Activity
17K followers
-
Brian Long posted thisEnd of May. A good moment to say the quiet part out loud about "AI adoption." Most teams measure progress by how much they've handed to the agents. I've started measuring it by the opposite number: how much of what the agents did can a human still stand behind a year from now. Every workflow you automate adds surface area. The question is whether that surface stays legible: when a regulator or customer or your own board asks "why did the system do that," is the answer a reproducible record, or a confident paragraph the model wrote about itself? At Summit Cognitive that's the whole game. For most regulated workflows the honest answer is still no. That gap isn't an adoption problem. It's a provenance problem, and it's fixable.
-
Brian Long shared thisMost teams I talk to have already bought the speed. They're discovering they didn't buy the defensibility. The receipt for that purchase comes due on a specific day. Not a model failure day — a normal day. An auditor asks why a specific decision was made. A regulator asks for the evidence chain. A customer asks who authorized the action. That day is the audit. And the math is the same every time: — If the agent didn't record what it considered, the answer is a story. — If the agent didn't record who it was acting under, the answer is "trust us." — If the agent didn't record what fired and what didn't, the answer is silence dressed up as confidence. Speed without provenance was the cheapest version of AI to deploy and the most expensive to defend. The receipt is either a property of the system, or it's a thing your lawyer wishes you'd built six months ago.
-
Brian Long posted this"Human in the loop" has quietly become a fiction in most autonomous AI deployments. By the time the human sees what the agent did, the decision is already several layers downstream. The "review" is a confirmation, not a check. That's not a process failure. It's a math problem. Agents operate faster than the humans supposedly governing them. The loop didn't disappear. It moved. The new question isn't "is the human in the loop." It's: — What did the agent record about its own reasoning? — Can a human reconstruct that reasoning hours, days, or six months later? — Did policy gates fire, and what did the agent do when they did? — Whose authority was the agent acting under? Those are answerable. They just have to be a property of how the system is built, not something added on top. Without that, "human in the loop" is theater. With it, the human is in the loop where it actually matters — at audit time, when the decision has to hold up.
-
Brian Long posted thisAI maturity isn't measured by how many workflows you've automated. It's measured by how many of those decisions you can still defend six months from now — when somebody (a regulator, a customer, a counterparty, your own board) asks why. Adoption rate tells you how much surface area is now opaque. Maturity tells you how much of that surface is still legible. Every team I talk to that's "ahead" on AI has the same private problem: they shipped fast, the agents are acting, and the evidence trail is whatever the model decided to mention in its output. That's not a trail. That's a story. The question we keep coming back to at Summit Cognitive isn't "can the agent do the thing." It's "after the agent did the thing, can a human stand behind it without flinching." If the honest answer is no — and for most regulated workflows right now it is — that's the maturity gap. Not adoption. Provenance.
-
Brian Long posted this"It works" is not the same as "we can show how it worked." That gap is where regulated AI dies. Outputs without provenance are reputational liabilities, not assets. Six months from now, the systems we can replay will be the ones we still get to run. That is the whole bet at Summit Cognitive: per-query trust, not per-pitch-deck trust. Decision Receipts. Replayable reasoning. Policy gates inside the loop, not around it. If your AI strategy still ends at "the output looks right," we should talk.
-
Brian Long posted thisMemorial Day. A day to remember the Americans who never came home — and the families who carry that loss every day, not just today. Grateful. Humbled. Solemn.
-
Brian Long posted thisMandiant's M-Trends 2026 puts the median attacker lateral movement window at 22 seconds. Twenty-two. That kills the human-in-the-loop blue team. There is no Tier-2 analyst on earth who reads a SIEM alert, opens a ticket, pings Slack, and contains the host in 22 seconds. So the industry pivots: agentic defense. AI agents that triage and act inside the window. Fine. But "agentic defense" creates a second problem nobody is solving yet — every one of those autonomous actions has to be defensible six months later when General Counsel asks why production was shut down at 3:14 AM on a Tuesday. You cannot bolt audit on after the fact. The reasoning chain has to be captured at the moment of the action, signed, replayable, and survivable through model rotation. Otherwise "agentic" just means "fast, opaque, and unaccountable." That is the gap. Summit Cognitive is building the runtime admissibility layer for it: every autonomous decision exports as a signed Decision Receipt — provenance chain, model snapshot, authority gate, replay manifest. Same speed, surviving the audit. If your AI cannot explain how it got to its action in 22 seconds, you do not have a defense posture. You have a deposition waiting to happen. #AIGovernance #AgenticAI #FederalAI #DecisionIntelligence #ReasoningContinuity
-
Brian Long posted thisA week into SAM Active. Fifteen days to AFWERX submission. Memorial Day weekend opens tomorrow. Worth saying out loud: most "AI Trust" conversations still stall at the policy layer. Buyers want a runtime artifact. Auditors want a record. Compliance wants a chain that survives cross-examination. That artifact is the Decision Receipt. Ed25519-signed, deterministically replayable, issued at the moment an autonomous AI action runs. Live at decrec.summitcognitive.ai. 170+ receipts across 6 agents, 71% acceptance and climbing as agent-side evidence enrichment matures. The category isn't AI Trust as a feature. It's Cognitive Security as a layer underneath the autonomous-action surface, the same way network security sits underneath application traffic. Quiet, structural, non-negotiable. Fifteen days to put the federal version of this in front of an Air Force program office. The category was always going to need a forcing function. Holiday weekends don't pause the runtime. #CognitiveSecurity #AIAssurance #FederalAI
-
Brian Long posted thisFive days into SAM Active. Seventeen days to AFWERX submission. Cognitive Security as a category is still mostly unfamiliar to enterprise buyers, mostly familiar to federal program offices, and exactly the right wedge for both. Here's what I keep coming back to. Most "AI Trust" conversations stall at the policy layer. Buyers want a runtime artifact. Auditors want a record. Compliance wants a chain that survives cross-examination. That artifact is the Decision Receipt. Ed25519-signed, deterministically replayable, issued at the moment of action. Live at decrec.summitcognitive.ai. 170+ receipts across 6 agents, 71% acceptance and climbing as agent-side evidence enrichment matures. The category isn't AI Trust as a feature. It's Cognitive Security as a layer underneath the autonomous-action surface, the same way network security sits underneath application traffic. Quiet, structural, non-negotiable. Seventeen days to put the federal version of this in front of an Air Force program office. The category was always going to need a forcing function. #CognitiveSecurity #AIAssurance #FederalAI
Brian Long commented on a post
4h
I'm so sorry. Eric's impact on this field, and on so many of us in it, was profound, and his mission to make the digital world safer for families never wavered. Holding the entire Cole family in my thoughts. — Brian
Brian Long commented on a post
4h
The "shrink the prize" framing is the right one, Lawrence — and it extends past confidentiality. For AI-assisted decisions, the long-tail exposure isn't only the data being decrypted later, it's whether the decision made on that data can still be reconstructed and defended later. We sign every decision receipt (Ed25519 today), but your post sharpens the real question: crypto-agility. An audit artifact has to outlive the algorithm that signed it. Are your vendor readiness requirements starting to include signature/attestation agility, not just transport and at-rest encryption?
Brian Long replied to a comment
15h
Jan Maska that factlet framing is close to how we think about a Decision Receipt. A receipt is a signed, replayable record of what was decided and on what evidence, which is exactly a factlet you can re-open: when new information lands, you replay against the frozen evidence and see whether the conclusion still holds. The hard fact stays put; the contingent one gets revisited with a full audit trail instead of a guess. The cost isn't recomputation, it's keeping the provenance intact so the re-evaluation stays trustworthy.
Recommendations received
5 people have recommended Brian
Join now to viewOther similar profiles
Explore more posts
Explore top content on LinkedIn
Find curated posts and insights for relevant topics all in one place.
View top contentOthers named Brian Long in United States
901 others named Brian Long in United States are on LinkedIn
See others named Brian LongAdd new skills with these courses
-
5h 31m
Complete Guide to AI and Data Science for SQL: From Beginner to Advanced
-
13m
A Standalone Project: Build a Program to Encrypt and Decrypt Text Messages Using an Encryption Algorithm to Protect Data from Unauthorized Access
-
2h 19m
AI Product Security: Secure Architecture, Deployment, and Infrastructure