Long-form notes from AI security review.
What AI Committees ask for, what regulators read, and what is missing from most threat models. Written for security architects, AI governance leads, and DPOs.
New posts in your inbox,
when they publish.
Threat modeling, governance evidence, and what AI Committees actually need — written for security architects and AI governance leads. No cadence promises.
Roles and responsibilities under ISO 42001
ISO 42001 requires documented roles and responsibilities for AI management. This piece defines the roles the standard expects, how they map to typical organisational structures, and what each role must be able to demonstrate.
MCP security vs traditional API security — what changes
MCP looks like a REST API to an infrastructure team. The security model is different: the client is a non-deterministic reasoning engine, the attack surface includes the tool descriptions, and the trust boundary is at the model, not the user.
Running RAG over regulated data — the review checklist
RAG over GDPR-regulated, HIPAA-regulated, or financial data requires controls at the data layer, the retrieval layer, and the output layer. This checklist maps the requirements by data class and the evidence an AI security review must produce.
The EU AI Act timeline and what to prepare first
The EU AI Act applies in phases. Different provisions came into effect at different dates, and the obligations for high-risk systems differ from those for GPAI. This piece maps the timeline and the preparation steps that deliver the most value first.
The OWASP Agentic Top 10, explained for security reviewers
The OWASP Agentic Top 10 identifies the ten highest-risk threat categories for agentic AI systems. This walkthrough explains each one in terms a security reviewer can act on, with the controls and evidence requirements for each.
System prompt leakage and why it matters for security
System prompts encode assumptions, scoping rules, persona instructions, and sometimes credentials. When they leak, they expose the system's trust model. This piece explains why this matters more than most teams believe.
The AI bill of materials (AI-BOM) for security review
An AI bill of materials documents the components of an AI system: base models, fine-tuning datasets, inference infrastructure, plugins, and dependencies. It is the foundation of a security review and a requirement under several emerging governance frameworks.
A lightweight AI security review for fast-moving teams
Large-enterprise review processes do not scale to a 10-person team shipping an AI feature next sprint. This piece defines the minimum-viable AI security review: three questions, three artefacts, one decision record.
What makes an AI decision record defensible
A defensible AI decision record is one that a regulator, auditor, or procurement officer can read — without access to the people who made the decision — and understand what was decided, why, and what commitments were made. This piece defines the standard.
Reviewing how an AI vendor handles your data
What happens to the data you send to an AI vendor? Is it used for training? Who can access it? Where is it stored? These questions are not always answered in the DPA. This piece defines the data-handling review for AI vendors.
NIST AI RMF vs ISO 42001 — choosing a governance backbone
The NIST AI RMF and ISO 42001 are the two most widely adopted AI governance frameworks. This piece compares them across five dimensions — structure, audience, certification, integration, and evidence — to help organisations choose a starting point.
Securing an internal MCP server exposed to agents
Internal MCP servers — built to expose internal tools, databases, or APIs to agents — have different security requirements than public MCP servers. This piece defines the review checklist for an internally-hosted MCP server.
Free resources
Practical templates for every framework covered here.
AI Security Review Template
Full review pack with threat model, controls, and evidence grading.
OWASP Agentic Top 10 Controls
Each risk mapped to required controls and lifecycle gates.
AI Risk Disposition Memo
Clearance decision template with rationale and sign-off log.
AI Go-Live Security Checklist
Production gate checklist for security architects and CISOs.