Field notes

Notes from the floor.

What we learn walking mission-critical sites: physical security for the AI era, the risks that price in training-run days, and the rules catching up to both.

Physical · AI risk · Compliance

F-01Physical security · Latest

Before day zero: the most expensive month in a data center’s life

Commissioning is the only period when a campus holds billions in hardware and has no operational security program. The attackers know the schedule better than most boards do.

Jul 2, 2026 · 6 min read · Coverden Assessments desk

F-02PAM · OT

One front door for OT: privileged access, remote access, file transfer

Three vaults, three logins, three audit dialects is not a program. One brokered door for admins, vendors and files, spanning on-premise, OT and cloud.

May 21, 2026 · 7 min read

F-03Asset protection

The rack is now worth more than the building

A tray fits in a backpack. Asset protection has to move from door count to value density, and borrow retail’s hardest word: shrinkage.

May 28, 2026 · 6 min read

F-04Colocation

Other people’s GPUs: the seam in every colocation contract

Remote hands, escort ratios, camera rights: five clauses that decide who really protects tenant compute.

Apr 16, 2026 · 7 min read

F-05Assessments

Assessing an AI campus: why the checklist fails

Green dashboards, vulnerable sites. Pricing findings in training-run days reorders every priority list.

Mar 5, 2026 · 7 min read

F-06Operations

Your guard force is a sensor network. Measure it like one.

Probability of detection, false alarm rate, response latency: the three numbers nobody asks of the most expensive detector on site.

Jan 22, 2026 · 6 min read

F-07Mission-critical

Nobody attacks the rack: the chiller yard problem

Both chillers share one fence. Redraw the protection envelope around consequence, not around the servers.

Dec 11, 2025 · 6 min read

F-08AI security

When AI agents borrow each other's keys

MCP servers, skills and agent swarms can turn delegation into privilege transfer if the boundary follows the runtime instead of the human.

Oct 30, 2025 · 7 min read

F-09AI governance

Govern the pipeline, not the model

Data poisoning, pipeline compromise, agentic endpoints: why AI governance that starts at deployment starts too late.

Sep 18, 2025 · 6 min read

F-10Compliance

NIS2 and CER: the fence is now a regulated asset

Essential entities, 24-hour clocks, personal liability: what Europe’s two directives mean for the patrol log.

Aug 7, 2025 · 6 min read

F-11Airspace

The perimeter has a ceiling

Detection is legal everywhere; response mostly is not. What a campus can lawfully do about the sky.

Jun 26, 2025 · 6 min read

F-12Covert entry

The clipboard still works

Hi-vis vest, ladder, confidence: covert-entry lessons from lobbies that stayed polite.

May 8, 2025 · 6 min read

F-13Lifecycle

Decommissioning is a security program, not a disposal ticket

Thousands of drives leave every refresh. Your last control is a certificate signed by the lowest bidder.

Mar 20, 2025 · 6 min read

F-14Access control

The badge outlives the job

Joiner, mover, leaver: the doors never got the memo. Identity debt is a physical problem now.

Feb 20, 2025 · 5 min read

F-15Readiness

The tabletop is the cheapest incident you will ever run

Two hours, no fault, one number: how long it takes your organization to say yes under pressure.

Jan 30, 2025 · 5 min read

F-16OSINT

Your data center is on LinkedIn

Planning portals, job posts, contractor selfies: the perimeter leaks upstream of the fence.

Jan 9, 2025 · 6 min read

F-17Airspace

Two skies: putting drones on the defense

The same airframe that scouts your fence can walk it for you: ninety-second eyes-on, thermal rounds, and permitted flights against your own sensors.

Jun 11, 2026 · 6 min read

F-18High-tech physical

The fence grew a brain

DAS fiber, radar-slewed cameras, lidar walls. Spectacular technology, usually bought with the wrong number.

Apr 30, 2026 · 6 min read

F-19Cyber

Ransomware never touches the chiller. It does not have to.

In most industrial ransomware events the control systems kept working. Operations stopped anyway.

Feb 26, 2026 · 6 min read

F-20Cyber

The phish that opens doors

The access control system is an application, its admins have inboxes, and codes can be relayed by any convincing website.

Nov 13, 2025 · 5 min read

F-21Cyber

The vendor tunnel

Ask how many remote paths lead into your control systems and write the number down. The audit finds more.

Sep 4, 2025 · 6 min read

F-22NERC CIP

NERC CIP without a utility badge

Mandatory, audited, fined by the day: the grid’s standards are coming closer to AI campuses than their owners think.

Jul 17, 2025 · 6 min read

F-23OT detection

OT detection: time-to-value beats the feature list

The metric that predicts success is days from purchase order to the first alert a human acted on. It is never on the datasheet.

Mar 19, 2026 · 6 min read

F-24Architecture

Choose the stack that talks

Best-of-breed wins spreadsheets. Integration wins incidents, and compounds with every roadmap release on both sides.

Dec 4, 2025 · 5 min read

F-25Social engineering

Free snow removal, and other gifts you should refuse

Mailed BadUSB parcels, war-shipping implants, a casino’s aquarium thermometer: the innocent-looking thing is a delivery mechanism, and the defense is removing the category exemption.

Jun 18, 2026 · 6 min read