Lessons from OWASP AppSec NZ: Culture, Code, and AI’s Impact on Development

September 07, 2025 by Robert Kehl in AI in Cybersecurity, Application Security

AI introducing additional risks in development is no longer theoretical or fringe. At OWASP AppSec NZ, session after session reinforced the double-edged nature of AI in cybersecurity. LLMs are accelerating delivery, but they also generate vulnerable code nearly 40 percent of the time, and most of it is still pushed to production. Banning them is pointless, because developers, like any other role, will find a way to use these tools whether in a controlled environment or outside it. Until these systemic issues are removed from the training data of future models, if that ever happens, we are essentially living through Stack Overflow 2.0, but with vulnerabilities baked in at scale.

Custom GPT's for Cybersecurity Professionals in NZ

Cyber Millennial

July 24, 2025 by Robert Kehl in AI in Cybersecurity

Custom GPTs are tools no different than a hammer. Useful in the right hands, but counterproductive if misapplied. You wouldn’t install a lightbulb with a hammer, and you shouldn’t delegate strategic judgment to a chatbot without sufficient context. These GPTs are designed to prompt reflection, not replace thinking. Each one helps cybersecurity professionals surface lived experience, clarify trade-offs, and turn real work into shareable insight.

AI: A Double-Edged Sword for Security Teams in New Zealand

Cyber Millennial

July 24, 2025 by Robert Kehl in AI in Cybersecurity

AI is transforming cybersecurity, from boosting defensive speed to enabling deepfakes and zero-day exploitation. This piece explores how security teams in Aotearoa New Zealand can secure AI systems, detect synthetic threats, and balance innovation with operational risk.