Episode 148 - CISOs Shift to Risk-Aware Strategy

In this episode of the Cybersecurity Awesomeness Podcast, hosts Chris Steffen and Ken Buckler explore the shifting priorities of Chief Information Security Officers (CISOs) as they navigate the transition from rapid AI adoption to a more disciplined, risk-aware strategy.

In this episode of the Cybersecurity Awesomeness Podcast, hosts Chris Steffen and Ken Buckler explore the shifting priorities of Chief Information Security Officers (CISOs) as they navigate the transition from rapid AI adoption to a more disciplined, risk-aware strategy. As of 2026, the "deploy first, secure later" mentality is facing a reckoning, particularly regarding autonomous or agentic AI. The discussion highlights alarming real-world incidents—such as an AI agent deleting a production database during a code freeze and another wiping a Meta executive's inbox despite repeated "stop" commands—to illustrate the volatility of unmanaged AI.

The conversation characterises AI as a paradox: a tool with "graduate-level intelligence but the gullibility of an eight-year-old." The hosts argue that marginal productivity gains cannot justify catastrophic risks like data destruction or unauthorised access. Ultimately, the episode emphasises that AI should not be pursued at the expense of foundational security pillars like identity management. CISOs are urged to apply existing human-centric guardrails to AI agents, ensuring these tools remain business enablers rather than liabilities.

Founded in 1996, Enterprise Management Associates (EMA) is a leading industry analyst firm that provides deep insight across the full spectrum of IT and data management technologies. EMA analysts leverage a unique combination of practical experience, insight into industry best practices, and in-depth knowledge of current and planned vendor solutions to help their clients achieve their goals. Learn more about EMA research, analysis, and consulting services for enterprise line of business users, IT professionals and IT vendors at www.enterprisemanagement.com.