https://ansulev.com/blog/Recent content in Blog — Cybersecurity & AI on Angel Sulev | Cybersecurity + Agentic AIHugoenSat, 15 Mar 2025 00:00:00 +0000https://ansulev.com/blog/private-llms-vs-chatgpt/Sat, 15 Mar 2025 00:00:00 +0000https://ansulev.com/blog/private-llms-vs-chatgpt/<p>Every time your team pastes a contract, an internal email, or customer data into ChatGPT, that information enters OpenAI&rsquo;s infrastructure. The debate about exactly what OpenAI does with that data is long, but the relevant question for any company is simpler: <strong>do you need to take that risk?</strong></p> <p>The answer is almost always no. The reason many companies still do it is that nobody has explained that a viable alternative exists.</p>https://ansulev.com/blog/zero-trust-architecture/Thu, 20 Feb 2025 00:00:00 +0000https://ansulev.com/blog/zero-trust-architecture/<p>In recent years &ldquo;Zero Trust&rdquo; has gone from being a rigorous security concept to a marketing label that appears on the sales page of virtually every cybersecurity product. The result is that many organizations believe they have implemented Zero Trust when in reality they have bought a product that mentions it in its brochure.</p> <p>This article is not meant to discredit the concept — Zero Trust is the right approach. It aims to clarify what it actually means.</p>https://ansulev.com/blog/eu-ai-act-companies/Sat, 18 Jan 2025 00:00:00 +0000https://ansulev.com/blog/eu-ai-act-companies/<p>The EU AI Act entered progressive application from August 2024 and its main provisions will be fully mandatory by August 2026. This is not future regulation — it is present. And unlike GDPR, which many companies implemented late, the AI Act has sanctions that make GDPR look moderate: up to <strong>€35 million or 7% of global turnover</strong> for the most serious violations.</p> <p>This article is not legal advice. It is a practical guide to understanding whether your company has obligations and what they are.</p>