Full 30-minute episode — fully sourced, no hype:
https://youtu.be/HkxP9uE0Tgs?si=VArGlROmcB6UUnCx
Part 1 of 5. Subscribe on YouTube for Part 2 next week: The Metal Floor.
What's your risk paper calling this? I want to know. Reply 👇
Helen Thompson called it in Disorder: the Atlantic settlement was always contingent.
This fortnight delivered her thesis in operational form. The bargain hasn't strained. It's inverted.
I walk through what that means for boards, procurement, and capital markets.
France and the UK launched a joint naval mission to the Strait of Hormuz — outside the American framework.
First operational admission since 1945 that European strategic interests can no longer be safely delegated to Washington.
That communiqué is the one historians will reach for.
Gulf aluminium smelters offline — 3 million tonnes. Helium tankers caught in Hormuz — reserves at fabs measured in weeks. ASML given 150 days to match US export controls or lose access to American IP.
Three chokepoints in fourteen days. And then the fourth.
New episode of The Control Layer podcast.
Four supply chains failed in one fortnight — aluminium, helium, semiconductor equipment, and the transatlantic alliance. The headlines called it an oil shock. It's a sovereignty crisis.
30-minute analysis. Thread 🧵
40% of enterprise AI never reaches ROI.
Not a model problem — an architecture problem. Silos, broken processes, pilots that never ship.
5 signs your AI budget is leaking 👇
arkava.ai
Shopify's CISO: the #1 priority is phishing-resistant MFA everywhere.
Deepfake fraud up 2,137% in 3 years. 82% of phishing emails are now AI-generated. Traditional MFA gets bypassed daily.
Only cryptographic auth holds.
thecontrollayer.arkava.ai
#Cybersecurity #InfoSec #FIDO2 #AIThreats #CISO
Hormuz is not an energy story.
Four chokepoints failed in the same fortnight: aluminium, helium, semiconductor equipment, and the transatlantic alliance itself.
If your board paper says otherwise, the paper is wrong.
New series on European technology sovereignty:
Shopify's CISO on why they built UCP
"One common language for agents and retailers so that we are not dealing with every merchant and every AI agent builder needing to start from scratch."
They're calling it the USB of agentic commerce
Latest ep: thecontrollayer.arkava.ai/subscribe
q/ #AI #AgenticAI
UK and European critical infrastructure runs on the same software Mythos is hardening.
The question isn't whether Glasswing is a good idea. It is.
It's what it means for allied defenders.
Full episode on YouTube:
The 12 launch partners: AWS, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks.
Every single one is US-headquartered.
No NCSC. No ENISA. No non-US government body at the table.
In weeks of testing, Mythos found:
• A 27-year-old OpenBSD bug
• A 16-year-old FFmpeg flaw automated testing missed 5M times
• A chained Linux kernel exploit — autonomously — to root
CyberGym: 83.1% vs 66.6% for Opus 4.6. A step change.
New episode of The Control Layer podcast.
30 minutes on Project Glasswing — Anthropic's frontier cybersecurity model Claude Mythos Preview, the 12 American companies with exclusive access, and the sovereignty question the mainstream coverage is missing. 🧵
OpenAI halts Stargate UK indefinitely. No timetable to return.
You cannot build sovereign AI on someone else's roadmap.
Full analysis: thecontrollayer.arkava.ai
www.ft.com/content/1241...
#AIGovernance #SovereignAI #UKTech #Stargate #OpenAI
Anthropic built an AI model too good at finding software exploits to release publicly.
Then they gave exclusive access to 12 companies. Every one of them American.
That second part is the story almost no one is covering.
My analysis of Project Glasswing:
Shopify's CISO Andrew Dunbar on our podcast The Control Layer:
"We've seen a 15X increase year over year in agentic shopping."
When AI is already shopping for millions — who controls the agent?
Latest ep: thecontrollayer.arkava.ai/subscribe
q/ thecontrollayer #AI #AgenticAI #Shopify #AIAgents
Monday patch priorities: SQL Server (CVSS 8.8, sysadmin escalation), Chromium (8.8, actively exploited), Honeywell CCTV (9.8, unauthenticated takeover).
The word "yet" is doing overtime this week. Patch now.
TheControlLayer.arkava.ai
ShinyHunters breached 300–400 companies via Salesforce Experience Cloud — using a free browser tool to query misconfigured guest permissions.
No exploit needed. Just unlocked front doors.
Audit your permissions this week.
TheControlLayer.arkava.ai
Sandworm hit Poland's energy grid on the 10-year anniversary of their Ukraine attack. 30+ wind farms compromised.
DynoWiper deployed — pure destruction, not ransom.
NCSC warns UK operators: assume similar threats are plausible.
TheControlLayer.arkava.ai
Ransomware attacks on construction firms surged 30% in 2026. Groups like Akira and Play are targeting blueprints, bid documents, and tight project deadlines.
The hard hat protects your head. Nothing's protecting your Procore.
TheControlLayer.arkava.ai
75% of AI investments fail to deliver value. The missing piece: orchestration connecting AI tools to business outcomes.
New evidence from finance, energy, and logistics tells the same story.
Full analysis on The Control Layer.
15.8M French medical records stolen — including 165,000 doctor's notes with HIV status and sexual orientation.
The doctors weren't hacked. Their software vendor was.
Your data is only as secure as your weakest vendor.
TheControlLayer.arkava.ai
Chinese hackers breached the FBI's own surveillance network. FISA warrant data, call records, IP addresses — all compromised.
The watcher got watched.
If the FBI can't keep them out, the question for everyone else is: would you even notice?
TheControlLayer.arkava.ai
Exciting news! I’m honored to partner with Brainz Magazine as an Executive Contributor!
Over the coming months, I’ll be sharing insights on Artificial Intelligence and can’t wait to inspire, educate, and connect with a global audience around the world.
Stay tuned for my upcoming articles!
Iran-linked group wiped 200,000+ devices at Stryker — using the company's own @microsoft.com Intune MDM platform.
No malware needed. Just legitimate remote wipe commands.
Your security tools are only as trustworthy as who controls them.
TheControlLayer.arkava.ai
#Cybersecurity
Construction AI is operational now. Design iteration 3-5 weeks → 2-3 days. Safety detection at 88%. Lost-time injuries down 23-31%.
Removing drudgery, freeing human expertise. Hard hats earned.
TheControlLayer.arkava.ai
#AI #Construction
Ransomware groups log in now – stolen SSO credentials, not zero-days. 3.3B credentials on dark web markets.
If your security doesn't start with identity, it doesn't start.
TheControlLayer.arkava.ai
#Cybersecurity
UK rewrote automated decision-making rules. From prohibition to permission-with-safeguards. Biometric data now processable for bias detection across all AI systems.
Fine print is where the story lives.
TheControlLayer.arkava.ai
#AIRegulation
Who controls the agent?
When AI shops on your behalf, the browser — and every security signal built for it — vanishes.
I asked Shopify's CISO what replaces it. His answer is Episode 1 of The Control Layer.
🎧
Autonomous cyber-attack frameworks now run full attack sequences without human intervention. 3.3B credentials stolen in 2025.
Patch and pray assumed human-speed attackers. That era is over.
TheControlLayer.arkava.ai
#Cybersecurity
