JP Morgan's New Approach to Cybersecurity
A cry for help from the RSA cybersecurity conference
This week I will cover:
The watershed open letter from JPM’s CISO begging SaaS companies to prioritize security over features (plus our solution to that problem).
A brief update on Gemini 2.5 - excellent for writing/summarizing.
Key differences between Open AI 4 and 4o you need to know.
Google releases into invitation-only preview Sec Gemini - a cybersecurity research tool.
Other key developments:
OpenAI quietly launched GPT-4.1 on April 14, 2025, introducing a new family of models designed to enhance coding capabilities, instruction following, and long-context comprehension (1 million tokens). These models are exclusively accessible via the OpenAI API and are not integrated into the ChatGPT interface.
JPMorgan, Wells Fargo, and Citigroup are leading in hiring AI specialists, with a 13% increase in AI employees over six months. The focus is on integrating AI to improve efficiency. Note that Citi is starting pretty far behind JP Morgan in AI headcount… https://www.fnlondon.com/articles/jpmorgan-wells-fargo-and-citi-lead-race-for-ai-talent-as-job-numbers-swell-60847680
Palo Alto Networks acquired AI startup Protect AI for circa $650 million to enhance its cybersecurity platform. https://www.investors.com/news/technology/cybersecurity-stocks-palo-alto-stock-rsa-conference/
What AI Model Should I Use Today?
Gemini 2.5 is really good at summarizing long documents and writing in English. Its context window is 1 million tokens soon to expand to 2 million. The bigger the context window, the more material the model can hold “in memory” as it completes your prompts. This window is roughly the equivalent of 2,300 double-spaced pages of research papers.
In my testing, Gemini 2.5 is also incredibly fast. At times, Open AI gets bogged down with more processing intensive multi-modal requests, for example when Open AI released “Studio Ghibli” style photo effects.
From a benchmarking standpoint, Gemini 2.5 scores 18.8% on Humanity’s Last Exam, one of the toughest benchmarks for AI, and ahead of most other non-experimental models. Check it out.
ChatGPT 4 and 4o have an important difference. The “o” stands for “omni” media. That means 4o can consume large pictures, pdfs, etc. and use or manipulate them to generate prompt completions, new photos, etc. If you are attaching any file like that to a prompt or searching the internet for a non-text item, use 4o. If you try to use 4 with even a modestly sized pdf, photo, etc., it may not work. Worse, it may not tell you that it is encountering a size limitation issue, it may simply do a bad job and leave you wondering what happened. What happened is you used the wrong model.
JP Morgan's New Approach to Cybersecurity
This open letter from the JPMorganChase Chief Information Security Officer Pat Opet is not just a wake up call, but a watershed moment in cybersecurity for the software business. SaaS, unheard of before Marc Benioff and Salesforce spent a decade championing the cloud, now dominates the software, as well as venture capital, ecosystem because it has huge profit margins, scales quickly with a small team, and there are many ways to exit an investment, from another investor to acquisition or an IPO.
The company we founded, Artificial Intelligence Risk, Inc., is a cybersecurity-first AI software company. Our philosophy is to deploy our software and AI models on premises or in our client’s private cloud. This is not SaaS. We believe this dramatically reduces cybersecurity risk, as our client’s data stays inside their firewall. We can’t even see it.
Want to learn more about cybersecurity, Gemini, and a new, invitation only research product for cybersecurity, Sec Gemini? You can listen to my podcast interview on how AI is transforming cybersecurity with Elie Bursztein from Google below.
If you’re still reading, our company provides a turnkey system for Gen AI that can use all LLMs, like ChatGPT, Gemini and Llama simultaneously, connect to any data, and provides hundreds of built-in and customized AI agents that do different “jobs”. We provide a user interface to access all those models and capabilities. Then, we wrap everything in “AI GRCC” AI governance, risk, compliance, and cybersecurity.
Worried about cybersecurity, but want to get started in AI beyond copilot? Talk to us. https://www.aicrisk.com or reach out to me on LinkedIn https://www.linkedin.com/in/aleccrawford/
Copyright © 2025 by Artificial Intelligence Risk, Inc.