Welcome back. Frontier artificial intelligence models are challenging some longstanding beliefs about how to make organizations secure. At Visa, it’s forcing a complete rethink of cyber resilience.

After testing Anthropic’s security-focused Mythos model, through the Project Glasswing cybersecurity initiative, the payments giant, along with fellow project participants, found that AI systems could identify individual vulnerabilities and instantly link separate, minor weaknesses into viable avenues of attack.

That led Visa to develop a metric called “Mean Time to Adapt,” which measures how quickly an organization identifies, triages and fixes vulnerabilities once discovered.

“It will shift the emphasis from finding issues to validating, prioritizing and fixing at a level of speed and automation to stay ahead of what will be machine-speed attackers,” Rajat Taneja, Visa’s president of technology, told WSJ Pro’s James Rundle.

Read the full story here. 

Also today:

• CISA issues new high-risk directive
• ServiceNow flags software bug
• China-linked botnets regroup

A covert China-linked network of botnets is undergoing a resurgence, according to cybersecurity researchers at Black Lotus Labs. The network, known as JDY, has expanded to include roughly 1,500 compromised devices, up from 650 in 2024, the researchers said. It "operates as a centrally controlled, high-performance scanner to discover, fingerprint and map exposed services at scale," they said. (The Hacker News)

LONDON—Shell is speeding up its use of artificial intelligence in a range of projects that include geologic exploration, equipment monitoring and vetting executive decisions.

The oil giant has used various forms of AI for years but new models are bringing big change, said Chief Executive Wael Sawan, speaking Wednesday at the WSJ CEO Council Summit.

“We fundamentally believe we need to move at a different clock speed than we have historically,” he said. “Every team is coming up with their strategy to be able to do that.”

That includes Shell’s C-suite executives, who are going through AI training and turning the technology on their own decisions.

One project measures “decision quality,” Sawan said. AI tools look at the track records of Shell’s investments, including returns and risk profiles. The idea is to “red team” potential investment opportunities, he said, referring to a concept in cybersecurity where outsiders test the strength of defenses for what could go wrong.

“We don’t want that capability to sit only with our IT folks,” he said.  

— Kim S. Nash

• Candescent appointed Thomas Hill to lead the intelligent-banking firm's cybersecurity team. Hill, a cyber industry veteran, was most recently CISO at cloud-banking provider nCino.
• GitLab named Chaim Mazal as its new CISO, overseeing the software development platform's global security organization. Mazal joins the company from cybersecurity firm Gigamon, where he served as chief AI and security officer. 
• Infoblox, an information-technology and cybersecurity company, appointed Henrik Smith as its new CISO, charged with strengthening security strategy and cyber resilience, the company said. Smith has held cyber leadership roles at Amazon.com, Salesforce and AWS.

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten and James Rundle. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.