GitLab and Google Cloud provide a managed DevSecOps offering that combines data sovereignty, regulatory control, and AI integration in highly regulated enterprise sectors.
Federal government’s open-source AI model automates the retrieval of applicable law and its application to infrastructure projects to reduce approval times.
Orphaned AI agents in enterprise networks pose significant security risks because their authorization and access rights are often undocumented and not traceable.
Estonia plans to equip AI agents with their own digital identities to make their actions on behalf of citizens and businesses legally traceable and to limit permissions granularly.
Approximately 30,000 German companies under NIS2 must establish whistleblower reporting channels and must meet standards for confidentiality, protection against retaliation, and documentation.
SAE-based safety measures are vulnerable to post-intervention recovery: models can restore suppressed behaviors even when targeted features are controlled.
AI agents as active system participants with data access require new security approaches beyond classical governance, as their risks stem from gradual behavioral changes and Shadow AI, not from obvious violations.
Google is implementing the use of IP addresses from European users for ad personalization, despite the company itself having previously criticized this method as problematic for device identification.