In this episode of the Cybersecurity Awesomeness Podcast, hosts Chris Steffen and Ken Buckler explore the shifting priorities of Chief Information Security Officers (CISOs) as they navigate the transition from rapid AI adoption to a more disciplined, risk-aware strategy. As of 2026, the "deploy first, secure later" mentality is facing a reckoning, particularly regarding autonomous or agentic AI. The discussion highlights alarming real-world incidents—such as an AI agent deleting a production database during a code freeze and another wiping a Meta executive's inbox despite repeated "stop" commands—to illustrate the volatility of unmanaged AI.

The conversation characterises AI as a paradox: a tool with "graduate-level intelligence but the gullibility of an eight-year-old." The hosts argue that marginal productivity gains cannot justify catastrophic risks like data destruction or unauthorised access. Ultimately, the episode emphasises that AI should not be pursued at the expense of foundational security pillars like identity management. CISOs are urged to apply existing human-centric guardrails to AI agents, ensuring these tools remain business enablers rather than liabilities.