Over the past year and a half, every company and client I’ve worked with has been trying to become more AI-native.
CEOs, security leaders, engineers, and business users are all asking the same questions:
- How do we safely use AI across the business?
- How do we govern AI-assisted software development?
- How do we defend against AI-powered threats?
To answer those questions well, I had to become more AI-native myself. Not just by reading about AI, but by using it, testing it, studying the risks, and watching how quickly the threat landscape is changing.
The early 2026 Anthropic Mythos / Project Glasswing announcements made the urgency even clearer. This is no longer just about productivity. It is about data loss, software supply chain risk, vulnerability discovery, exploit speed, and remediation capacity.
I pulled together what I’ve been learning into a new public field guide:
Securing the Enterprise in the Age of Frontier AI
It is written for CISOs and security leaders who need practical guidance on three questions:
1. How do we prevent data loss to AI tools?
2. How do we secure AI-assisted software development?
3. How do we defend against AI-powered cyber threats?
Open the guide, scan the 90-day action plan, and use it to pressure-test your AI security program.
Feedback welcome.