by Gary Zimmerman | Jun 8, 2026 | AI, Cybersecurity, Governance
Here is the problem with banning shadow AI: the people most likely to ignore the ban are your most senior decision-makers. According to TrustedTech’s Shadow AI in the Workplace report, published in May 2026, 65% of decision-makers use unapproved AI tools — compared...
by Gary Zimmerman | Apr 10, 2026 | Cybersecurity, Governance, Identity
Most M&A teams move fast on financial, legal, and operational due diligence—but overlook one of the biggest post-close failure points: identity. When you buy a company, you are also acquiring every account, role, entitlement, and backdoor they have in place. Yet...
by Gary Zimmerman | Apr 3, 2026 | Cybersecurity, Governance
Two CISOs. Same security program. Same budget. Same risk posture. One walks out of the board meeting with full investment approval and a standing agenda slot. The other spends 45 minutes defending patch completion rates to a CFO who wanted to talk about AI risk. The...
by Gary Zimmerman | Mar 20, 2026 | AI, Cybersecurity, Governance
LLM red teaming, GenAI governance, EU AI Act timelines, and the AppSec integration most programs are missing. This week’s newsletter covers the AI security operational layer most programs haven’t built yet: how to test the LLMs already operating, how to govern GenAI...
by Doug Simmons | Mar 13, 2026 | Governance, Identity
When boards and CISOs talk about “modernizing identity,” the conversation too often stops at the tooling layer — a refresh of single sign‑on, an IGA upgrade, some PAM rationalization, maybe a Zero Trust pilot. The result? A highly instrumented stack that still behaves...
by Kevin Kampman | Feb 27, 2026 | AI, Cybersecurity, Governance
AI isn’t just a tool—it’s an accelerant for human ingenuity. But as CISOs and IT leaders, we’ve been conditioned to see technology adoption through an IT-centric lens: control first, innovation second. AI governance flips that script. It’s governance foremost—rooted...
by Gary Zimmerman | Feb 20, 2026 | AI, Cybersecurity, Governance, Identity
Credential stuffing used to be a volume game. Spray billions of stolen username-password pairs at login pages, get a 0.1% hit rate, move on. In 2026, it’s surgical. And your board is going to ask you about it. Here’s what changed: AI-powered attackers aren’t just...
by Gary Zimmerman | Feb 13, 2026 | AI, Cybersecurity, Governance, Identity
You wouldn’t hire an employee without vetting them, tracking their access, or having a termination plan. So why are you treating AI agents differently? By now you’ve probably seen all the buzz about Openclaw (or Clawbot, or Moltbook)… For enterprises, the headline is...
by Gary Zimmerman | Feb 6, 2026 | Governance, Identity
Six months ago, Gartner quietly published a new IAM category: IVIP – Identity Visibility & Intelligence Platform. They predicted it would be the fastest‑growing IAM segment of 2026. My reaction was simple: This is the missing piece. This is why enterprises get...
by Gary Zimmerman | Jan 30, 2026 | Cybersecurity, Governance, Identity
As security leaders, we often find ourselves trapped in a translation gap. We talk about “policy decision points,” “ephemeral credentials,” and “microsegmentation.” Our CEOs and Boards talk about strategy execution, capital efficiency, and talent retention. The...
Recent Comments