͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

Forwarded this email? Subscribe here for more

Don't crash.

There's another way.

Matthew Fried

Dec 26

READ IN APP

Restrictive dieting usually ends up restricting your progress.

If you cut out a huge number of calories per day for a short time, yes, you will lose weight in the first few weeks.

But you cannot sustain that for very long without losing muscle mass, draining your energy, getting sick, and increasing the rebound effect of strong cravings and going overboard when willpower fails.

So you end up worse than when you started, because at the end of all that, your weight is equal or greater than before, plus your faith and confidence are drained, plus your negative eating behaviors are reinforced, plus your body’s signals are out of whack.

You don’t need to do a crash diet to lose weight.

Men’s Group • LinkedIn • Instagram • X

Comment

Restack

We are on the cusp of a renaissance in human risk management, but getting there requires admitting some hard truths. The first is that mandatory "checkbox" training doesn't work. If human behavior changed that easily, we wouldn't see the same breaches repeating year after year.

This final edition of The UpGuardian for 2025 is dedicated to Radical Realism. We're looking ahead to 2026 not with optimistic predictions, but with a hard look at the structural shifts in the threat landscape—from the failure of traditional awareness programs to the reality that our most trusted platforms are becoming our biggest targets.

Here is your briefing on the reality of risk in 2026.

Cybersecurity Predictions for 2026: Human Risk, AI Data Leaks, and the Next Big Breach

We need a radical shift in cybersecurity. Traditional training is the "compliance trap" of our industry—well-intentioned but proven to fail at scale. In this year-end manifesto, we argue for a complete rebuild of human risk management. We also explore why "platform power" is turning successes like Salesforce into targets, and why the next big AI breach won't be from a rogue robot, but a simple misconfiguration.

Read the 2026 Outlook →

Streamlit: The Tip of the Shadow AI Iceberg

Our outlook predicts that 2026's AI leaks will be driven by system misconfigurations, not advanced hacks. Our latest research proves it. We investigated Streamlit, a popular open-source framework, and found it to be the "tip of the iceberg" for Shadow AI exposure. This report details how default settings are exposing sensitive data right now—validating that the biggest AI threat is often the one you simply forgot to configure.

Explore the Breach Report →

The Technical Reality

Common Cloud Misconfigurations and How to Avoid Them

As our 2026 outlook notes, "the actual vector for AI leaks is system misconfiguration." Whether it's an exposed Elasticsearch database or an open S3 bucket, the "old" problems are becoming the "new" AI risks. This guide refreshes your team on the fundamentals of cloud misconfiguration—the exact vulnerability that will define the next wave of AI breaches.

Secure Your Configurations →

The Strategic Shift

Artificial Intelligence and the Future of TPRM

"Platform power" means your vendors are now your biggest targets. As attackers pivot to breaching the central platforms we all rely on, your third-party risk strategy must evolve. This resource explores how AI is reshaping TPRM, helping you secure the complex supply chain that powers your business in 2026.

Future-Proof Your TPRM →

The Human Solution

Human Factors in Cybersecurity

If "checkbox training" is the failed model, what is the solution? This article dives into the science of "Human Factors," moving beyond blame to understand the psychological and environmental drivers of employee behavior. It's the first step toward building a defense that works with human nature, not against it.

Understand Human Factors →

Solving Human Risk: Build a Measurable, Security-First Culture

After diagnosing the failures of current training models, it's important to remember the positive "end state." It bridges the gap between understanding human factors and achieving a resilient organization, providing a constructive goal for leaders to aim for in the new year.

Build a Security-First Culture →

The Resolution: From Awareness to Action

The era of passive security training is over. To survive 2026, you need a solution that actually changes outcomes. UpGuard User Risk is the platform designed to manage, measure, and mitigate human risk based on how people actually behave (not how we wish they would). See the solution in action and tour User Risk today.

A Year of Realism

If 2025 taught us anything, it's that we can't sweep systemic risks under the rug. Thank you for reading the UpGuardian this year. Here's to a secure, realistic, and more resilient 2026.