Executive Summary The National Institute of Standards and Technology (NIST) is actively exploring how identity, authentication, and authorization must evolve to support AI systems and autonomous agents. Recent federal direction and concept work point toward a future where non-human identities (NHIs), including AI agents, must be governed with the same rigor as human users. For enterprises, this represents a structural shift in how trust is established and enforced. Organizati

Every security model has a control plane. For decades, that control plane was the network. If you were inside, you were trusted. If you were outside, you were not. That boundary dissolved long before many organizations were ready to admit it. Cloud adoption, SaaS proliferation, distributed workforces, API-driven architectures - all of it shifted the axis of trust. The network became transport. Identity became the arbiter. In a Zero Trust model, identity is not a feature. It i

The future of cybersecurity will be shaped by how we integrate AI, not just how we defend against it. Recently, NIST released the Initial Public Review Draft of IR 8596: Cybersecurity Framework Profile for Artificial Intelligence . The document aims to extend the Cybersecurity Framework to address both the security of AI systems and the use of AI in cybersecurity operations. We reviewed the draft closely and submitted formal public comment. Here’s our take. What NIST Got Righ

A Framework for Thinking About Modern Security Zero Trust has become one of the most widely used and widely misunderstood concepts in cybersecurity. We see it manifest as a Product Category, VPN Replacement (the version I dislike most), and slogans like – “Never Trust, Always Verify”. Zero Trust isn’t a product, a feature, or a deployment model. It’s a structural shift in how organizations evaluate risk. Zero Trust reframes a single question at its code: On what basis do we d

The rise of generative AI has transformed the Internet into a new kind of economic and computational landscape - one where machines read, extract, and replicate information at scales never previously imagined. As models grow more capable, their appetite for data accelerates, and the burden of managing, regulating, and protecting content increasingly shifts to the infrastructure layer of the Internet. Cloudflare’s introduction of AI Scraping Protection arrived at a critical mo

The past few days have been a stark reminder of how fragile the digital world can be. First, the fallout from the Salesforce → Salesloft disruption rippled through companies big and small across the world. Then, a major outage at Amazon Web Services (AWS) brought parts of the internet to a standstill. And of course, many still remember the great Crowdstrike outage of 2024? These incidents exposed a deep structural vulnerability in today’s technology landscape: a handful of

In this video we bring together the insights from my earlier blog posts — “ The Zero Trust Framework ” and “ SASE or SSE — That Is the Question ”. First, we’ll revisit why legacy perimeter‑based models no longer cut it and how the five‑pillar Zero Trust framework shifts the enterprise security mindset. Then we’ll explore how modern architectures like SASE and SSE fit into that framework and why choosing the right path matters for your organization. Watch on to understand not

To be SASE, or to be SSE? That’s the architectural dilemma facing today’s CIOs and CISOs. In the rapidly shifting world of enterprise...

In the intro to this series, we defined Zero Trust as a framework that guides an organization’s strategic, operational, and technical...

SaaS platforms, including those that power CDN providers like Cloudflare, Akamai, and Fastly, will leverage AI to completely handle...

By 2030, AI systems will independently detect, investigate, and respond to threats in real time. Routine alert triage, correlation, and...

Quantum computing advancements will reach a point where they can break many of today’s widely used encryption algorithms. This will force...

Employees have embraced remote and hybrid work as essential for work-life balance and are increasingly willing to change jobs to maintain...

By 2030, the role of human coders in writing and debugging software will shrink dramatically. AI-powered development tools will handle...

If AI and robotics continue advancing at today’s exponential pace, we could reach a form of technological utopia by 2035. In this...

In today’s interconnected world, the traditional boundaries of network security have all but disappeared. Traditional castle-and-moat...