Analysis on enterprise AI governance, inline policy enforcement, agentic AI security, and regulatory compliance.
IBM Cost of Data Breach data shows that organizations breached through unsanctioned AI tools pay an average of $670,000 more per incident than the cross-industry baseline, take 247 days to detect, and lose customer PII in 65% of cases.
Read post →Article 12 of the EU AI Act mandates that high-risk AI systems automatically record events over the system lifetime. The logs must reconstruct what happened, who initiated it, and what data was involved. Penalties reach 15M EUR. Most AI deployments produce zero compliant records today.
Read post →On May 8, 2026, GitGuardian classified 28,000 passwords on public GitHub as LLM-generated. The mechanism is per-model Markov chain analysis applied to a dataset of 34 million credentials observed between November 2025 and March 2026. Detection at the leak point is the start of the forensic chain. Attribution comes next: which authenticated user issued the prompt, which model returned it, under what role. Those answers come from AI traffic logs that captured identity at the call boundary. This post covers what that capture looks like in practice.
On April 30, 2026, six national cybersecurity agencies published Careful Adoption of Agentic AI Services. It defines five risk categories for agentic AI: privilege, design and configuration, behavioral, structural, and accountability. Three of those (privilege, behavioral, accountability) are enforceable at the agent-to-LLM traffic boundary. The other two belong to deployment architecture. This post maps the three operational categories to the runtime control patterns that satisfy them.
UK AISI put agent task-completion duration on a two-month doubling curve. Quarterly audit cadences fall behind almost immediately. The gap looks like an audit calendar problem, but the mechanism underneath is a missing system of record for AI decisions, written synchronously at decision time, identity-bound, and signed inline.
Zero-trust AI enforcement applies the "never trust, always verify" principle to AI traffic. Every LLM request is authorized per authenticated identity, inspected against policy on the request side before forwarding, and recorded in a tamper-evident audit ledger as part of the same request lifecycle. The model receives only prompts that have already cleared policy.
A defensible AI audit trail is a per-request record of identity, input, policy decision, mutation, output, and policy version, committed to append-only storage with a per-record cryptographic signature that lets any single record be verified independently. It survives FRE 901 authentication, HHS OCR requests, and EU AI Act Article 12 scrutiny. Most AI deployments produce logs. Few produce evidence.
HIPAA Technical Safeguards under 45 CFR 164.312 apply to AI systems the moment PHI enters a prompt. The Security Rule requires audit controls, transmission security, and access control on your side of the API. A Business Associate Agreement with an LLM vendor governs the vendor only. Your obligations remain.
The EU AI Act obligations for high-risk AI systems apply from August 2, 2026. Article 9 requires a documented risk management system. Article 12 requires automatic record-keeping. Article 13 requires transparency to deployers. Article 14 requires human oversight. Enterprises deploying high-risk AI systems need enforcement and audit infrastructure in place before that date.
Mandiant M-Trends 2026 reports that attack handoff time collapsed from 8 hours to 22 seconds. At that tempo, log-and-alert on AI traffic is structurally incapable of preventing damage. If your AI enforcement operates on a review cycle measured in minutes, the breach is complete before the first alert fires. AI traffic enforcement must be inline and synchronous.
On April 8, Fannie Mae issued Lender Letter LL-2026-04, a governance framework for AI and ML in mortgage origination and servicing. It takes effect August 8. Freddie Mac already enforces similar requirements since March 3. Both GSEs now require approved seller/servicers to operate an auditable AI governance program. Most lenders have no infrastructure to comply.
IBM's Cost of Data Breach Report studied 600 breached organizations and found that one in five experienced breaches linked to shadow AI. Those breaches cost $670,000 more on average. Customer PII exposure jumped to 65%, compared to 53% across all breaches. Intellectual property carried the highest cost per record.