Quote for the day:
“If you think compliance is expensive, try non‑compliance.” -- Paul McNulty
🎧 Listen to this digest on YouTube Music
▶ Play Audio DigestDuration: 24 mins • Perfect for listening on the go.
Segmentation Works for OT If Operators Are Paying Attention
Network segmentation remains a foundational strategy for securing operational
technology, but its ultimate effectiveness relies heavily on active and
continuous human oversight. Many organizations mistakenly view network
segmentation as a static, one-time project designed during a workshop, rather
than as an ongoing operational practice that evolves over time. This fixed
mindset creates dangerous security gaps, as real-world industrial environments
change quickly while network diagrams remain completely outdated. Furthermore,
the practical execution of traditional segmentation and newer microsegmentation
models faces severe real-world hurdles. Traditional firewalls are frequently
undermined by user convenience workarounds, such as technicians introducing
unmanaged, internet-connected personal laptops onto the factory floor, or by
unpatched vulnerabilities within the firewalls themselves. Meanwhile,
microsegmentation is regularly impossible to implement because older legacy
infrastructure cannot accommodate security software agents or survive the
disruptive downtime required for vital updates. Compounding the issue, companies
often overuse segmentation by dumping too many diverse industrial systems into a
single isolated zone, meaning one compromised machine can expose the entire
segment. To fix these systemic flaws, security experts recommend adopting
enforceable policies that continuously verify user access. Operators must look
past static blueprints, regularly auditing endpoint logs and identifying
unrecognizable addresses to catch unauthorized connections before clever
attackers can exploit them.In Conversation with Simon Stone and Simon Barrows: Adventures in Architecture as Code
As organizations grow in scale and speed, traditional architecture diagrams often become outdated, subjective, and disconnected from actual operations. A recent interview with Simon Stone and Simon Barrows explores the transition from relying on these static diagrams to adopting Architecture as Code, a method that treats architectural knowledge as living, version-controlled data. This shift is increasingly practical today because modern artificial intelligence can efficiently gather and organize data from various scattered sources. By keeping architecture as structured data, teams can automatically generate up-to-date diagrams on demand, test for consistency, and cleanly link business strategies directly to technology investments. This approach changes the architect's role from drawing static pictures to managing data quality, working more like a software engineer. Instead of constantly updating documents, architects can rely on automated tests for routine checks and focus their time on complex decisions. However, converting old, fragmented documents into a single, reliable dataset remains a significant challenge. To succeed, the speakers advise starting small. Rather than attempting a massive overhaul all at once, organizations should identify a specific, high-value problem to solve first. By focusing on a clear initial use case, companies can build a solid foundation and gradually expand their structured architecture, ultimately creating a more transparent, efficient, and well-aligned technical environment.10 Indispensable Prompts Our Team Refuses to Build Without
The recent Google Cloud blog post highlights a collection of practical prompts
that their engineering teams rely on to build better software. Rather than using
AI just to write code faster, these developers use specific prompts to challenge
their own assumptions and catch mistakes early. The shared prompts cover a wide
range of everyday programming tasks. For example, some developers ask the AI to
act as a strict architect to help refine product requirements without making the
design too complex. Others use it to run thorough code reviews, instructing the
tool to grade their work on a harsh scale to ensure systems are truly reliable.
There are also prompts designed to build testing plans, clean up unused code and
forgotten comments, check software permissions for compliance, and weigh the
pros and cons of different technical choices. Additionally, the team uses
prompts to automatically review code changes and identify potential flaws in
code that was generated by AI itself. Ultimately, the article suggests that
treating AI as a critical partner rather than a simple code generator helps
developers release software with greater confidence. By routinely asking hard
questions and checking for hidden weaknesses, engineering teams can improve the
overall quality of their work and avoid unexpected failures.
AI Governance in Enterprise Adoption: Why Trust Will Define the Next Wave of Innovation
Artificial intelligence is steadily moving from isolated experiments into the daily operations of the financial services sector. As companies integrate these systems into everything from fraud detection to customer service, the primary challenge is no longer about the technology itself, but rather about building institutional trust. With the arrival of more autonomous systems, financial organizations must handle complex new risks that go beyond simple technical errors. These risks involve broad operational dependencies, data security, and the complications of unapproved tool usage by employees. Because of this, companies are shifting away from unrestricted public tools and moving toward carefully governed internal environments. Setting clear rules and maintaining structured oversight should not be viewed as an obstacle to progress. Instead, sensible governance provides the necessary foundation for organizations to innovate safely and reliably. By establishing clear boundaries and maintaining accountability, businesses give their teams the confidence to adopt new capabilities while assuring regulators and customers that their data remains secure. Ultimately, the companies that succeed in this new landscape will not necessarily be the fastest to implement the latest tools. They will be the ones that recognize safe, transparent, and continuous oversight as a strategic advantage, proving that responsible management is a fundamental requirement for sustainable growth in modern finance.Rethinking MDR as Attackers and Defenders Embrace AI
Traditional managed detection and response models are struggling to keep pace
with modern cybersecurity threats. Historically, these services relied on human
analysts to monitor networks and investigate potential issues. However, as
attackers increasingly use advanced automation to launch faster and more complex
campaigns, human-led teams simply cannot process the massive volume of alerts
generated daily. Because of this, analysts are forced to prioritize severe
warnings, leaving roughly sixty percent of alerts unreviewed. Unfortunately,
attackers know this and deliberately hide their activity within these
overlooked, low-severity notifications. Furthermore, the quality of human
investigation can vary depending on shift times and workload, leading to
inconsistent security outcomes. To address these vulnerabilities, organizations
are moving toward automated systems. In this new approach, computers
automatically investigate every single alert, regardless of its initial severity
rating or the time of day. Instead of acting as a simple filter, the system
conducts a deep, technical analysis of all warnings in seconds, providing a
consistent and thorough review. This allows human security teams to shift their
focus from manual discovery to making informed decisions based on the system's
verified findings. Ultimately, adopting this automated approach ensures complete
alert coverage, eliminates blind spots, and provides organizations with full
ownership of their own network data.
The Intelligent Factory: Navin Nathani on How Manufacturing’s Next Competitive Edge Is Being Built on Data, Resilience, and Industrial AI
In modern manufacturing, competitive advantage no longer relies solely on
scale and cost, but on the speed and quality of broad company decisions. Navin
Nathani emphasizes that navigating current disruptions requires connected
operations rather than delayed reporting. To achieve this, technology is
shifting from a supportive background function to the core operating system of
the business. Organizations are focusing on practical technology updates, such
as modernizing resource planning software and moving information storage to
the internet. These practical upgrades establish stability and build trust
among employees, making them more open to further changes. As office networks
and factory machinery converge, manufacturing plants become more connected,
which necessitates a stronger focus on security to protect production from
emerging online threats. Furthermore, the industry is gradually adopting
artificial intelligence for specific applications like anticipating equipment
repairs and better supply planning. Rather than serving as a replacement for
human workers, this technology acts as a useful assistant that helps identify
patterns and prevent equipment failures before they occur. However, successful
implementation relies heavily on maintaining disciplined processes and
accurate data. Ultimately, the future of manufacturing lies in using connected
information to shift from reacting to problems to preventing them, ensuring
that daily operations remain stable in an unpredictable environment.
Knowing When To Let Go Is A Leadership Skill
In her article, Kendra MacDonald explains that true leadership requires
knowing when to persevere and when to simply let go. Drawing from her personal
experiences with family planning, she notes that while society often
celebrates grit and determination, effective leaders must also exercise clear
judgment. They need to recognize whether their ongoing efforts are actually
helpful or just delaying an inevitable outcome. MacDonald highlights that some
situations and relationships cannot be repaired, and forcing people to agree
is not always the answer. Instead, she advises leaders to accept differences
as realities rather than problems to solve. When setbacks occur, it is
essential to learn from them without taking the failure personally or letting
emotions cloud objective facts. Furthermore, she stresses the importance of
facing difficult conversations directly, as avoiding them only prolongs
frustration for everyone involved. Honest communication, even when
disappointing, is far more useful than giving false hope. Most importantly,
MacDonald points out that holding onto the wrong opportunity or strategy
drains team energy. By walking away from poorly fitting client relationships
or unworkable strategies, leaders create space for fresh ideas and better
matches. Ultimately, stepping back from a failing path is not a lack of
resilience; rather, it is often the clearest demonstration of confident
leadership.The Real Cost of Unclear Technology Ownership
Unclear technology ownership is a direct threat to a company's operational stability and financial health. When no single person is accountable for a specific technology, organizations suffer from chronic delays, wasted spending, and repeated audit failures. Teams might look busy with meetings and project updates, but without a clear decision maker, this activity often hides a lack of actual progress. The costs show up as hidden labor, duplicated efforts, and lingering security vulnerabilities. This lack of ownership usually breaks down in critical areas like access management, data reporting, and vendor relationships. When systems fail or security incidents occur, fragmented responsibility means no one knows who should act first. As a result, small problems quickly escalate into costly crises. Furthermore, when executives and board members receive vague answers or see the same issues repeatedly, they quickly lose trust in the team's ability to manage risk. To fix this, companies do not need massive new programs. Instead, they must assign one accountable executive to each major risk area and give them the real authority to make decisions and control budgets. Organizations should establish a clear path for reporting bad news and ensure that board updates focus on actionable decisions rather than just listing activities. Clear ownership replaces confusion with stable, reliable progress.AI Is Here to Stay. The Real Challenge Is Operating It Securely
Artificial intelligence is now a standard tool for writing software, with
AI-generated code already running in major projects like OpenStack. However,
its rapid adoption introduces significant operational and security challenges.
Because AI produces code so quickly, human reviewers struggle to keep up,
making it harder to ensure software remains secure and maintainable. Even more
concerning is the rise of autonomous AI agents. Organizations often grant
these agents broad permissions to access production environments, ignoring
decades of security practices like the principle of least privilege. While AI
capabilities advance rapidly, security features like containment and auditing
lag behind. To operate AI securely, teams must apply proven engineering
practices. First, organizations should use automated gating systems like Zuul.
By testing how new code interacts with dependencies before it merges, gating
prevents errors from reaching production. This acts as a vital check against
the high volume of AI-written code. Second, teams should use strong hardware
isolation, such as Kata Containers, to protect sensitive information. Standard
containers share a core operating system, posing security risks in shared
environments. Kata provides lightweight virtual machine isolation, ensuring
data processed by an agent remains secure. Ultimately, enforcing strict access
limits, adopting automated quality checks, and maintaining reliable backups
are essential steps for operating AI safely.
/filters:no_upscale()/articles/architects-ai-era/en/resources/128figure-2-1765966955803.jpg)
