Malcolm Groves

AI Strategy

  • DevSecOps Evangelism Won’t Save Us

    DevSecOps Evangelism Won’t Save Us

    We put significant effort into building out our QA pipelines to support regular software releases, yet we continuously hit roadblocks when we try to reconcile functional quality with security requirements. This friction is rarely just a matter of timing or tools. Even when security processes are introduced earlier in the development lifecycle, the underlying tension…

    Read more →

  • You Start Coding, I’ll Go Find Out What They Want

    You Start Coding, I’ll Go Find Out What They Want

    There is an old industry cartoon where a development manager stands before a room of engineers and says: “I’ll go up and find out what they need. The rest of you, start coding.” For decades, that was a good punchline. It represented the height of mismanagement and the guarantee of a failed project. But as…

    Read more →

  • The Ghost in the Machine: How Your Unseen Data Will Come Back To Bite You

    The Ghost in the Machine: How Your Unseen Data Will Come Back To Bite You

    Your security strategy is only as good as your inventory, and right now, most of us are flying blind. The recently released IBM Cost of a Data Breach Report 2025 highlights a shift that requires the full attention of both tech leadership and the Board. We love to talk about Zero Trust and Al-driven defence,…

    Read more →

  • When AI Starts Acting: The Governance Gap in Singapore’s (actually quite good) New Framework

    When AI Starts Acting: The Governance Gap in Singapore’s (actually quite good) New Framework

    Over the last 18 months, we’ve witnessed a fundamental shift in the AI landscape. We have gone from asking models for information to giving them the keys to our systems. This move from “Generative” to “Agentic” AI is not just a technical upgrade; it is a massive change in our organisational risk profile. The Singapore…

    Read more →

  • Why Manual Oversight is Now Your Greatest Systemic Risk

    Why Manual Oversight is Now Your Greatest Systemic Risk

    I’ve spent a lot of my career looking at the friction between how we want to work and how we actually deliver, and I have noticed a recurring issue that has nothing to do with the quality of the applications we build. We are hiring incredibly talented engineers to write high quality code, but we…

    Read more →

  • Scaling Governance for AI

    Scaling Governance for AI

    I keep hearing the same dismissal from technical leaders and executives when the topic of AI in the development cycle comes up. They point to issues with code quality, the introduction of security vulnerabilities, or logic that simply doesn’t hold up under pressure. They claim that because a Large Language Model currently performs like a…

    Read more →