What Happens When You Give AI Agents Real Power
The pitch is compelling. AI agents that can manage your email, execute code, coordinate with other systems, and act on your behalf—all without you lifting a finger. The productivity gains...
Security and Compliance Blog
Learn security strategies, compare vendors, and implement best practices to prevent breaches and compliance violations from risky third party communications.
Posts by Tim Freestone
Tim Freestone, Chief Strategy Officer, Kiteworks
Tim joined Kiteworks as chief marketing officer in 2021 and was promoted to Chief Strategy Officer in 2026. Tim brings over 15 years of experience in marketing and marketing leadership, including demand generation, brand strategy, and process and organizational optimization. Tim was previously vice president of marketing at Contrast Security, a scale-up application security company. Before Contrast, Tim was the vice president of corporate marketing at Fortinet, a next-generation firewall and cloud security company.
Tim holds a Bachelor’s degree in Political Science and Communication Studies from The University of Montana.
How to Secure Client Data Transfers Between French and EU Financial Institutions
Financial institutions operating across French and European Union jurisdictions face stringent regulatory obligations when transferring client data. The GDPR, the DORA, and French banking supervisory requirements impose overlapping compliance mandates...
How DIFC and ADGM Banks Achieve Data Sovereignty in the UAE
Financial institutions operating within the Dubai International Financial Centre and the Abu Dhabi Global Market face a precise challenge: they must secure sensitive client data, cross-border transaction records, and internal...
How to Implement Customer-Controlled Encryption Keys in Banking
Financial institutions store and transmit highly sensitive data across hundreds of systems, applications, and communication channels. When those institutions rely solely on provider-managed encryption, they accept significant residual risk. A...
There’s No “–dangerously-skip-permissions” for Your Data
Buried in the documentation for Claude Code — Anthropic’s agentic coding assistant — is a flag that stops most security-minded readers cold: --dangerously-skip-permissions The name deserves credit for its honesty....
It’s Not the AI That’s Unsafe. It’s the Access You’re Giving It.
There is a number in Teleport’s 2026 State of AI in Enterprise Infrastructure Security report that should stop every CISO in their tracks: 4.5 times. Organizations with over-privileged AI systems...
AI Agents Are the Biggest Data Security Threat You’re Not Governing
Something quietly changed in enterprise security over the past year, and most organizations missed it. AI agents — autonomous systems that reason, act, and interact with enterprise resources independently —...
The Agentic AI Security Paradox: Why Deploying AI to Defend Your Organization Might Be Your Biggest Vulnerability
Here’s the trap that almost nobody is talking about. Security teams need AI agents to defend against AI-powered attacks. But deploying those agents creates the exact data exposure risks they’re...
AI Agents Are Multiplying Across the Enterprise. Security Has Not Kept Up. Here Is What That Means for Your Sensitive Data.
There is a new employee in your organization that has access to your customer database, your financial records, your contracts, and your email. It works around the clock. It never...
Enterprises Are Flying Blind Into the AI Security Crisis (and the Numbers Prove It)
A near-trillion-transaction analysis reveals a sobering truth: organizations are adopting AI faster than they can secure it, and attackers are already exploiting the gap. The Great AI Security Disconnect Something...
How Netherlands-Based Banks Achieve PCI DSS 4.0 Compliance in 2026
The Netherlands banking sector operates under some of the strictest data protection and payment security mandates in Europe. PCI DSS 4.0 compliance remains a continuous obligation for institutions processing cardholder...
Best Practices for Securing Industrial IoT Systems in UK Factories
UK manufacturers operate in an environment where production uptime, regulatory accountability, and physical safety depend on connected industrial systems. When a factory floor relies on hundreds or thousands of sensors,...
How German Banks Achieve DORA Compliance with Data Sovereignty
German banks face a dual regulatory imperative. The Digital Operational Resilience Act, which took full effect in January 2025, mandates comprehensive ICT security risk management, incident reporting, and third-party oversight...
How German Insurers Protect Customer Data from FISA 702 Surveillance
German insurance companies handle highly sensitive personal data including health records, claims histories, and underwriting decisions that cross multiple jurisdictions. FISA 702 grants U.S. intelligence agencies broad authority to access...
Data Residency Requirements for Saudi Arabian Financial Institutions: A Compliance and Security Blueprint
Financial institutions operating in Saudi Arabia face mounting pressure to secure customer data, meet evolving regulatory standards, and prove compliance with data residency mandates. The Saudi Central Bank (SAMA) and...