
Originally published April 10, 2016. Reissued June 12, 2026.
2026 Preface
I wrote this in April 2016. It was an attempt to describe what it actually feels like to be on the receiving end of a breach notification call — the moment when a phone rings and your business is no longer what it was the hour before.
In 2016, the call came from the FBI, from Brian Krebs, from a security researcher who had stumbled across your customer data on a forum where it shouldn’t be. The mechanism was a breach. The harm was disclosed information. The remediation was incident response retainers, attorney engagement, breach containment.
In 2026, the call is changing shape. It is the customer who used your AI-powered medical chat tool and was given dosage advice that interacts with their actual prescription. It is the regulator asking why your hiring AI rejected an entire protected class. It is the journalist with a list of fabricated quotes your model attributed to a real person, on the record. It is the EU regulator requesting your Article 4 AI literacy documentation, with a deadline.
The mechanism has changed. The call has not. The organization that gets the call still wishes it had treated this as a program rather than a project. Still wishes it had built the retainer relationships before the call rather than during it. Still wishes someone had said, in a board meeting twelve months earlier, “what’s our plan when this happens to us?”
The piece below was written about cybersecurity. The lessons translate exactly to AI failures in 2026. Read it through both lenses.
The Call (No One Wants) — 2016
This call is not about something bad happening to your family. This call is about something bad happening to your business.
Someone has found your information on a site that most definitely is not yours. It could be the FBI, or it could be a Good Samaritan like Brian Krebs. The question that you, with many others, ask is how did this happen? And how long has it been going on?
After you receive the call, your world has changed. If you are lucky, your organization has a plan for a breach. Your plan should include a retainer for cyber-security response services from attorneys, cyber-security remediation, and containment specialists. However, most organizations are not this prepared, and must start trying to negotiate terms and conditions during an active incident, which is not a good starting point. But this is just the start of your troubles. It is a massive undertaking, and a very costly one.
So how did this happen? Most large organizations have an information security function. How is it that they were not able to prevent this? The reality is that very few organizations understand the risk they face in the new digital economy. If the risks are not understood, how can the risks be mitigated?
Other organizations interpret compliance with applicable standards as a testament to the security posture of the organization. Other organizations focus on point solutions, and spend millions on these solutions. Sometimes these solutions are really good solutions; sometimes not. However, point solutions do not work. Any security solution, physical or digital, needs to address risks from a program perspective.
Most organizations have not been able to overcome the internal hurdles to put this in place. It requires a change in culture for almost all organizations, and changing the culture is among the hardest transformations an organization can undergo.
Breaches are unfortunately a common scenario in large organizations like Target, Sony, and Home Depot, which have made headlines recently when information was leaked. According to many studies, only 10% of credit-card-related breaches affect large organizations: 90% target small business. Developing a security-aware culture in a small organization, and finding a way to implement a programmatic approach to security, is a serious challenge for the digital economy as a whole.
A note on compliance: compliance does not equal security. There are many factors why this is the case, but passing an audit does not mean that the work is done. At best, it shows that your organization has a good start on your never-ending road of information security.
2026 Closing
The original closing line — “compliance does not equal security” — is the line that most directly translates to AI in 2026. Compliance with the EU AI Act will not produce safe AI. Compliance with NIST AI RMF documentation requirements will not produce trustworthy AI. Both are necessary; neither is sufficient.
What matters is whether the organization has the program in place when the call comes. The retainer relationship with the law firm that handles AI-specific litigation. The pre-arranged communication plan for an AI incident affecting customers. The board-approved decision tree for shutting down an agentic system that is producing harmful outputs at scale. The forensic capability to reconstruct what the model did and why.
Most organizations don’t have this. The good news: the work to build it is identical in structure to the cyber incident response capability that mature organizations built between 2010 and 2020. The framework exists. The vendor ecosystem exists. What is missing in most cases is the willingness to start before the call.
If you are reading this in 2026, here is the question to ask. When the call comes — and it will, for many organizations, this year or next — what will the first 60 minutes look like? Who picks up? What do they say? Who do they call? Where is the playbook?
If you don’t have an answer to those four questions, that’s the work.