Most security programs are over-tooled and under-architected. We bought defense in depth and got tools in depth. We adopted zero trust and shipped a logo. We shifted left on code but not on identity, not on data, not on vendor risk.
And now AI is here. Not as a future risk. As today's debt accelerator.
So, I built MondayMove. One concrete action. Every Monday. Crowdsourced from practitioners. Discussed in the open. Followed up via FollowUpFriday.
Not another newsletter. Not another framework deck. A weekly move security and technology leaders can actually take on a Monday morning to close the gap between AI ambition and actual security maturity. The site also includes:
→ Friday Follow-Up: You've had the week. What did you actually get done? A 750–1000 word honest look at what moved, what didn't, and what Monday's action looks like in practice. Every Friday, we go back to that week's MondayMove diving deep into what the action looked like in the real world, what had impact, and what fell flat. It lives on the site alongside the original move, and for LinkedIn readers, it comes to you as its own dedicated follow-up newsletter drop.
→ Submit a Move: I don't have a monopoly on good ideas. If you're in the field and you've found something that works, put it in.
→ Weekly Insights: Every published move, archived and searchable.
→ Deep Move: long-form thinking on the why behind the work. Identity, data, access, detection, governance. The five fundamentals that don't go out of style.
This is practitioner grounded. No vendor speak. No slide-padding. No tool-speak. If you've ever sat in a QBR wondering how we got here, this is for you.
I read every submission. I respond to every note. Let's build something that actually works.