One year after ChatGPT's launch, the enterprise AI landscape has changed dramatically in some dimensions and barely at all in others. The honest assessment that boards need is not the one most technology leaders are giving them.
Shift-Left in 2023: Why the Conversation Has Moved to the Board but the Practice Hasn’t Moved to the Team
Board-level security conversations now routinely include shift-left security. The operational reality is that security practice has moved marginally left in most enterprises without the process and cultural change that genuine shift-left requires.
NIS2 Strategic Series (1/5): Why NIS2 Is Not a Compliance Exercise — It Is a Security Strategy Decision
Most enterprise NIS2 programmes are being run by legal and compliance teams, not by security and technology leaders. That framing is wrong, and it will produce compliance documentation rather than improved security posture.
End-to-End Observability for Cloud-Native Applications: The Business Case Beyond Engineering
Observability investments are typically justified on engineering grounds. The more compelling business case connects end-to-end observability to revenue, customer satisfaction, and regulatory compliance in ways that dwarf the engineering productivity benefits.
NIS2 Preparation: The 12-Month Programme European Enterprises Should Have Already Started
With the October 2024 national transposition deadline approaching, European enterprises in NIS2 scope that haven't started their compliance programmes are already behind schedule. This is the 12-month programme that addresses the real requirements.
Data Security Posture Management: The Control Nobody Had Until AI Made It Non-Negotiable
Data Security Posture Management existed as a niche security practice before AI changed the data risk landscape. AI workloads that ingest and process sensitive data at scale have made DSPM a mainstream security requirement.
Developer Experience Is a Business Outcome — Why Platform Teams Need Executive Sponsorship to Succeed
Developer experience has a measurable business impact. Platform teams consistently underinvest in measuring it and fail to communicate its value to executives who fund them. This is the business case framework that changes both.
Platform Engineering in 2023: From CNCF Whitepaper to Enterprise Delivery Model
Platform engineering is transitioning from a concept that leading-edge organisations explore to a delivery model that mainstream enterprises are actively implementing. The gap between the whitepaper and the enterprise reality is worth understanding clearly.
Securing AI Workloads: The Architecture and Process Gaps Most Organisations Are Not Accounting For
The security architecture requirements for AI workloads differ materially from conventional application security in ways that most enterprise security programmes have not yet addressed. This is the gap assessment framework.
AI in the Enterprise: The Governance Conversation Boards Are Not Prepared to Have
Enterprise boards are being asked to govern AI strategies and AI risk for technologies that most board members have limited experience evaluating. The governance conversation that needs to happen is not happening with the rigour the risk exposure demands.
