Case Studies & Expert Insights
Explore expert insights and case studies from Liverton Security.
Complexity of Security (Part 1)
All Case Studies & Expert Insights
Deep dive into solutions and cybersecurity topics with our experts
Vibe Coding: The Hidden Security Risks of AI-Generated Software
Artificial intelligence is making software development more accessible than ever, allowing users to generate code simply by describing what they want. This emerging practice, often called “vibe coding,” promises faster development and greater accessibility. However, without proper requirements, testing, and security awareness, AI-generated software can introduce serious vulnerabilities. Understanding the risks behind AI-assisted development is essential before deploying code into production environments.
AI Prompt Poisoning: Understanding the Threat – And Why You Need to Pay Attention
Artificial intelligence is rapidly changing the way we work, and with that change comes a new set of security challenges. One of the most concerning is ‘AI prompt poisoning’ – a technique where someone intentionally manipulates the instructions given to an AI model to generate unwanted or harmful results.
When NZ organisations get breached, the same question keeps coming up—"How did this happen when we were compliant?"
Compliance frameworks like NZISM, PSR, and the Privacy Act were never intended to be treated as annual checklists. Their underlying assumption is that controls operate continuously, risks are reviewed as environments change, and people actively protect information. When organisations treat compliance as a finish line, security drifts — and that gap between audits is where breaches occur. Real security maturity comes from ongoing assurance, not point-in-time compliance.
Bridging Directly To Continuous Maturity Assessments
As organisations change, security often drifts out of alignment. Continuous maturity assessment helps identify weakening controls, workarounds, and emerging risks early—before they turn into incidents. It provides a practical way to keep security relevant, effective, and aligned with how a business operates as it evolves.
One of the biggest security risks in New Zealand isn’t technology. It’s misplaced responsibility
Many organisations assume cybersecurity is handled by their IT or network provider, but IT operations and security are not the same discipline. While firewalls, endpoint tools, and cloud controls are important, security fails when it becomes technology-led instead of risk-led. Real security requires governance, skilled people, and continual review—not just tools left to run on default settings. Without dedicated security leadership and maturity assessment, organisations can appear secure on paper while remaining exposed in practice.
The $500 Gift Card That Nearly Cost Millions: Understanding Executive Email Spoofing
A seemingly harmless email request from the CEO asking a new employee to purchase gift cards led to a serious security incident. This real-world case study shows how preventable failures and weak email security controls can result in significant financial and reputational damage, underscoring the critical importance of robust email security in modern organisations.