Why microsegmentation still matters in the AI era, and why the path forward has to be smaller, smarter, and more honest. If you have ever been part of a microsegmentation project, you know the hard part usually does not start with the technology. It starts in a room. Network teams
Every quarter, enterprises ask familiar questions about human access. Does this user still need access to this application? Does this admin still need elevated privileges? Is this service account still active? Are these permissions still aligned to the person’s role? What access should be revoked before it becomes a
Something shifted at RSAC 2026 last week. The conversations that previously orbited around "how do we secure AI" moved toward something more specific and more urgent: how do we extend Zero Trust, the framework most enterprises have been building toward for the better part of a decade, to
OpenClaw became the most-starred repository in GitHub history in about 60 days. By early March, it had passed 250,000 stars, overtaking React, a project that took over a decade to reach that number. If you work in enterprise security or architecture and haven't heard of it yet,
I keep hearing about post-quantum cryptography. It comes up in industry reports, vendor announcements, and security news with increasing frequency. My sense is that most security professionals are in the same place I am: aware that something is happening, not entirely sure what it means for them, and uncertain whether
We've been talking about the cybersecurity workforce shortage for over a decade now. At this point, it's almost background noise in the industry. Someone publishes the ISC2 numbers, we all read the headlines, nod along, and go back to work. Millions of unfilled roles globally, the
It's been a minute since I posted here. I've been heads-down in the security trenches, but something has been eating at me that I need to get out in the open. Every week, I'm in conversations with enterprise architects, security leaders, and IT directors
Key Takeaways * Combining data privacy protection with AI system safeguards enterprise AI implementations from unauthorized access and data breaches * Organizations implementing private AI must address unique challenges, including model isolation, data residency requirements, and secure inference pipelines * The NIST AI Risk Management Framework, ISO/IEC 27001, and emerging standards like
Key Takeaways * Zero trust AI security requires distinct approaches for AI systems that enterprises consume versus AI systems they develop internally * Traditional perimeter-based security measures fail to protect distributed AI workloads across multi-cloud environments and third-party services * Identity-centric controls for AI models, data pipelines, and inference endpoints are becoming as
Key Takeaways * Zero trust security model provides essential protection against unique AI threats, including adversarial attacks, data poisoning, and model theft that traditional security approaches cannot adequately address. * AI architectures with multiple models require granular access controls, continuous monitoring, and microsegmentation to secure data flows between components like training pipelines,
I was recently made aware of this article coming out of DEF CON. I havent setup a link share spot yet so you get this instead DEF CON research takes aim at ZTNA, calls it a bust | Network World "The research team found complete authentication bypasses in all tested
As enterprises accelerate cloud adoption with 83% of workloads expected to run in the cloud by 2025, traditional perimeter-based security models are proving inadequate for protecting distributed, hybrid environments. The convergence of network and security services through a secure access service edge, combined with zero trust principles, offers a transformative