Insights
Ideas, frameworks and field notes for secure growth.
Explore Cyber Scale perspectives on AI security, cloud, identity, exposure management and the evolving operating model for modern cyber leadership.
Beyond Observability: Securing the Non-Deterministic Enterprise
𝗪𝗵𝘆 𝗔𝗜 𝗶𝘀 𝗳𝗼𝗿𝗰𝗶𝗻𝗴 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗹𝗲𝗮𝗱𝗲𝗿𝘀 𝘁𝗼 𝗿𝗲𝘁𝗵𝗶𝗻𝗸 𝘃𝗶𝘀𝗶𝗯𝗶𝗹𝗶𝘁𝘆, 𝗴𝗼𝘃𝗲𝗿𝗻𝗮𝗻𝗰𝗲 𝗮𝗻𝗱 𝗰𝗼𝗻𝘁𝗿𝗼𝗹A few weeks ago, I was sitting at an AI conference listening to a discussion about AI Zero Trust. The speaker was talking…
AI Runtime Security: The Bit Everyone Misses
Everyone says they’re “securing AI”.Very few can explain what they’re actually securing at runtime.Ask a room of executives what AI security means and you’ll hear confident answers.Ask them where their AI runs, what it…
Defence in Depth for the Agentic Age
Why agentic AI breaks old security assumptions and how practitioners are adaptingMost organisations think they’re securing AI - they’re actually securing fragments of it.Inventory looks neat. Posture dashboards feel reassuring. Risk registers are filling…
The Post-Mythos era has arrived
Why the real problem is not Mythos itself, but the fact most organisations are still defending at human speedFor the last two weeks, the cyber industry has behaved like someone who just watched three…
Becoming real time travellers, to mitigate AI risk
Reflections of a Concerned PractitionerAs a kid I was a big fan of the famous TV series The Time Tunnel with the notorious couple Dr. Doug Phillips (played by Robert Colbert) and Dr. Tony…
The Hidden Cost of Browser Blindness: Data Loss, AI Leakage, and Compliance Drift
Every organization is racing to modernize—deploying SaaS, adopting AI copilots, and pushing more work into the browser than ever before. But there’s a quiet, compounding risk sitting underneath all of it.
Shadow AI, Shadow SaaS, and the Rise of Invisible Risk
Most organizations think they have a handle on their technology footprint. They inventory SaaS, publish policies, and assume employees will follow them. But the last two years have made one thing clear: the real risk isn’t coming from the systems you know about. It comes from the ones you don’t. We spend time, energy and effort ensuring that all corporate application on premise and in the cloud are secure and that we are compliant. This requires both diligence and budget planning. It also assumes that there is conscious awareness of both the risk and the reward. Shadow SaaS, and shadow AI assumes that none of this rigor is being applied. Shadow AI and SaaS are no longer fringe behaviors. They’re the new normal. And they’re creating a layer of invisible risk that traditional governance models can’t see, measure, or control.
Govern What AI Actually Does: Cyber Scale’s AI Security Lifecycle Operating Model
AI is behaving in real time. Governance needs to operate in real time too. Across industries, teams are embedding models into workflows faster than control frameworks can adapt. The result is fragmentation — disconnected ownership, inconsistent controls, and limited visibility into runtime behavior. That’s the gap Cyber Scale’s AI operating model was built to close.
Frameworks Describe AI Risk. Operating Models Contain It
Let’s be honest: the last thing security leaders need right now is another framework. Every few months, a new AI risk taxonomy appears — a checklist, a maturity model, a set of principles that promise clarity. But frameworks don’t operate; they describe. They tell you what to think about, not how to run it. And that’s the real gap.
Why a CISO Community Matters More Than Ever
Experience, Integrity, and Trust as the New Leadership Imperatives CISOs operate in one of the most complex executive roles in the modern enterprise. They are accountable for protecting reputation, resilience, and customer trust — yet they often do so without a true peer group inside their own organizations. This isolation isn’t just uncomfortable; it’s operationally dangerous. A fragmented security landscape, accelerating AI driven threats, and rising regulatory expectations demand something CISOs rarely have: a trusted space to learn from one another.