Secure by Default
An expansion on secure by design
Risk doesn't begin at the platform.
It begins with people.
How they use their environment, how policies interact with process, how the whole structure of an organisation creates or closes gaps. Technology is only one layer of a system that includes human behaviour, organisational culture, and the spaces between policy and practice.
Recent Articles
How Ollama's Modelfile format turns a base model into a named specialist — and what that tells you about how language models actually work.
Read →Why a single API wasn't enough — and what the separation of evidence from inference reveals about designing AI platforms with clear boundaries.
Read →I've watched the threat landscape evolve for thirty years. AI is the most consequential shift I've seen — and I've been closer to it than most people realise.
Read →Where the Work Sits
Threat modelling, adversarial testing, governance frameworks and lifecycle security for AI and LLM systems.
OT and ICS security, IEC 62443, SCADA-adjacent environments, edge device security at scale.
Zero trust, SIEM architecture, PKI/X.509 identity, cloud security posture, governance and audit.