and downtime" projections that resonate at board level.

• Mature organizations anchor on strong internal governance models then map regulatory obligations onto unified baselines rather than rebuilding programs around each new rule. This "comply-once, satisfy-many" framework focuses on fundamental security hygiene that naturally meets most global mandates.

• Human factors remain central as workforce training, operational discipline, and safety-first culture determine if governance structures result in actual resilience. AI-driven automation and algorithmic control expand systemic risk, requiring governance to balance innovation with secure-by-design principles.

🤔 The Bigger Picture: 

Building automation governance must evolve beyond compliance as converging IT/OT systems create scenarios where cyber incidents trigger safety events and environmental consequences. Facility operators should establish cross-functional Risk Committees integrating safety engineers with cybersecurity teams, tie resilience metrics to executive performance, and translate technical exposures like unsegmented building networks into projected downtime costs and occupant safety impacts that justify infrastructure investments at board level.

Read the full article

Further Alerts & Insights