by Gary Zimmerman | Apr 20, 2026 | Uncategorized
If you missed last week’s AI governance session (or want to revisit it), this edition gives you a concise but complete written walkthrough of the core framework we used. Watch the Replay The full session replay is available on demand. Share it with colleagues who are...
by Gary Zimmerman | Apr 10, 2026 | Cybersecurity, Governance, Identity
Most M&A teams move fast on financial, legal, and operational due diligence—but overlook one of the biggest post-close failure points: identity. When you buy a company, you are also acquiring every account, role, entitlement, and backdoor they have in place. Yet...
by Gary Zimmerman | Apr 3, 2026 | Cybersecurity, Identity
Over the last few years, most organizations have made heavy investments in identity: single sign‑on, MFA, privileged access management, and cloud directory modernization. Yet many of the most damaging breaches still begin with something simple: an attacker using valid...
by Gary Zimmerman | Apr 3, 2026 | Cybersecurity, Governance
Two CISOs. Same security program. Same budget. Same risk posture. One walks out of the board meeting with full investment approval and a standing agenda slot. The other spends 45 minutes defending patch completion rates to a CFO who wanted to talk about AI risk. The...
by Gary Zimmerman | Mar 20, 2026 | AI, Cybersecurity, Governance
LLM red teaming, GenAI governance, EU AI Act timelines, and the AppSec integration most programs are missing. This week’s newsletter covers the AI security operational layer most programs haven’t built yet: how to test the LLMs already operating, how to govern GenAI...
by Gary Zimmerman | Feb 27, 2026 | AI, Cybersecurity
The enterprises that safely scale AI into their core operations will win the next decade. The ones that don’t govern the basics—like model drift—will watch AI silently reverse course, turning their greatest advantage into their biggest vulnerability. In 2026, AI...
by Gary Zimmerman | Feb 20, 2026 | AI, Cybersecurity, Governance, Identity
Credential stuffing used to be a volume game. Spray billions of stolen username-password pairs at login pages, get a 0.1% hit rate, move on. In 2026, it’s surgical. And your board is going to ask you about it. Here’s what changed: AI-powered attackers aren’t just...
by Gary Zimmerman | Feb 13, 2026 | AI, Cybersecurity, Governance, Identity
You wouldn’t hire an employee without vetting them, tracking their access, or having a termination plan. So why are you treating AI agents differently? By now you’ve probably seen all the buzz about Openclaw (or Clawbot, or Moltbook)… For enterprises, the headline is...
by Gary Zimmerman | Feb 6, 2026 | Governance, Identity
Six months ago, Gartner quietly published a new IAM category: IVIP – Identity Visibility & Intelligence Platform. They predicted it would be the fastest‑growing IAM segment of 2026. My reaction was simple: This is the missing piece. This is why enterprises get...
by Gary Zimmerman | Jan 30, 2026 | Cybersecurity, Governance, Identity
As security leaders, we often find ourselves trapped in a translation gap. We talk about “policy decision points,” “ephemeral credentials,” and “microsegmentation.” Our CEOs and Boards talk about strategy execution, capital efficiency, and talent retention. The...
Recent Comments