Field Notes

Insights
from the work.

Practitioner essays on the architectural choices that determine whether enterprise cloud and AI estates are genuinely defensible — or just well-documented.

Written from inside the work, not from the sidelines.

01 Published

Recent essays.

May 2026

Cloud Security Architecture Anti-Patterns

Seven architectural mistakes we keep finding inside enterprise cloud estates — and why they accumulate even in organisations with significant security investment. The patterns are not exotic. None requires sophisticated attacker capability to exploit. All are fundamentally architecture problems, not tooling problems.

Cloud Security Architecture 12 min

→

→ On the way

What's coming next.

The pieces in active draft, in roughly the order they'll publish. If a topic is urgent for your situation, the scoping call is a faster route than waiting for the article.

The AI agent identity problem: trust boundaries when models act on your behalf
RAG poisoning in regulated environments: practical isolation patterns
Kubernetes security for AI workloads: what changes when GPUs and models enter
The EU AI Act for security architects: what the obligations actually require

Insightsfrom the work.

Recent essays.

Cloud Security Architecture Anti-Patterns

What's coming next.

Insights
from the work.