When Temi Adebambo became the first-ever CISO of XBOX in 2024, he had a huge job ahead of him.

About six months before Adebambo took the position, Microsoft closed its $69 billion acquisition of Activision Blizzard, making it the world’s third-largest gaming company by revenue.

“My first year was really spent harmonizing security governance across what was now more than 30 global game studios,” Adebambo told IT Brew, adding it was a “defining year” for the company to see what leadership would look like at the newly combined organization.

It’s just a game…or is it? Adebambo—who is a self-proclaimed gamer, playing anywhere between 10 and 20 hours per week—said the gaming industry is very “unique” compared to other industries. For starters, he is tasked with protecting real-time transactions, personal data, and financial information “all in the same space.”

“Unlike traditional enterprise security, you’re not protecting just corporate data and business operations. In gaming, you’re protecting…highly interactive 24/7 life services,” Adebambo said, adding that this industry has a “passionate, but sometimes adversarial player base.”

And the stakes in gaming aren’t just monetary.—BM

A long-winded email isn’t just a cure for insomnia...it’s becoming a cybersecurity threat, with attackers using excessive dummy text to lull AI defenses to sleep.

The tactic—spotted recently by email security company Sublime Security—is less an example of flashy, model-breaking commands like “ignore all previous instructions” and instead more like, “nothing to see here, drowsy LLM.”

“They’re sort of poking the bear a little bit, and seeing what they can get away with,” Luke Wescott, Sublime’s threat detection engineer, told IT Brew.

Hidden message. In a May 5 post, Wescott and machine learning researcher Anna Bertiger broke down how the tactic works.

Within the phishing email’s HTML, threat actors hide a heap of harmless looking text: an Adidas newsletter, in one example, a whole romance novel in another. The phishers bury the text using a font too tiny for humans to see—but AI tools can.

Learn how to detect the text-heavy tactic.—BH

Threat intelligence: Threat intelligence often highlights organization-specific vulnerabilities, describes the potential attackers’ identities and favored techniques, and suggests ways for cybersecurity teams to eliminate risks and improve overall defenses. Learn more.

Knowledge, wisdom, and understanding brings long life and health, as Jeru the Damaja once said—and when integrated into edtech, it could potentially mean a long career.

That’s what Doug Hughes, CEO of edtech company Codio, has found in his three-decade professional life. After a stint in the Army, Hughes became the first person in his family to go to college, at the University of West Georgia for computer science—initially for cybersecurity. But learning more about the industry changed his mind on what to focus on.

“After I got into computer science really deeply, I started realizing that I had a lot more of a business mind,” Hughes said. “Late in the game, I transitioned over to information systems.”

It was a smart shift. The university hired Hughes to write software and automate the school’s copying and printing center’s billing processes. That experience, and the connections he made, led him to McGraw Hill, the global education science company. He started as a consultant and left the company over 17 years later as chief sales officer.

See the next stops on his edtech career path.—EH