{"title":"Spoiledlunch","description":"Nerdy Stuff. Tech Talk. Zero Freshness.","subtitle":"Analysis and commentary on GRC, security, and AI.","articles":[{"title":"Why AI Governance Frameworks Are Security Theater","url":"/articles/2026-04-20-ai-governance-security-theater/","date":"2026-04-20","summary":"Why AI Governance Frameworks Are Security Theater Most enterprise AI governance frameworks are elaborate exercises in checkbox compliance that miss the actual risks. They\u0026rsquo;re …"},{"title":"The SOC 2 Compliance Cargo Cult","url":"/articles/2026-04-18-soc2-compliance-cargo-cult/","date":"2026-04-18","summary":"The SOC 2 Compliance Cargo Cult SOC 2 compliance has become a cargo cult ritual in enterprise security. Organizations implement the ceremonial controls, follow the prescribed …"},{"title":"When Zero Trust Meets Reality","url":"/articles/2026-04-15-zero-trust-meets-reality/","date":"2026-04-15","summary":"When Zero Trust Meets Reality Zero Trust promises to solve network security by eliminating trust assumptions. The marketing pitch is compelling: assume breach, verify everything, …"}],"news":[{"title":"NIST Publishes Hardware Security White Paper on Firmware-Based Monitoring","url":"/news/2026-04-15-nist-publishes-hardware-security-white-paper-on-firmware-based-monitoring/","date":"2026-04-15","summary":"Summary: NIST published Cybersecurity White Paper 52, \u0026ldquo;Firmware-Based Monitoring for Bus-Based Computer Systems,\u0026rdquo; on April 15, 2026. The paper …"},{"title":"OpenAI Opens Applications for a Safety Fellowship Focused on Alignment Research","url":"/news/2026-04-06-openai-opens-applications-for-a-safety-fellowship-focused-on-alignment-research/","date":"2026-04-06","summary":"Summary: OpenAI announced the OpenAI Safety Fellowship on April 6, 2026, describing it as a pilot program for external researchers, engineers, and practitioners …"},{"title":"NIST Releases CSF 2.0 Quick-Start Guides for ERM and Informative References","url":"/news/2026-03-23-nist-releases-csf-2-0-quick-start-guides-for-erm-and-informative-references/","date":"2026-03-23","summary":"Summary: NIST announced two Cybersecurity Framework 2.0 quick-start guide updates on March 23, 2026. The agency released the final SP 1308 guide on connecting …"},{"title":"NIST Finalizes Revision 3 of Its DNS Deployment Guide","url":"/news/2026-03-19-nist-finalizes-revision-3-of-its-dns-deployment-guide/","date":"2026-03-19","summary":"Summary: NIST published the final version of SP 800-81 Revision 3, \u0026ldquo;Secure Domain Name System (DNS) Deployment Guide,\u0026rdquo; on March 19, 2026. The guide …"},{"title":"NIST Maps the Hard Parts of Monitoring Deployed AI Systems","url":"/news/2026-03-09-nist-maps-the-hard-parts-of-monitoring-deployed-ai-systems/","date":"2026-03-09","summary":"Summary: NIST published AI 800-4, \u0026ldquo;Challenges to the Monitoring of Deployed AI Systems,\u0026rdquo; on March 9, 2026. The report groups monitoring into six …"},{"title":"EDPB Sets a 2026-2027 Programme Focused on Compliance and Regulatory Coordination","url":"/news/2026-02-12-edpb-sets-a-2026-2027-programme-focused-on-compliance-and-regulatory-coordination/","date":"2026-02-12","summary":"Summary: The European Data Protection Board adopted its 2026-2027 work programme on February 12, 2026. The programme emphasizes making GDPR compliance easier in …"}]}