This is my ontology. 991 entities — threat actors, malware families, CVEs, relationships between them. Built over months, updated this morning with 14 new nodes from a single day's threat intel.
That's context engineering. The terminology has moved on from prompt engineering, but policy cycles haven't caught up.
The CISO who bans AI doesn't stop AI use. They stop visible AI use. Shadow AI is the direct result of prohibition, not permission.
Govern it. Don't wall it off.
The Pentagon declared Anthropic a supply chain risk.
Not for a breach. Not for a foreign ownership issue. Because Anthropic refused to remove safety guardrails from Claude.
The DoD wanted autonomous weapons decisions and mass surveillance capability. Anthropic said no. Hegseth invoked supply chain risk designation -- a tool previously reserved for Huawei.
For CISOs: your AI vendor's safety commitments are now subject to government compulsion. That belongs in your TPRM framework.
OpenAI signed a deal the same night. Their safety carve-outs are contractual, not technical. Harder to audit. Worth knowing.
Ransomware payments at 28% of attacks in 2026, per Chainalysis. Record low, attack volume still rising. Operators moved to exfiltration extortion. No encryption, no decryption key, no clear recovery path.
This week: NK actors used AI-generated fake developer job interviews to deliver in-memory malware with no disk artefacts. And Google/Mandiant closed a decade-long Chinese APT campaign that used Google Sheets as C2. Legitimate SaaS, trusted by default, for ten years.
Marquis v. SonicWall heads to trial. Seventy-four US banks, one breach pathway, one vendor in the dock. Vendor liability is becoming case law.
Will Guardian Agents replace incumbent security tools? Wrong question.
Security behaviours don't come from a monitoring layer bolted on top. They emerge from how the agent is built.
The CISO question shouldn't be "which Guardian Agent do I buy?" It should be: does this agent have security properties intrinsic to how it's built, or does it need external supervision to behave?
Those are different problems.
Another digital tsunami, this new-fangled thing called progress, the lesson for today, keeping all bases covered, the party's over, and the same but different.
The choreography doesn't always tell the story, when trust becomes a question mark, a dubious crown, a new use for a resurrected tool, not the Bond villain but close, and the red alerts we will all like.
