3078: IBM on the Future of Cloud Security: AI's Impact on Shared Responsibility

With AI fundamentally reshaping the cloud, what does this mean for the future of security?

In this episode, Nataraj Nagaratnam, CTO of Cloud Security at IBM, joins us to dive into the evolving dynamics of cloud security in the age of AI. As organizations integrate AI into their cloud environments, the traditional lines of responsibility for security are being redrawn, raising new questions about who safeguards what and how emerging risks are addressed.

Nataraj unpacks how AI-generated code is introducing unique vulnerabilities, with recent studies highlighting that nearly half of organizations are concerned about the security risks posed by AI-driven development.

My guest explains how the complex, multilayered enterprise AI stack—from applications and models to data and infrastructure—requires a nuanced, data-centric approach to security. This approach includes assessing data sensitivity, managing keys, and implementing tailored controls, especially as unstructured data and machine learning models bring fresh security challenges.

The shared responsibility model is also undergoing a transformation, with Nataraj outlining a shift from a simple customer-provider dynamic to one that includes AI model providers and data lineage.

With industries like healthcare and finance running critical systems in the cloud, regulatory frameworks are tightening, and transparency in model development and data lineage is increasingly emphasized.

Nataraj explores how IBM is working to normalize these controls across sectors, enabling compliance and resilience in a diverse range of cloud environments.

Automation emerges as a cornerstone of Nataraj's strategy, helping organizations maintain secure, compliant cloud environments in both deployment and operations. He illustrates a dual-phase approach—automation for initial secure deployments and ongoing compliance monitoring—to ensure that security remains robust as systems evolve.

Finally, we discuss the future of cloud security, including the need for AI governance, third-party risk management, and transparency in model use, all critical as the AI-driven Supercycle unfolds.

What will the future of cloud security look like as AI becomes an integral part of our digital infrastructure? Tune in to explore Nataraj's vision and strategies, and join the conversation—how is your organization preparing for the new era of AI and cloud security?