This interview is with Fard Johnmar, Innovation Supercharger, Futurist, Builder and Founder, Enspektos, LLC.
For Connectively readers meeting you for the first time, how do you describe your work today as an Innovation Supercharger, Futurist, Builder, and Founder in computer software, including your current focus with Enspektos and AI Security Guard?
I’ve been working in technology innovation since 2005. During that time, I’ve focused on the same three goals: helping people make sense of emerging tech landscapes through original research and analysis, providing education and actionable insights to help others operationalize these technologies, and building solutions that leverage these innovations to help people succeed.
During the Web 2.0 era, I developed in-depth research helping people understand health blogs. When mobile emerged, I worked with major corporations to figure out how the technology could be applied to marketing, education, and communications. I also spent more than a decade explaining the role digital technologies played in health, wellness, and wellbeing. I developed machine learning-aided technologies to help organizations identify and capitalize on opportunities.
When ChatGPT emerged in 2022, I was immediately intrigued. In the mid-2000s, I had played with some early chatbots and used them to create alternate reality games, which I launched to promote some of my projects. I had also been working with companies driving AI forward in healthcare for about 10 years, so I was familiar with the technology.
But when I used ChatGPT for the first time, I was blown away and started to think about how it could be used in a range of ways. I spent the next few years diving deep into the technology and building AI-aided knowledge solutions that featured agentic workflows before they became well-known.
Things took a turn, however, when I heard about people using agentic systems like OpenClaw to help with their finances, build companies, and more. I thought, “this is amazing,” but I was also worried. Working with AI agents teaches you very early that you need to carefully control them, monitor their inputs and outputs, and keep sensitive information away from them.
Some people using OpenClaw hadn’t internalized these lessons. They were using OpenClaw on devices that had serious security holes that exposed private information to the internet. I also saw that many people were doing highly technical and sophisticated work using agents without the awareness and understanding of the various threats they were exposing themselves to.
That’s when I decided to build and launch AI Security Guard, which has become a multi-faceted platform providing research-backed education, free resources, and protective tooling for people using or building with AI agents.
What key experiences or decisions moved you from early work across social and mobile to founding Enspektos and focusing on the agentic era of autonomous AI?
The main motivator for me has been an intense sense of curiosity about a range of topics, especially technology. When I was growing up, I didn’t have access to a personal computer (few did), but I was fortunate enough to be exposed to computers in a few key ways.
I went to junior high school in New York City and had two formative experiences with computers that shaped the rest of my life. One was a program run by Columbia University where students could use the computer lab. I was enrolled in the program and was exposed to Macintosh computers and other emerging tools. This had a big impact on me. (I’ve been an Apple person ever since.)
Another was frequenting a library where I could borrow the library’s lone computer for a few hours each day. I spent a lot of time playing games on the computer, but one day I picked up a book about BASIC. Curious, I decided to program my own game. After some trial (and a lot of errors), I figured out how to get the program to work. That’s when I realized that you could take letters and numbers and build something entirely new. That was a big deal for me.
That sense of curiosity and exploration has stayed with me. I’ve always been the kind of person who dives head-first into new tech trends, and I’ve been fortunate to live through and play a small role in shaping how some of these technologies have evolved and been understood over time.
So when I first encountered ChatGPT, I immediately started building with it: diving into the API, experimenting with prompt engineering, building agent memory systems, creating multi-agent workflows, and much more.
These experiences helped me to truly respect the technology for its significant potential — and its dangers. They were a major reason I was inspired to build systems that can help keep people safe.
From your vantage point building AI Security Guard, what does the “agentic era” practically mean for startups shipping autonomous AI this year?
It’s a mixed bag. First, many people don’t have a good understanding of what AI agents can actually achieve. They think they are magical systems where you just tell them to do something and it happens instantaneously.
That’s far from the case.
AI is unreliable, opinionated, and, most importantly, non-deterministic. This means you can get a different output each time you use an AI model. It’s not like a regular rules-based system where, if you put in A + B, you’re always going to get C. With AI, A + B can equal D.
There are also costs associated with these systems. Prices have declined by about 80% over the years, but compute and inference are still expensive, especially if you don’t know how to control and manage these systems (things are getting better, but there’s still a lot to learn).
The third consideration is that AI is improving rapidly. Over the last few years, we’ve seen countless startups become obsolete because of rising AI capabilities. Those that developed “AI wrappers,” using AI to power their business, might find that a single announcement from OpenAI or Anthropic puts their business model at risk.
Despite this, there is a lot of opportunity in AI. One of the moats that startups can build when it comes to agentic systems is creating “harnesses” or workflows that help make the models better or more reliable. These systems can improve AI’s performance in key areas significantly but can’t be easily replicated by the base model.
Another opportunity is using AI to build prototypes and validate a business idea rapidly. This is where many people who are “vibecoding” applications have focused. Vibecoding is generating a lot of competition, and there are many “me-too” apps being launched that may or may not survive.
Overall, the agentic era means increased competition, fewer true moats, and a lot of iteration for startups as they figure out what works when it comes to building AI-fueled or AI-enhanced businesses.
You’ve written about “vibe coding”; what concrete practices help teams move beyond prompt tinkering to production-grade agent systems that customers can trust?
The biggest lesson people with less experience building software may not understand is that products aren’t really about features.
Yes, features are important. They’re what products are built around, after all. But there’s something more important: trust.
Great products, no matter how complex or simple, are about building and keeping trust. You can have the best product in the world, but if it isn’t trustworthy, it’s not going to be used.
Trust means a product is reliably available, is generally safe to use, and delivers what it promises.
When “vibe coding” first emerged, there were a lot of demos of apps that were built in one-shot by AI. Some people “vibe coded” applications that have become very successful.
But no matter how an app is built—whether it is largely developed with the assistance of AI or hand-coded—it has to be trusted. Asking oneself while building an application, “Can I trust this?” is a great practice.
If the answer is no, then that’s a sign the product needs more work. The minute a person starts digging into what trust actually means for their product and how to capture it, that’s when an app moves from toy software built in a day to a more robust system that customers can rely on.
This doesn’t mean the app will be successful; that’s another mountain to climb, but the foundation will be stronger.
What is one counterintuitive finding from your Shipping the Future research that a startup founder can act on immediately?
For the Shipping the Future research, I analyzed more than 260,000 Reddit posts published between December 2022 and mid-May 2026. My goal was to understand how builders using AI were responding as the technology evolved and improved.
I learned some important lessons from the research that I think are relevant to startup founders:
-
Remember, you’re living in a bubble. Founders interact with other founders, communicate with experts, and generally have a lot of knowledge and understanding about a topic. This is useful, but it can also lead to what I call a “bubble mentality”—the mistake of assuming customers think like you.
For example, from a security perspective, many discussions include terms like “prompt injections” and “jailbreaks.” Most people don’t know what a prompt injection is, and more importantly, why it matters. Instead, the research reveals that they are more focused on operational issues like whether someone can steal their private information (API) to run up $10,000 in Claude Code fees and, if so, how to prevent that from happening. People think in concrete terms, and the research demonstrates that repeatedly.
-
The AI market is still very young. I conducted an analysis of how the general public (as revealed by Google Trends data) thinks about AI versus builders. The data reveals they are in different universes.
The general public has figured out that Claude Code is a thing but is also focused on trying to understand what AI actually is. So, understanding that we’re still in the early innings of this—from a penetration and adoption perspective—is the right perspective to have. There’s still a lot of opportunity out there.
Drawing on your experience in healthcare and medical devices, what are your non-negotiables for risk management and security-by-design before launching an autonomous agent?
In healthcare, the stakes are high.
Something as simple as a misaligned sensor can provide a patient or doctor with inaccurate information. Bad data can lead to disability or death.
In the past, I’ve advised companies developing AI-based radiology solutions. A radiologist’s main job is to look at images and determine whether a person has cancer. A missed diagnosis can mean the cancer progresses. A false positive can lead to expensive, life-changing treatment. There’s also a shortage of radiologists, so AI was seen as a potential means of addressing that.
The AI being deployed in radiology at that time was qualitatively different from large language models (LLMs), such as ChatGPT, which are highly unpredictable.
A lot of time was spent rigorously measuring AI (i.e., machine learning models) to determine its accuracy against the gold standard: doctors. AI outputs were examined, measured, and made as predictable as possible.
Working in healthcare makes you very appreciative of deterministic, rules-based systems. You can predict how they will respond across many different situations and trust the outputs they deliver.
This experience and years spent working with agentic systems have led me to build systems in which LLMs are used as little as possible.
What this means is that AI is very good at producing certain outputs that require reasoning, and building a similar system using rules-based approaches would be suboptimal. In those cases, it’s appropriate to include LLMs in the mix, provided there are guardrails on their behavior, inputs, and outputs.
But there are many areas where it does not make sense to use an LLM. Knowing the difference can help people build more secure systems.
A second area is observability: if you don’t know what an agent is doing, what it’s delivering, and how it interacts with systems and processes, it’s a rogue agent.
Visibility is key to understanding agent behavior. So are controls, or guardrails. When using agents, widen their scope of responsibilities carefully and put systems in place to block or deflect harmful behaviors.
Once an agent is live, which early-warning signals and telemetry do you instrument to detect drift, jailbreaks, or unintended actions?
There are many signals that can be used to monitor an agent’s behavior. Here are a few:
-
Behavior drift: In many systems, agents have specific responsibilities. One might be focused on code development; another could be responsible for research and analysis. Tracking agent behavior over time—examining what tools it uses, what parts of the system it accesses, and how many resources (in the form of tokens) it consumes—is important. If an agent’s behavior changes—for example, if it uses many more compute resources than normal—it is a sign that the agent’s behavior has drifted and it should be examined.
-
Misaligned actions: Detecting harmful or unintended actions requires looking carefully at what the agent is consuming (in terms of information made available to it in its prompt) and what it is delivering. That means capturing data about the agent’s inputs and outputs in real time and scanning that information to determine whether it is harmful, contains sensitive information, etc.
-
Telemetry: Telemetry includes agent traces, or logs of its thoughts and actions, that are delivered via agent APIs, as well as other data such as its system message and prompts.
For those interested in learning more about agent monitoring, I’ve developed a free educational resource on this topic here.
On the people side, how do you structure teams and rituals across engineering, product, security, and go-to-market so a startup can ship agentic AI safely without killing velocity?
In many cases, a startup is going to be focused on shipping quickly. This means that anything that gets in the way of delivering and validating a product (and generating revenue) is going to be secondary. My research on builder culture confirms this.
However, it’s possible to ship agentic systems more safely by baking certain habits into the process that are common sense and can prevent headaches down the road:
- Minimizing variability by creating solid harnesses or systems around agents that constrain and guide their behavior. These systems can help accelerate delivery because agents will be highly performant and optimized for their role.
- Following good development practices, such as examining code for security issues before deployment.
- Evaluating agent behavior across various use cases and situations so that there’s a good understanding of how agents will behave and where they are best deployed.
Finally, looking toward 2030, what underappreciated shift in autonomous AI do you foresee that founders should start planning for now?
One underappreciated trend is the decentralization of AI compute. Right now, several dominant AI labs lead the way in AI development. There may also be other innovators waiting in the wings who do not rely on large language models at all and who could transform how AIs are conceived and deployed in the future.
Over time, AI will not only be commoditized, but “good enough” models will be available and embedded into many devices. This means users will be able to reliably run their own agent infrastructure, tuned to their individual devices; this activity will be much safer and more predictable.
This may mean the worlds of commerce, product marketing, B2B, B2C, and so on could be completely transformed. These on-device agents will be attuned to their users’ wants, preferences, and needs (and can even anticipate them). They will be the ones buying, selling, and evaluating products and services, not humans.
We’ve already seen SEO transformed by AI that advises, recommends, and searches on behalf of people. That’s a world where the old rules of the attention economy no longer apply.
Studying what’s happening in online marketing and how it is rapidly shifting what it means to be visible online is good preparation for understanding what may be coming.
Thanks for sharing your knowledge and expertise. Is there anything else you'd like to add?
Nothing else. Thank you for the opportunity.