Field notes

Securing the agentic enterprise, one defensible framework at a time.

Opinionated, practitioner-led writing for CISOs, CIOs, AI leaders, board members, and security architects.

Read sample article Get resources

Anchor

Start with the flagship framework.

Pillar 1

The New Perimeter: A Framework for Securing AI in the Enterprise

The definitional page for the brand, the seven-surface diagram, the book, and the assessment offer.

Read →

Topical authority map

Eight pillars, one point of view.

Each pillar earns search authority while reinforcing the same mental model: AI security is agent perimeter management.

The New Perimeter

Framework, attack surface mapping, Zero Trust to Agent Trust, and CISO first 90 days.

Enterprise AI Agent Security

MCP, agent actions, multi-agent risk, browser agents, and runtime isolation.

Prompt Injection

Direct and indirect injection, RAG security, testing methods, and OWASP LLM translation.

Governance, Risk & Compliance

NIST AI RMF, ISO 42001, vendor risk, NYDFS, acceptable use, and incident response.

AI Red Teaming

Enterprise methodology, model extraction, continuous testing, internal capability, and reports.

Non-Human Identity

Agent identities, OAuth scopes, service accounts, NHI audits, and privilege crisis.

Industry Deep Dives

Financial services, healthcare, SaaS, and sector-specific regulatory risk.

Transformation × Security

AI-native enterprise adoption, CIO-CISO partnership, maturity models, and safe scale.

Newsletter

Weekly field note

One sharp take, one useful framework, and one practical action for security leaders.

First 12 pieces

The launch content queue.

Week 1

The New Perimeter: A Framework for Securing AI in the Enterprise

Anchor pillar / AI security framework.

Anchor Week 2

Why the Network Perimeter Is Obsolete in the Age of AI Agents

POV manifesto / AI agent security.

Quick win Week 3

Enterprise AI Agent Security: The Complete Guide

Big bet pillar / enterprise AI agent security.

Pillar Week 4

The 7 Surfaces of AI Risk Every Enterprise Must Defend

Shareable cluster / AI attack surface.

Quick win Week 5

MCP Security: What Your MCP Servers Are Exposing

Technical cluster / MCP security.

Quick win Week 6

Prompt Injection Attacks: An Enterprise Defense Guide

Big bet pillar / prompt injection defense.

Pillar

Newsletter

Get the field note security teams forward to leadership.

Weekly writing on agent security, AI governance, prompt injection, red teaming, non-human identity, and enterprise transformation risk.

Join the list