The corporate security function was built to respond to confirmed events. The adversary no longer operates on a timeline that makes that posture survivable. This paper argues that the missing layer in enterprise security is the warning function: the interpretive capacity, drawn from the warning-intelligence tradition of Cynthia Grabo, that reads accumulating observables as strategic indicators before any single event crosses a response threshold. It traces the lineage from Grabo through the intelligence community's structured analytic techniques to predictive policing's instructive failure, and argues that AI has removed the volume constraint that made the complete architecture impossible to sustain. It names five commitments and three architectural components: the lens, the trust architecture, and a pre-constituted decision body with threshold-based activation authority, a construct not defined in existing CISA, NIST, or intelligence community doctrine. A companion technical specification, Calibrated Adaptive Operations, carries the build: seven first principles, four trust layers, four operating states, and the lens, governance, and decision body designs.
S. Michelle Farr (Wed,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: