If you ask any random chosen person from the security industry, you will very likely hear, “Agile and security don’t work together”. 

But we think that Agile and Security can work together. Let us discuss how we can make it work together.

Constant pressure from executives to deliver results faster at lower costs has made Agile very popular in recent years. Even the Australian Prime Minister recommended adopting Agile methodologies for government projects. But is Agile really so good? Or maybe there's a hidden catch?

One compromised AI vendor, one stolen OAuth token, and everything your organisation trusted it with was exposed. The Vercel and Context AI breach of April 2026 revealed a critical blind spot most businesses have not yet addressed: the AI tools you approve can be used against you through vendors you never directly vetted. In this article, SeCompass CEO Jatinder Oberoi breaks down exactly how the attack unfolded, why it is part of a growing pattern of AI supply chain threats across Australia and New Zealand, and the five-pillar governance framework every organisation using AI tools needs to put in place now.

Most businesses moved on after EchoLeak was patched. The risk didn't. A single email — no malware, no click required — was enough to silently instruct Microsoft 365 Copilot to expose sensitive data. If your SME uses AI tools in daily operations, here is what you need to understand, and what to do about it.