Neil W.

THE FULL STORY

I'm Neil Watkins, a senior level cybersecurity leader who's spent nearly 30 years building, breaking, and rebuilding enterprise security programs.

I work on the messy seam where security and technology strategy meets actual implementation. The CISO deck and the on-call rotation. The board metric and the misconfigured S3 bucket. The vendor pitch and the team trying to make sense of it on a Monday morning.

What I've come to believe, after enough cycles of "this time it'll be different": most security programs are over-tooled and under-architected. We bought defense in depth and got tools in depth. We adopted zero trust and shipped a logo. We shifted left on code but not on identity, on data, or on vendor risk. And now AI is here, not as a future risk, but as today's debt accelerator.

The work I do, the writing, speaking, advising, is about the architecture underneath: identity, data, access, detection, and governance. The five fundamentals that don't go out of style, and only matter more when AI agents start touching enterprise tools.

I keynote at industry conferences. I advise teams privately on the parts they don't put in the press release. I publish weekly through MondayMove, one concrete action security leaders can take on a Monday morning to close the gap between AI ambition and actual security maturity.

If any of that resonates, I'd enjoy the conversation. The form is below; I read every note.