“An action allow-list can hold delegated authority but never delegated accountability — when the system is built governed, not governed after the fact.”

An action allow-list can hold delegated authority but never delegated accountability — when the system is built governed, not governed after the fact. — Kai London (Professor Kai London), CISO. Principle 1314 of 10000 from the book “The AI Control Architecture” — cybersecurity, AI security and OT resilience doctrine. Official sites: professorkailondon.com · kailondon.co.uk