authorized speed - katie's Substack
katie's Substack
SubscribeSign in
authorized speed<br>aka ruh roh
katie<br>Jun 26, 2026
Share
the end of the big CISO mythos paper had a chart that made me laugh.
this one.<br>except in the version used in april Sergej Epp’s zero day clock said 20h for 2026. by june 25, it says 6h.<br>the old security clock depended on friction and the friction is disappearing.<br>Joshua Saxe’s GLM-5.2 post nailed the shift. the panopticon dilemma (logged API access = attacker exposure a real cost) dissolved last week when private open-weights inference removed the logging cost… attackers now have permissionless speed and permissionless privacy.<br>Saxe is right that defenders need machine-speed capability but we need to go further. machine-speed capability without enforcement authority is just a faster version of the same accountability gap.<br>attackers have permissionless speed and what defenders need is ~authorized speed~.<br>that gap is not something we can close by moving faster. it isn’t that defenders are slow, it’s that every action defenders take needs to be accountable (logged, audited, reviewable) and every action attackers now take is not. one way we can close that gap is by making authorized speed cheaper and more verifiable than it is now.<br>attackers run, test, probe, chain, and discard… kill-chain execution, C2 authoring, zero-day discovery, long-con fraud… defenders cannot simply mirror that behavior because their systems and actions carry consequence. the good guys are bound by institutional constraint. the defensive equivalent isn’t matching capability it’s enforcement at the action boundary before the capability runs.<br>once defensive agents carry the same responsibility as human defenders (remediation, containment, secrets, CI/CD, audit evidence) they’re delegated actors and have different accountability surface. think of a containment action that modifies a firewall rule. is speed more important than authorization there? a defensive agent that reads logs is one thing. a defensive agent that rotates secrets, modifies CI/CD, quarantines infrastructure, changes access, or creates audit evidence is another beast altogether.<br>once an agent can change the state of the system it changes from being assistance to becoming a delegated action.<br>the right control layer for that failure mode isn’t just which model; it’s the deciusions around tools, permissions, logs, escalation paths, refusal conditions… and it needs to be defined before deployment rather than re-negotiated at runtime.<br>we need to stop accepting defaults where we should be making decisions:<br>what it can inspect<br>what it can infer<br>what it can change<br>what it must refuse<br>when it escalates<br>what evidence survives<br>it’s a whole other rodeo when we move from “AI-speed discretion” to “machine-speed enforcement inside bounded authority” or we just end up with faster ambiguity.<br>we’ve had the era of move fast and break things; let’s move fast and fix things.<br>ultimately i think to be Mythos ready, and ready for whatever comes next, must mean we make our systems custody ready. the answer to permissionless attackers cannot be permissionless defenders. let’s build authorized speed.
Share
Discussion about this post<br>CommentsRestacks
TopLatest
No posts
Ready for more?
Subscribe
© 2026 katie · Privacy ∙ Terms ∙ Collection notice<br>Start your SubstackGet the app<br>Substack is the home for great culture
This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts