{"id":870,"date":"2026-04-27T10:34:43","date_gmt":"2026-04-27T10:34:43","guid":{"rendered":"https:\/\/ont.io\/news\/?p=870"},"modified":"2026-04-27T10:34:46","modified_gmt":"2026-04-27T10:34:46","slug":"we-need-a-new-bucket-rethinking-the-honeypot","status":"publish","type":"post","link":"https:\/\/ont.io\/news\/we-need-a-new-bucket-rethinking-the-honeypot\/","title":{"rendered":"We need a new bucket: rethinking the honeypot"},"content":{"rendered":"\n

The most useful image to come out of the recent Ontology Privacy Hour<\/a> was Nick Ris\u2019s. The security industry, he argued, treats data protection like a bucket full of leaks. Every breach prompts another patch, another vendor, another control. Each year the bucket gets bigger, the holes more numerous, and the spend goes up. The fundamental model is wrong. A bigger bucket is not the answer.<\/p>\n\n\n\n

The honeypot is. Concentrated stores of personal data have always been the prize. They were the prize when the model was a bank\u2019s customer database in the 1990s, and they are the prize now, only the database is the entire context layer of an AI assistant, the operational records of a healthcare system, or the unified profile that an enterprise has built across thirty years of CRM, support tickets and HR. The bigger the bucket, the bigger the pull. AI has not changed that logic. It has supercharged both sides of the table.<\/p>\n\n\n\n

This is the third in our series expanding on themes from the Privacy Hour. The pillar promised a follow-up on each section. This one is about why the bucket model is broken, and what the alternative actually looks like.<\/p>\n\n\n\n

The bucket keeps getting bigger<\/h2>\n\n\n\n

Start with the size of the problem.<\/p>\n\n\n\n

The most recent Verizon Data Breach Investigations Report<\/a> analysed tens of thousands of security incidents and thousands of confirmed breaches across its dataset, the largest sample any single annual industry report produces. Credentials and the human element appear in the majority of those breaches. The pattern has not changed in years: someone gets phished, a credential leaks, an attacker walks into a concentrated data store, and a regulator\u2019s notification deadline starts ticking.<\/p>\n\n\n\n

The cost is not a rounding error. IBM\u2019s Cost of a Data Breach Report<\/a> put the global average at USD 4.88 million per incident, the highest figure in the report\u2019s history, with healthcare and financial services well above the line. Those numbers do not capture the reputational damage, regulatory fines or customer attrition that show up later.<\/p>\n\n\n\n

And the attack surface is widening, not narrowing.\u00a0ENISA\u2019s Threat Landscape<\/a>\u00a0tracks ransomware, supply chain attacks and credential abuse across Europe, all of them growing year on year.\u00a0Microsoft\u2019s Digital Defense Report<\/a> describes processing more than 78 trillion threat signals a day across its services, and identifies identity attacks as the dominant vector. The CIOs and CISOs Nick spoke to during the Privacy Hour are not exaggerating when they say breach attempts have gone exponential. The telemetry says exactly that.<\/p>\n\n\n\n

AI sits on both sides of the bucket<\/h2>\n\n\n\n

What is new is that AI now sits on both sides of the fight.<\/p>\n\n\n\n

On the defender\u2019s side, AI is being used to triage alerts, baseline behaviour and detect anomalies at speeds no human team could match. That part of the story is well covered. On the attacker\u2019s side, the same capability has democratised the production of sophisticated attacks. Convincing phishing emails, deepfaked voice calls, scaled credential-stuffing campaigns and adaptive social engineering are now routine, cheap and fast. Microsoft\u2019s report flags the rise of AI-driven impersonation and influence operations explicitly. The barrier to running a competent attack is approaching zero. The barrier to defending a concentrated store of valuable data is not.<\/p>\n\n\n\n

Run that arithmetic forward. The pull on the bucket grows every year because the value of the data grows every year. The cost of attacking the bucket falls every year because the tooling improves every year. Building a stronger bucket is a treadmill, and the treadmill is speeding up.<\/p>\n\n\n\n

A different shape, not a bigger bucket<\/h2>\n\n\n\n

The argument Nick made on the livestream was not “spend more on cyber security.” It was that the shape is wrong.<\/p>\n\n\n\n

The bucket model assumes a small number of large containers, each defended by the organisation that holds it. That worked when there were a handful of databases per organisation and the threat actors were also small in number. It does not work in a world where every organisation, person, agent and connected device is a node generating and consuming data continuously, and where attack capability has been distributed to anyone with an API key.<\/p>\n\n\n\n

The alternative is the inverse. Distribute the data across the network, with each party controlling its own slice. The slice held by a person, an agent, an organisation or a device is small. It is not commercially valuable on its own. The aggregate is held nowhere. The honeypot, in any meaningful sense, ceases to exist, because no single store is worth the price of breaching.<\/p>\n\n\n\n

This is not the same as decentralisation as a slogan. It is a specific architectural claim: that the right unit of data custody is the entity that originated the data, and that aggregation should be a temporary, scoped operation, not a default state. Concentrating data is something a system should have to justify, not something it gets to do by accident as a side effect of buying a vendor.<\/p>\n\n\n\n

Distribution is not enough<\/h2>\n\n\n\n

There is a critical second leg to the argument, and it is the one most people miss.<\/p>\n\n\n\n

If you only distribute the data, all you have done is multiply the number of small honeypots. The aggregate value of breaching the entire network might not be worth the effort, but plenty of individual targets still are. The architecture has to do something else: it has to bind each piece of data to the person or agent authorised to use it. As Nick put it on the livestream, knowing somebody\u2019s social security number is worthless if the system also requires you to prove that the person presenting the number is them.<\/p>\n\n\n\n

This is where decentralised identity and verifiable credentials become load-bearing. A decentralised identifier<\/a> lets a person, organisation or agent prove control of an identity without registering it with a central authority. A verifiable credential<\/a> lets that identity present a specific, scoped claim about itself, signed by an issuer the receiver trusts, without exposing the underlying record. Together they let a system check that the requester is authorised, in this context, for this use, without ever needing to assemble a full profile in one place.<\/p>\n\n\n\n

The data is distributed. The authorisation is portable. The honeypot is gone, and the alternative is not a stronger fence. It is a different shape.<\/p>\n\n\n\n

What this looks like in practice<\/h2>\n\n\n\n

Map this onto a real interaction. A clinician needs to confirm that a patient is over 18 and lives in a specific health authority\u2019s catchment area. The bucket model demands the patient\u2019s full record sit in a database the clinician\u2019s system can query. The new model lets the patient present two verifiable credentials, signed by a government identity provider, that prove only those two facts, and lets the clinician\u2019s system verify the signatures and the freshness without retaining anything beyond a session-bound consent record.<\/p>\n\n\n\n

Or a different example. An AI agent acting on behalf of a user needs to make a payment to another agent. The new model lets the agents exchange signed credentials of authorisation, proving each is acting on behalf of a real, accountable principal, without disclosing the principal\u2019s identity or assembling a full transaction history outside the rails of the payment network.<\/p>\n\n\n\n

This is the architecture Ontology has been building toward for years.\u00a0ONT ID<\/a>\u00a0provides decentralised identity that lets individuals and organisations prove who they are without surrendering their data to a centralised authority.\u00a0ONTO Wallet<\/a>\u00a0is the user-facing front door, where an individual holds their identifiers, credentials and reputation, and decides what to disclose, to whom, and for how long. The protocol surface is independent of any single hyperscaler. The user does not need to surrender custody of their identity to a platform that might also be the largest honeypot in their life.<\/p>\n\n\n\n

The conversation regulators are starting to have<\/h2>\n\n\n\n

Regulators are catching up. The UK\u2019s Information Commissioner\u2019s Office guidance on data minimisation<\/a> makes the same point in different language: organisations should hold no more personal data than they need, for no longer than they need it. Apply that principle properly and you do not get a smaller bucket. You get an architecture that does not have a bucket at all.<\/p>\n\n\n\n

The same direction of travel shows up in zero-trust frameworks, in supply-chain identity requirements, and in the conversation around digital wallets in Europe under the eIDAS 2 regulation<\/a>. The vocabulary is different in each forum, but the underlying claim is the same. Concentrated personal data is a liability, not an asset. The future of digital trust runs on credentials and proofs, not on copies and queries.<\/p>\n\n\n\n

Where this goes<\/h2>\n\n\n\n

The honeypot architecture has had a long run. It is not going to disappear next year. There are still tens of thousands of organisations whose business models depend on holding very large, very rich personal data stores, and there are still attackers who will keep finding ways to drain those buckets faster than the operators can patch the holes.<\/p>\n\n\n\n

The interesting question is not whether the bucket model survives. It is whether the next wave of infrastructure, AI assistants, agentic systems, payment rails, regulated identity wallets, ends up replicating the bucket model at greater scale, or whether it adopts a different shape from the start. Ontology is betting on the second answer. So is a growing share of the policy and standards work shaping the next decade of the internet.<\/p>\n\n\n\n

The next piece in this series picks up the second half of Nick\u2019s argument: that the right vocabulary for individual control over personal data is not ownership, but consent, audit and revocation. Once the bucket is gone, those three primitives are what make the network honest.<\/p>\n\n\n\n

This article is part of a series expanding on themes from the <\/em>Ontology Privacy Hour: Privacy, Data and the Future of AI Data<\/em><\/a>. <\/em>Watch the full episode on YouTube<\/em><\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

The most useful image to come out of the recent Ontology Privacy Hour was Nick Ris\u2019s. The security industry, he argued, treats data protection like a bucket full of leaks. Every breach prompts another patch, another vendor, another control. Each year the bucket gets bigger, the holes more numerous, and the spend goes up. The fundamental model<\/p>\n","protected":false},"author":5,"featured_media":871,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[113,13],"tags":[152,155,156,157,158,159,160,161,162,163,43,44,67,72,117],"class_list":["post-870","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-data","category-did-and-privacy","tag-gdpr","tag-privacy-hour","tag-data-breach","tag-cybersecurity","tag-ai-privacy","tag-data-security","tag-data-minimisation","tag-honeypot","tag-zero-trust","tag-eidas","tag-did","tag-onto-wallet","tag-ont-id","tag-verifiable-credentials","tag-decentralised-identity"],"_links":{"self":[{"href":"https:\/\/ont.io\/news\/wp-json\/wp\/v2\/posts\/870","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ont.io\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ont.io\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ont.io\/news\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/ont.io\/news\/wp-json\/wp\/v2\/comments?post=870"}],"version-history":[{"count":1,"href":"https:\/\/ont.io\/news\/wp-json\/wp\/v2\/posts\/870\/revisions"}],"predecessor-version":[{"id":872,"href":"https:\/\/ont.io\/news\/wp-json\/wp\/v2\/posts\/870\/revisions\/872"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ont.io\/news\/wp-json\/wp\/v2\/media\/871"}],"wp:attachment":[{"href":"https:\/\/ont.io\/news\/wp-json\/wp\/v2\/media?parent=870"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ont.io\/news\/wp-json\/wp\/v2\/categories?post=870"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ont.io\/news\/wp-json\/wp\/v2\/tags?post=870"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}