https://511d98a7.spoiledlunch.pages.dev/Nerdy Stuff. Tech Talk. Zero Freshness. Analysis and commentary on GRC, security, and AI.Hugo 0.160.1en-usFri, 24 Apr 2026 08:30:00 -0400https://511d98a7.spoiledlunch.pages.dev/articles/2026-04-24-ai-governance-gets-real-only-after-deployment/Fri, 24 Apr 2026 08:30:00 -0400https://511d98a7.spoiledlunch.pages.dev/articles/2026-04-24-ai-governance-gets-real-only-after-deployment/Article • April 24, 2026 • 2 min read | Topics: AI | The industry still talks about AI governance like the hardest part is agreeing on principles before launch. Recent work from NIST and OpenAI points to a different reality: the difficult part starts …SpoiledlunchAIai governancemonitoringnistsafetyhttps://511d98a7.spoiledlunch.pages.dev/articles/2026-04-24-why-visibility-is-becoming-a-hardware-security-problem/Fri, 24 Apr 2026 08:10:00 -0400https://511d98a7.spoiledlunch.pages.dev/articles/2026-04-24-why-visibility-is-becoming-a-hardware-security-problem/Article • April 24, 2026 • 2 min read | Topics: Security | Security teams still talk about hardware trust like it is a procurement checkbox, but recent NIST guidance points to a more embarrassing reality: many organizations are defending systems they cannot …SpoiledlunchSecurityhardware securityfirmwaremonitoringnisthttps://511d98a7.spoiledlunch.pages.dev/news/2026-04-15-nist-publishes-hardware-security-white-paper-on-firmware-based-monitoring/Wed, 15 Apr 2026 09:00:00 -0400https://511d98a7.spoiledlunch.pages.dev/news/2026-04-15-nist-publishes-hardware-security-white-paper-on-firmware-based-monitoring/News Brief • April 15, 2026 | Topics: Security | Summary: NIST published Cybersecurity White Paper 52, “Firmware-Based Monitoring for Bus-Based Computer Systems,” on April 15, 2026. The …SpoiledlunchSecurityNISThardware securityfirmwareforensicshttps://511d98a7.spoiledlunch.pages.dev/news/2026-04-15-nist-updates-nvd-operations-to-address-record-cve-growth/Wed, 15 Apr 2026 12:00:00 +0000https://511d98a7.spoiledlunch.pages.dev/news/2026-04-15-nist-updates-nvd-operations-to-address-record-cve-growth/News Brief • April 15, 2026 | Topics: Security | Summary: NIST is changing NVD operations to keep up with record CVE volume, signaling that vulnerability teams should expect continued prioritization …SpoiledlunchSecuritysecuritynistnvdvulnerabilitieshttps://511d98a7.spoiledlunch.pages.dev/news/2026-03-23-nist-releases-csf-2-0-quick-start-guides-for-erm-and-informative-references/Mon, 23 Mar 2026 09:00:00 -0400https://511d98a7.spoiledlunch.pages.dev/news/2026-03-23-nist-releases-csf-2-0-quick-start-guides-for-erm-and-informative-references/News Brief • March 23, 2026 | Topics: GRC | Summary: NIST announced two Cybersecurity Framework 2.0 quick-start guide updates on March 23, 2026. The agency released the final SP 1308 guide on …SpoiledlunchGRCNISTCSF 2.0ERMgovernancehttps://511d98a7.spoiledlunch.pages.dev/news/2026-03-19-nist-finalizes-revision-3-of-its-dns-deployment-guide/Thu, 19 Mar 2026 09:00:00 -0400https://511d98a7.spoiledlunch.pages.dev/news/2026-03-19-nist-finalizes-revision-3-of-its-dns-deployment-guide/News Brief • March 19, 2026 | Topics: Security | Summary: NIST published the final version of SP 800-81 Revision 3, “Secure Domain Name System (DNS) Deployment Guide,” on March 19, 2026. …SpoiledlunchSecurityNISTDNSDNSSECzero trusthttps://511d98a7.spoiledlunch.pages.dev/news/2026-03-09-nist-maps-the-hard-parts-of-monitoring-deployed-ai-systems/Mon, 09 Mar 2026 09:00:00 -0400https://511d98a7.spoiledlunch.pages.dev/news/2026-03-09-nist-maps-the-hard-parts-of-monitoring-deployed-ai-systems/News Brief • March 9, 2026 | Topics: AI | Summary: NIST published AI 800-4, “Challenges to the Monitoring of Deployed AI Systems,” on March 9, 2026. The report groups monitoring …SpoiledlunchAINISTAI monitoringAI governancestandards