Jesse Pike

30 years of building security programs. Now helping the industry figure out what comes next.

Enterprise security leader with three decades across cybersecurity architecture, GRC, and advisory — from leading global security practices and coaching field teams to sitting across the table from CISOs during a breach. Currently focused on AI security governance and the author of the Agentic Governance Framework (AGF), a reference architecture for governed agentic systems.

View Projects Work With Me Read Writing

Recent Writing

All posts →
Mar 20 The Puzzle: Sorting the Pieces of Agentic Governance The governance landscape for agentic AI is fragmented across fifteen frameworks, standards, and research programs. AGF sorts the pieces into a coherent reference architecture. Mar 19 From Architecture to Governance: What Building Agentic Systems Taught Me About What's Actually Missing What started as an architecture framework for agentic systems grew into something larger. Here's how AFAS became the Agentic Governance Framework. Feb 25 Who Is This Agent? Trust and Identity in Multi-Agent Systems How traditional identity models break at the first delegation hop in multi-agent systems — and what trust and authority attenuation require instead. Feb 24 Building Agentic Systems Without a Blueprint Organizations are deploying agentic AI without architectural discipline. Here's what that failure mode looks like — and what the design layer needs to provide. Feb 22 Governance at Velocity and Scale How design-time and runtime governance differ in agentic systems — and why HITL, AITL, and HOTL are architecture decisions, not operations ones.

Projects

All →

AGF — Agentic Governance Framework

A reference architecture for governed agentic systems — synthesizing NIST, OWASP, CSA, ISO, EU AI Act, OpenTelemetry, MITRE ATLAS, and academic research into a composable governance framework.

  • NIST AI RMF
  • OWASP
  • CSA
  • +2
v2 Coming Soon

AI Risk Tools

A multi-tenant SaaS platform for AI governance and compliance — helping organizations profile AI systems, surface relevant risks from the MIT AIRISK database, and map to established frameworks like NIST AI RMF.

  • Next.js 15
  • TypeScript
  • Supabase
  • +3