Blog Layout

CISOs shift from perimeter security to API security

Bill Doerrfeld | March 30, 2026

My first-ever contribution to CSO Online looks at the shifting landscape, from perimeter-based security to API security, and how CISOs are responding.

API attacks are on the rise. But traditional security approaches like endpoint detection and response (EDR) can miss this vector entirely.

Excited to share my first-ever contribution to CSO Online today, which looks at the shifting landscape, from endpoint security to API security, and how CISOs are responding. You can read it here.

In a nutshell, malicious traffic may look like normal traffic, but legacy perimeter-based defenses miss business logic gaps and systemic authentication and authorization issues.

To respond, CISOs are using a combination of API governance frameworks, inventory management, API gateways, strong identity and authorization, and other techniques.

I'd love to write more for this publication, but it takes connecting with the right sources. If you're a CISO or work with one and have an interesting perspective to share, feel free to get in touch.

Read: APIs are the new perimeter: Here’s how CISOs are securing them

< Older Post

Newer Post >

Other Blog Posts

AI coding agents are now the default

By Bill Doerrfeld • June 25, 2026

Agentic coding tools have become the default. "When we've taken that away accidentally from people, they scream."

Your AI model might disappear tomorrow: what now?

By Bill Doerrfeld • June 17, 2026

My latest for LeadDev considers how engineering leaders should respond in the wake of uncertainty in the AI model market.

My research into 10 MCP gateways

By Bill Doerrfeld • June 10, 2026

I'm working with Zuplo on some new content around their MCP Gateway release. First up: a deep comparison of MCP gateways on the market!

Signs point to AI talent redistribution, not replacement

By Bill Doerrfeld • June 10, 2026

The constant barrage of AI layoffs is overshadowing the economic reasons behind these cuts, as well as the net-positive talent redistribution happening at large.

Reviewing MCP servers to connect with databases

By Bill Doerrfeld • June 8, 2026

My latest for InfoWorld reviews MCP servers and agent-ready tools for connecting AI agents with popular database styles.

When do you pull the plug on software projects?

By Bill Doerrfeld • May 29, 2026

For my latest DirectorPlus edition, Joel Carusone from NinjaOne shares how engineering leaders can build the muscle for making tough calls.

Close-up of a glowing laptop keyboard in blue light, viewed at an angle with the screen above

How MCP supports context engineering

By Bill Doerrfeld • May 25, 2026

My latest InfoWorld feature explores how Model Context Protocol (MCP) supports context engineering for AI-assisted coding.

A set of metal keys on a keyring resting on a wooden surface.

API keys don't equal security. Here are 10 reasons why.

By Bill Doerrfeld • May 22, 2026

My latest for Nordic APIs explores 10 API key security risks and what to use alongside keys for stronger API security.

MC'ing at apidays New York 2026

By Bill Doerrfeld • May 18, 2026

The yearly API conference, apidays New York, is a hotbed for solid discussion on what's top of mind in the API space, and as MC I had a front row seat.

Using agentic AI to accelerate sales teams

By Bill Doerrfeld • May 13, 2026

My latest for CIO Online features real results form CIOs actively deploying AI agents to empower sales and revenue teams.

Share by: