K0NSULT // ai-truth/ipIII
k0nsult.cloud / ai-truth / ipIII / dashboard / en

Executive Overview

πŸ‡΅πŸ‡± Polski πŸ‡¬πŸ‡§ English

Consolidated executive view of the security posture: incident volume, priority distribution P0–P3, evidence quality of reports, weekly trend and the queue of cases requiring a human decision (human-in-the-loop). This view is intended for CISO / SOC leadership / compliance.

NOTICE β€” DEMONSTRATION DATA. All figures, incidents and charts on this page are marked SIMULATION and serve solely to demonstrate how the panel operates. They do not reflect any real breaches or the operational data of any entity. Regulatory frames (AI Act, NIS2, GDPR) describe the publicly known content of the legislation and are educational, not a certification.

Operational window: 7 days Β· 142 reports Β· 6 active P0/P1 SIMULATION

Figures as of a demonstration date. Green = under control, amber = requires attention within SLA, red = response threshold exceeded or active compromise.

REPORT→EVIDENCE→STATUS→CLASSIFICATION→RISK→PLAYBOOK→ACTION→VALIDATION→REPORT-OUT

Top-level metrics SIMULATION

142
Incidents (7 days)
+18% w/w
6
Active P0/P1
2Γ— P0 Β· 4Γ— P1
31%
Reports in GAP status
no evidence β€” to be completed
9
Require a human decision
human-in-the-loop
3h 12m
Median P0 response
SLA ≀ 4h β€” within target
4
Cases with a legal flag
NIS2 / GDPR / AI Act

Priority distribution P0–P3 SIMULATION

Breakdown of 142 reports by urgency level. P0 = within 4h, P1 = within 24h, P2 = within 72h, P3 = 7–30 days.

P0 critical
8
P1 high
29
P2 medium
58
P3 low
47

Evidence quality of reports SIMULATION

Evidence-first doctrine: every claim carries an evidence status. A high share of GAP indicates a backlog in completing evidence, not the scale of the threat.

CONFIRMED MEDIA SIGNAL PUBLIC CLAIM GAP DISPUTED
CONFIRMED
38%
MEDIA
12%
PUBLIC
14%
GAP
31%
DISPUTED
5%

Most frequent incident types SIMULATION

Phishing
41
Vulnerabilities/CVE
28
Prompt injection
18
DDoS
14
Ransomware
11
Agent hijack
9
Data exfiltration
8
Other
13

Weekly trend SIMULATION

Report volume broken down by day over the last week of the operational window.

Mon
Tue
Wed
Thu
Fri
Sat
Sun

The Thursday–Friday peak correlates with a demonstration phishing campaign. Weekend = a drop in user-submitted reports, not a drop in exposure.

Recent incidents SIMULATION

IDTypePriorityEvidence statusLegal flagState
INC-4821Ransomware β€” share encryptionP0CONFIRMEDNIS2_RELEVANTIn progress
INC-4820Customer data leakP0MEDIAGDPR_BREACHDPO escalation
INC-4817Prompt injection in assistantP1CONFIRMEDAI_ACT_RELEVANTPlaybook
INC-4815Phishing campaign (BEC)P1CONFIRMEDβ€”In progress
INC-4812Agent hijack β€” privilege abuseP1PUBLICAI_SERIOUS_INCIDENTHuman decision
INC-4809Exploited CVE (RCE)P1CONFIRMEDCRITICAL_INFRAPatch
INC-4803Volumetric DDoSP2CONFIRMEDβ€”Mitigation
INC-4798Voice deepfake β€” fraud attemptP2GAPAI_ACT_RELEVANTEvidence?
INC-4791Bucket misconfigurationP2CONFIRMEDGDPR_PERSONAL_DATARemediation
INC-4785Suspected supply chainP3DISPUTEDβ€”Analysis

Requires a human decision (human-in-the-loop) SIMULATION

Cases where the classification system halts automated action and requires approval by an authorized role (Operator / Analyst / Legal-DPO / AI Safety Officer). Aligned with the human-oversight principle (AI Act art. 14 β€” human oversight).

INC-4820 β€” DPO decision

Question: Does the breach qualify for notification to the supervisory authority within 72h (GDPR art. 33) and notification of data subjects (art. 34)?

Role: Legal/DPO Β· Deadline: ≀24h to decision

INC-4812 β€” AI Safety decision

Question: Is the agent hijack a "serious AI incident" requiring a report under AI Act art. 73? Cut the agent off from production?

Role: AI Safety Officer Β· Deadline: ≀24h

INC-4821 β€” Operator decision

Question: Isolate the network segment and start recovery from backup (Zero Point), or negotiate time for forensics?

Role: Operator Β· Deadline: ≀4h

INC-4798 β€” Analyst decision

Question: GAP status β€” no evidence for the deepfake. Close as unconfirmed or escalate to obtain the recording?

Role: Analyst Β· Deadline: ≀72h

Principle. The system does not autonomously take irreversible actions (cutting production off, notifying an authority, notifying customers). It recommends β€” a human in an authorized role decides. Every decision is logged in the Evidence Layer with author, timestamp and rationale.

Go to detailed views

Cyber Map β†’

Classic cyber incidents across dimensions: geography, sector, type, actor, impact.

AI Risk Map β†’

AI/agent risks, AI Act flags, human-oversight status, high-risk test.

Evidence Board β†’

Report queue by evidence status β€” priority for GAP and DISPUTED.

Legal Board β†’

Cases flagged NIS2 / GDPR / NCSA (KSC) / AI Act and reporting-deadline clocks.

Response Board β†’

Active playbooks, response step state, validation and incident closure.

Threat Map β†’

An aggregate threat map joining the cyber and AI layers with priorities.

K0NSULT β€” System for analysis, mapping and countering cyber incidents and AI incidents Β· /ai-truth/ipIII Β· v1.0 Β· evidence-first
Doctrine claim ≀ proof. Data marked SIMULATION is illustrative (demo), not operational. NIP 5253089872 Β· KRS 0001239441 Β· K0NSULT Sp. z o.o.