Identity-first security · AI & Zero Trust

The Breach Had Permission by Kai London

The attacker did not break in. It signed in. The Breach Had Permission exposes how AI-accelerated attacks exploit identity failure — stolen credentials, over-privileged accounts, unmanaged machine identities — and shows how Zero Trust decides which companies survive the next cyber war.

Available on Amazon in Kindle, paperback and hardcover editions.

By the end of this book you will be able to:

Treat identity as the perimeter

Reframe the security programme around the credential, the session and the entitlement — the places modern breaches actually begin.

Counter AI-accelerated intrusion

Understand how AI industrialises phishing, credential stuffing and session hijack — and what controls actually hold.

Deploy Zero Trust that works

Move from slideware to enforced least privilege, continuous verification and segmented blast radius (NIST 800-207).

Govern machine identities

Bring service accounts, API keys and AI agents under the same discipline as human users — before attackers do.

Kill standing privilege

Replace permanent admin rights with just-in-time, just-enough access that leaves attackers nothing to sign in with.

Brief the board on identity risk

Present identity failure as the enterprise risk it is — with metrics a board can govern and an auditor can verify.

Zero TrustNIST 800-207IAM / PAMDORANIS2

The next breach will not break your walls. It will borrow your keys.

About the author

Professor Kai London — CISSP, CISM.

An internationally recognised cybersecurity executive, board advisor and Founder & CEO of Quantum AI Systems Security LLC, writing at the convergence of AI, governance and operational resilience. Honorary Professor and Researcher at UCL.