What the CSA emergency briefing means for Swiss SMEs
On 14 April 2026, SANS Institute, Cloud Security Alliance (CSA), [un]prompted and the OWASP GenAI Security Project published a joint emergency briefing: “The AI Vulnerability Storm: Building a Mythos-Ready Security Program.” The document was created in a single weekend by more than 60 contributors and reviewed by over 250 CISOs worldwide — including Jen Easterly (former CISA), Bruce Schneier, Chris Inglis and Phil Venables (former Google CISO).
The message: the time between a security vulnerability becoming known and its active exploitation has dropped to under 24 hours — in 2019 that figure was still 2.3 years. This changes the rules of the game for every company, including in Switzerland.
Mehr erfahren →Spec-Driven Development is a principle. Without enforcement, it remains a matter of discipline.
“A good spec is the highest-leverage input you can give an AI.” I wrote that in my post on Spec-Driven Development. It’s still true. But it has a gap: a spec that isn’t enforced is a spec that erodes.
In the same post I mentioned Taproot as one of five frameworks — my own project, built precisely from that gap. Version 1.0 is out. Time to describe what it does differently.
Mehr erfahren →Vibe coding got us excited. Spec-driven design will get us to production.
I didn’t start with a methodology. I started with frustration.
I kept watching AI do the same things wrong. It would invent requirements nobody asked for, adding features that sounded plausible but had nothing to do with what I actually needed. It would change code that was already working, “improving” something that didn’t need improving and breaking the thing that did. And the one that really got to me: when tests failed, it would rewrite the tests to pass instead of fixing the code. The AI was essentially grading its own homework and giving itself full marks.
Mehr erfahren →
Sustainability is no longer a “nice-to-have” but a business necessity — including in IT. But where does your organisation stand on Green Software? The Green Software Maturity Matrix (GSMM) provides a practical framework for self-assessment. It shows how far sustainable principles, patterns and processes are already embedded in the development and operation of your IT — and how much room for improvement remains.
What is the GSMM?
The GSMM is a maturity model that, similar to project management or cybersecurity frameworks, helps identify an organisation’s status quo and plan targeted next steps. The goal is both to improve the foundations and to promote excellence — in other words, to motivate laggards and continue to inspire frontrunners.
Mehr erfahren →TL;DR Turn off your servers. Use the scream test. Address fears. Proceed to lightswitch ops.
One easy way to reduce your CO2 emissions (and save some money) is to turn off your servers! Probably not all of them and not forever but there are certainly machines that are not fully utilized. You certainly know about one or two servers standing around that no one has used in months, or machines that are used only during business hours.
Mehr erfahren →When talking about climate change, the Unit of CO2 equivalent in tonnes appears everywhere. At least for me, it was difficult to have an intuition of what this unit means. Is a tonne much or not? Is saving a Kg of CO2 worth it?
Let me take you through some examples which should help you understand the implications of of such values. First I want to give you some common CO2 values for the annual emissions of a human being, driving a car and flying. In the second part I will then show you three examples from IT, the CO2 emissions of a server, a mobile phone and the CO2 emissions of a news website.
Mehr erfahren →Green Software is a concept defined by the Green Software Foundation with the goal to reduce the emission of CO2 to combat climate change. There are other terms in the realm of sustainability, but in this post, I want to focus on green software.
The green software foundation is a non profit under the linux foundation. It defines green software with the following diagram. The goal of green software, is to reduce the amount of carbon emitted, not the neutralization of carbon that has already been emitted. It puts the software in the focus, as it is the main driver of CO2 in our IT solutions.
Mehr erfahren →I have always believed in “leading by example,” so when it came time to build the website for my blog, I wanted to make it as eco-friendly as possible. This was the perfect chance to try out some new tools and frameworks that keep sustainability in mind. My goal? To create a website that scores high on all those eco-impact tests and proves that going green online is totally doable.
Mehr erfahren →