The Shift Left Doctrine in 2026
What the Data Shows, and Who Pays the Cost In the late 2010s, the cybersecurity industry adopted a slogan: "shift left". The idea, in its original formulation, was reasonable. Catch security problems…
The Climate Fashion Week
Notes on COP30 Belém, the Belém Package, and the Genre's Signature Move In November 2025, one hundred and ninety-five Parties met in Belém, Brazil, for the thirtieth Conference of the Parties to…
Why $94 Billion in Corporate Wellness Spending Coincides With Record Burnout
A Note on the Tobacco-Yoga Industrial Complex In 2026, the global corporate wellness industry will pass $94 billion. Eighty-five percent of large U.S. employers offer a wellness program of some kind. In…
What Is a Policy
A Definition Updated for the AI Compliance Era Allow me to attempt a definition of a thing I have observed for two decades, across hundreds of corporate environments, and which has just…
Madame Colbac and the Russian Hat
A Note on Linguistic Confusion, Threat Attribution, and the Continental European Boardroom Some years ago, a senior executive at a European bank briefed her board on a cyber threat the company was…
The Post-Incident Communication as Liturgy
A Taxonomy of the Standardized Vocabulary of 2026 Breach Disclosures : There is a genre of corporate communication that, after twenty years of observation, has stopped pretending to be communication and has…
The Four-Month Cyber Resilience Act Countdown
Less than four months separate today from the moment when Article 14 of the EU Cyber Resilience Act becomes binding. On September 11, 2026, manufacturers of products with digital elements placed on…
Agentic, Self-Healing, and Other Press-Release Animals
Somewhere in the corridors of #RSAC2026, there exists a creature called the "AI-native, #ZeroTrust enabled, agentic, self-healing, autonomous security operations platform with continuous compliance posture management". It lives in press releases. It…
A Train to Anywhere
Notes from a Detached Observer of Senior Cybersecurity Governance - There is a fantasy that travels with me at the end of every working week. It is not, despite what the literature…
How Pfizer Allegedly Caused My ZTL Fine
A Crash Course in Pharmacovigilance for Weekend Alarmists : Yes, I know. You were scrolling, and someone posted that "Hantavirus is listed on page 33 of Pfizer's 38-page document, one of 1,233…