Insights

What Happened? On July 31, 2025, TechCrunch reported a troubling development: public shared ChatGPT conversations were discoverable through search engines like Google and Bing when indexed from https://chatgpt.com/share links. These conversations had only been made public if users explicitly clicked "Share link" and opted in by enabling a "make this chat discoverable" setting. However, search engines crawled those pages anyway, exposing queries ranging from innocuous recipe ideas to deeply personal job applications and even disturbing content. Why Privacy Took a Hit Search engines index anything publicly posted online. If a page lacks noindex tags or blocking rules, Google & Bing can crawl and cache it-whether or not that was intended. Users may have unknowingly checked the discoverability option, trusting the tool but overlooking downstream exposure risks. OpenAI's Response By August 1, 2025, OpenAI disabled the feature entirely, rolling back the "make discoverable" option. According to Chief Information Security Officer Dane…

Critical Path Security is proud to announce that our own Patrick Kelley will be taking the stage at BSidesAugusta 2025 to deliver a talk that hits at the heart of what it means to work in this industry:"Measuring Fatigue, CPTD, and Burnout in Cybersecurity with the Copenhagen Burnout Inventory." This session will take place October 25 at the Georgia Cyber Center in Augusta, GA, as part of one of the most respected security community events in the Southeast. The cybersecurity industry is a high-pressure environment-endless alerts, late nights, and incident after incident. But there's a cost that's rarely measured or discussed: fatigue, cumulative PTSD, and burnout. These aren't abstract HR terms; they're real conditions that affect our health, our teams, and our ability to keep organizations secure. In this talk, Patrick will explore: Copenhagen Burnout Inventory (CBI): A proven framework for measuring burnout across personal, work, and client-related domains. CPTD…

This past weekend at Calabogie Motorsports Park was a reminder that in both racing and cybersecurity, you can bring your absolute best - but sometimes the unexpected still forces you to adapt. Ryan Vargas and the Critical Path Security #28 team came into the weekend strong, showing impressive pace during practice. Ryan found excellent long-run speed, which translated into a solid qualifying performance, starting P8 for Sunday's race. At the green flag, Ryan quickly settled into seventh, poised for a smart, consistent run. The plan was clear: manage the car, hold position, and be ready to capitalize later in the race. But after 14 laps, the team's race took an unexpected turn - a motor failure ended the day far earlier than planned. While the result wasn't what the team was aiming for, the pace and preparation proved that the #28 has speed to contend. Ryan summed it up best:…

We are proud to announce that Patrick Kelley, CEO of Critical Path Security, will be the opening speaker at this year's Minnesota Power Systems Conference (MIPSYCON). Patrick will take the stage on Tuesday, November 4, 2025, from 8:15 to 9:05 a.m. to address an often-overlooked topic in the cybersecurity and power systems space: Mental Health and Burnout. The cybersecurity industry-especially in critical infrastructure-operates under constant pressure. The stakes are high, downtime is rare, and the stress can take a real toll on the people behind the controls. Patrick's talk will explore: Recognizing the early signs of burnout Understanding the cumulative impact of stress in high-stakes work Building sustainable practices for individuals and organizations This session will set the tone for the conference, emphasizing the importance of maintaining not just operational security, but the well-being of those who safeguard it. If you're attending MIPSYCON, join Patrick at 8:15 a.m. on November…