Most security debate assumes we are slowly winning a hard fight. The history says something less comfortable: the fight was postponed, and the reason it stays postponed has nothing to do with anyone's competence.

Security was designed in, once

Multics, begun in 1964, was arguably the first operating system built secure from the ground up. Protection rings, mandatory access controls, protection as a property of the architecture rather than an afterthought. It earned a B2 rating and for years was the only system that had. The lineage it started, the security kernel and the reference monitor, became the intellectual foundation of trusted computing.

And when researchers evaluated it, the most important finding was not any individual flaw. It was that patch-and-penetrate does not converge. Systems built without security and given it afterward were found to be particularly vulnerable. That conclusion was reached in the early 1970s, and it reads today as a precise description of the modern internet.

The market chose, and it chose reasonably

So why did assurance lose? Not on the merits.

The Orange Book defined a full hierarchy of trust up to A1, verified design. At level B3 it required automated detection, notification, and response to imminent intrusion. Read that again: the architecture of active, responsive defense was specified by the Department of Defense in 1985. The conceptual ancestor of what is now sold as adaptive security is forty years old.

The DEC VAX Security Kernel, an A1-targeted product, was built. It was cancelled. Not for technical failure, but because not enough customers wanted to buy it, and because adding networking and a graphical interface to a verified system was too expensive at that price point.

The same trade played out in networking. IBM's SNA was connection-oriented: you established a verified link before you could communicate. TCP/IP offered reach and simplicity instead, and its accessibility is exactly what let it win. The point is not that SNA was better. It is that the protocol the world adopted was selected substantially for openness, and the security properties of the alternative were traded away in the process.

Assurance was not refuted. It was deferred under real constraints, and then bureaucratized into a procurement checkbox.

Why the pattern reproduces itself

Here is the part that explains the last thirty years better than any threat report.

A posture built on perimeter defense generates recurring demand. New threats require new tools. New tools require new agents. New agents require monitoring. Monitoring requires services. Every unsolved class of vulnerability becomes a product category.

The foundational problem, that the underlying systems were never built to be secure, is precisely the problem whose persistence sustains the market built around it.

This is not an accusation. No coordination is required, and no bad faith. It is misaligned incentives operating at scale, and it produces what a conspiracy would produce with no conspirator anywhere in the chain.

The numbers carry the inference on their own. Spending rose to an estimated 213 billion dollars in 2025. The global average breach cost did fall slightly, and the industry's own leading report attributed the decline to faster detection and containment through automation, the perimeter running more efficiently, rather than to systems being more secure at the foundation. The same report has a name for the accumulating consequences of deferred practice: security debt. The field already has language for an architectural liability compounding over time.

Why now, and not 1985

The trade that was reasonable to defer may now be unreasonable to postpone, and that is an argument about arithmetic rather than principle.

In the era that deferred assurance, the cost of insecurity was largely theoretical and contained. Today it is measured in halted hospitals, disrupted infrastructure, and supply-chain compromises that reach thousands of organizations through a single trusted update. Capable, scalable, AI-assisted attacks push it further.

When the price of insecurity passes the price of building correctly, the rational choice inverts. That threshold is what has moved, not the engineering.

What the corrective looks like

If the diagnosis is that the house has no locks, the response is not a better guard roster. It is to invert the default.

Open by default · today

Systems expose services, and security restricts that openness at the edges. The guards stand around a house that was never built to be secure.

Closed by default · the inversion

Nothing is reachable and nothing is trusted until trust has been actively earned, and that trust is never retained beyond the bounded interaction it was granted for.

That last clause is where this parts company with most current practice. Zero trust removes implicit trust based on network location, which is a genuine advance. But as commonly deployed, it authenticates an endpoint and then issues a session or credential that persists for its lifetime, so a stolen token inherits standing trust. The difference is persistence, not encryption. Grant no persistent credential at all, and the theft has nothing to steal.

The architecture is called the Intelligent Immune Bunker, and it borrows its structure from the two arms of biological immunity.

  • The innate layerFast, always on, non-specific. Deterministic cryptographic admission that challenges every interaction from any source, and answers with a proof rather than a guess.
  • The adaptive layerSlower, specific, built on memory. Behavioral inference that builds a model of normal and abnormal, so a formally valid but anomalous interaction still raises an alarm.
  • The rule between themAccess is gated only by cryptographic proof. Behavioral judgment informs response and alerting, but can never override a valid admission. An adaptive layer that blocks on suspicion is an autoimmune disease waiting to happen.

The paper presents the full architecture with falsifiable invariants, a layered hardware trust anchor, three worked attack traces you can follow end to end, an explicit threat model that names what it does not solve, a structural model of compromise, and a four-generation migration path for systems that already exist.

It is offered openly, without claim of exclusivity. No single person should own a solution to a problem the whole world shares.