The Control Layer with Amer Altaf

Amer Altaf
  • 0.0 (0)
  • TECHNOLOGY
  • UPDATED WEEKLY

The machines are making decisions. The question is: who's in control? The Control Layer with Amer Altaf cuts through the noise of AI hype to ask the questions that actually matter — who governs agentic systems, who carries the risk when they fail, and what the people building the infrastructure really think about what's coming. Each episode brings together CISOs, architects, founders, and policymakers at the frontier of AI, cybersecurity, and sovereign technology. These aren't rehearsed keynotes — they're real conversations about the trust frameworks, protocol designs, and leadership decisions shaping how intelligent systems operate in the real world. From agentic commerce and autonomous transactions to national AI strategy and zero-trust identity, The Control Layer goes where the decisions are being made — and asks whether the right people are making them. Published by Arkava. New episodes weekly. thecontrollayer.arkava.ai

Episodes

  1. Anthropic Built a Model Too Dangerous to Release. Then It Gave It to 12 American Companies.

    5H AGO

    Anthropic Built a Model Too Dangerous to Release. Then It Gave It to 12 American Companies.

    Yesterday, Anthropic announced Project Glasswing — a cybersecurity coalition built around Claude Mythos Preview, a frontier AI model so proficient at finding and exploiting software vulnerabilities that it cannot safely be released to the public. In just weeks of testing, Mythos Preview has autonomously identified thousands of zero-day vulnerabilities in every major operating system and every major web browser — including a 27-year-old flaw in OpenBSD, a 16-year-old bug in FFmpeg that automated testing missed five million times, and a chained Linux kernel exploit that escalates to full machine control. The 12 launch partners — AWS, Apple, Microsoft, Google, Cisco, CrowdStrike, Palo Alto Networks, Broadcom, NVIDIA, JPMorganChase, the Linux Foundation, and Anthropic — will use the model exclusively for defensive security work. Anthropic is committing $100 million in usage credits and $4 million to open-source security organisations. In this solo episode, I break down what Mythos Preview can actually do, why the defensive case is strong, and why the dual-use problem — the same model that finds vulnerabilities can exploit them — cannot be engineered away. Then I ask the question almost no one else covering this story is asking: why are all 12 launch partners US-headquartered? What does it mean when the most powerful defensive cybersecurity tool ever created is exclusively in the hands of American companies, subject to US government engagement, with no mention of the UK's NCSC, the EU's ENISA, or any non-US government body? What I cover: - Claude Mythos Preview's capabilities — and why this is a step change, not an incremental improvement - The defensive case: $100M in credits, open-source funding, and a coalition that touches most of the world's software infrastructure - The dual-use tension: Mythos develops working exploits autonomously, without human steering - The sovereignty question: all 12 partners are US-headquartered, and the implications for UK and European defenders are significant - Five things to watch over the coming months — from the 90-day report to the UK's Cyber Security and Resilience Bill This episode is for: - CISOs and security leaders assessing what AI-augmented threats mean for their organisations - CTOs and engineers building on infrastructure maintained by Glasswing partners - Policymakers writing cybersecurity legislation in a world that just changed - Anyone who believes the geography of AI capability is a strategic question, not a technical footnote Read the full analysis: thecontrollayer.arkava.ai The Control Layer is hosted by Amer Altaf, founder and CEO of Arkava, and publishes weekly. Sponsored by Arkava — Trusted Intelligence, Tangible Impact. https://arkava.ai Get full access to The Control Layer at thecontrollayer.arkava.ai/subscribe

    26 min

  2. MAR 26

    Who Controls the Agent?

    When an AI agent shops on your behalf, pays on your behalf, and negotiates on your behalf — who’s actually in charge? And when something goes wrong, who carries the liability? In the debut episode of The Control Layer, Amer Altaf sits down with Andrew Dunbar, Chief Information Security Officer at Shopify, to unpack the security architecture behind agentic commerce — a world where autonomous AI agents act as buyers, and traditional checkout flows no longer apply. Andrew reveals how Shopify is building the Universal Commerce Protocol (UCP), a framework designed to let AI agents transact securely across any merchant without screen-scraping or fragile browser automation. The conversation covers how cryptographic credential chains prevent compromised agents from completing unauthorised transactions, why the four-persona model (buyer, business, platform, credential provider) changes the trust equation entirely, and what happens when 875 million buyers start operating through autonomous intermediaries. They also discuss why the CISO’s role is shifting from gatekeeper to architect, how bug bounty programmes stress-test agentic infrastructure before it ships, and what sovereign AI strategy means for businesses operating across borders. Whether you’re a security leader, a founder building on AI, or simply someone who wants to understand the system that’s about to handle your money — this is where it starts. Get full access to The Control Layer at thecontrollayer.arkava.ai/subscribe

    59 min
  3. NHS Cyber Attack: What Happened and What Leaders Must Do Next

    09/23/2025

    NHS Cyber Attack: What Happened and What Leaders Must Do Next

    Get full access to The Control Layer at thecontrollayer.arkava.ai/subscribe

    2 min
  • 3 Episodes

About

The machines are making decisions. The question is: who's in control? The Control Layer with Amer Altaf cuts through the noise of AI hype to ask the questions that actually matter — who governs agentic systems, who carries the risk when they fail, and what the people building the infrastructure really think about what's coming. Each episode brings together CISOs, architects, founders, and policymakers at the frontier of AI, cybersecurity, and sovereign technology. These aren't rehearsed keynotes — they're real conversations about the trust frameworks, protocol designs, and leadership decisions shaping how intelligent systems operate in the real world. From agentic commerce and autonomous transactions to national AI strategy and zero-trust identity, The Control Layer goes where the decisions are being made — and asks whether the right people are making them. Published by Arkava. New episodes weekly. thecontrollayer.arkava.ai

Information