Field notes on security architecture, governance, regulation, and the realities of cybersecurity transformation.