Join us tomorrow for "Hacking M&A"

Join us TOMORROW, Friday [07-10-26], for "Hacking M&A"

A merger closed in an afternoon. The access cleanup took years.

Join us Friday, July 10, 2026, for “Hacking M&A: An hour of critical thinking about the questions nobody asks before signing.”

It all begins at 1 PM ET/10 AM PT tomorrow, with guests Geoff Belknap, co-host, Defense in Depth, and Karl Mattson, founder and managing director, Squared Circle Ventures. We'll have fun conversation and games, plus at the end of the hour we'll do our meetup in breakout rooms.

Or register once for every upcoming Super Cyber Friday event. No need to sign up week to week.

Defense in Depth
Humans Are Bottleneck in a Machine-Speed World

Security built AI that can think for itself. No one agreed on when to trust it.

We're evolving fast to secure AI. But are we evolving fast enough to secure WITH AI?

Check out this post by Rinki Sethi, CSO, Upwind Security, for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Howard Holton, former CEO, GigaOm. Joining is Adam Glick, CSO, PSG Equity.

Listen to the full episode here.

Human-in-the-loop math

Security teams building AI into their own defenses are drawing a hard boundary around autonomy. Emily Choi-Greene of Clearly AI explained that as security engineers designing these systems, the job is to determine "when AI systems can make decisions on their own (in low-risk cases) and when a human should be in a loop." She noted that in theory, "if the use case is low enough risk, and there are enough compensating controls, 'almost right' can be good enough," but for now, every one of her team's AI security decisions still keeps a human in the loop, "and we still save the business a ton of time." Bil Harmer, CISO at Supabase, pushed on the details behind that tolerance for imperfection. "It would be interesting to know how 'close' it was on the answer," he said. He argued that "almost right" works fine for broad defenses while a threat is being localized, and that as attacks accelerate, security will need "a lot more general broad spectrum defense to slow the attacks long enough to find a solution."

Should machines decide at all

Not everyone agrees AI belongs in the decision seat. "LLMs should not be making security decisions. They're probabilistic, not deterministic. This is a bad use case," was the hard line drawn by Travis Gibson of Big Brothers Big Sisters of America. He went further, arguing that "any leaders who think otherwise shouldn't be leading in security." Stuart Green of The Armour Group raised a different concern about the infrastructure underneath these decisions. He warned that connecting multiple clouds to a single LLM "turns that cloud LLM into a highly prized target which will eventually succumb to an attack and will harm those connected to it."

From assistant to autonomous

The transition security teams are living through isn't hypothetical anymore. "The shift from AI-assisted to AI-autonomous security is no longer theoretical, it's operational," said Gagan Mathur of Shell. He framed the work ahead as embedding "trust, traceability, and guardrails into machine-speed decisions without slowing them down," adding that the real question isn't just whether AI is secure, but "are we secure with AI in the loop?" Donna Ross, CISO at Radian, sees a parallel shift in what security teams themselves need to become. Teams have to evolve "from gatekeepers to strategic collaborators, training, guiding, and aligning AI decisions with human values and risk tolerance," she said, warning that otherwise "we risk becoming the very friction point we're supposed to remove." She pointed to agentic AI as the next pressure point: these systems "will act, decide, and communicate without direct oversight," and without the same identity rigor applied to humans, "we'll lose control."

Redefining the security role

Speed and confidence aren't the same as understanding. Rajah Chowbay of Cyera framed the core challenge as one of context: "How do we make sure AI has enough context about risk, environment, and intent to move from 'almost right' to 'right enough to act without causing harm'?" He suggested the shift is less about new technology and more about a new mandate, one where "instead of guarding every door, maybe our job becomes helping others walk through them safely, without slowing everything down." Topaz Hurvitz of Israel Post connected that mandate to the current threat surface, noting that security has moved past "simply securing cloud resources" toward "securing emergent AI workloads in hybrid ecosystems." The "almost right" problem, she said, points to a need for "AI observability and explainability" in the security stack, along with "clear anomaly detection baselines established before autonomous remediation."

Please listen to the full episode on your favorite podcast app, or over on our blog, where you can read the full transcript. If you're not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now.

Thanks to our podcast sponsor, Palo Alto Networks

Subscribe to Defense in Depth podcast

Please subscribe via Apple Podcasts, Spotify, YouTube Music, Amazon Music, Pocket Casts, RSS, or just type "Defense in Depth" into your favorite podcast app.

Why EDR Alerts Are Useless Until They're Connected with ThreatLocker

Sponsored guest video

20 alerts. Zero idea how they connect. That's the real problem with EDR.

It's the alert fatigue Seamus Lennon, vp of operations EMEA at ThreatLocker, keeps hearing from customers: "I've got an EDR, I've got all these alerts, but what do I do with them and how are they connected?" Twenty signals firing on their own mean almost nothing. The enhanced ThreatLocker Detect collates them into a single case, so instead of triaging noise the picture comes together: what happened, how it happened, and how to stop it. The biggest lesson from the beta? That wider picture matters more than any single alert.

Watch the video here.

Big thanks to our sponsor, ThreatLocker

Cybersecurity Headlines - Department of Know

Our LIVE stream of The Department of Know happens every Friday at 4 PM ET / 1 PM PT with CISO Series producer Richard Stroffolino, and a panel of security pros. Each week, we bring you the cybersecurity stories that actually matter, and the conversations you’ve been having at work all week long.

Friday’s episode will feature Davi Ottenheimer, founder of flyingpenguin, and Chris Ray, field CTO, GigaOm. Join us on YouTube and catch up on what shaped the week in security.

Thanks to our Cybersecurity Headlines sponsor, Vanta

Share for a chance to WIN A FREE GIFT!

Help us get the word out! Share next week’s Super Cyber Friday registration link on LinkedIn, tag me (David Spark) and CISO Series, and you'll be entered for a chance to win an item from our prize store. We'll randomly pick one winner from everyone who shares.

Participate! Add our live shows to your calendar

Learn more about all of the fun ways you can participate, and add our events to your calendar.

Cyber chatter from around the web...
Jump in on these conversations

  • "Apple 'Hide My Email' Vulnerability Reveals Peoples' Real Email Addresses" (More here)

  • "Clean GitHub repo tricks AI coding agents into running malware" (More here)

  • "Claude Helped a Hacker Find a Way to Issue Tickets to Almost Every US Music Festival" (More here)

Coming up on Super Cyber Friday:

  • [07-10-26] - "Hacking M&A"

  • [07-17-26] - "Hacking the Shift in Security Work in the Last Five Years"

  • [07-24-26] - "Hacking the Reduced Tech Stack"

Register for and add all of these events to your calendar on our Events Page.

Cybersecurity Headlines - Daily News Shorts

Subscribe to the CISO Series YouTube channel, for daily shorts videos from CISO Series reporter, Rich Stroffolino. You can find all of the stories he’s covered, plus new content every weekday, at the Cybersecurity Headlines Shorts YouTube playlist.

Thank you for supporting CISO Series and all our programming

We don’t just say we appreciate your feedback; we incorporate it into our programming. Learn more about all of the fun ways you can participate.

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing on social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.