Who Owns Your AI Security Policy? with Chris Cochran
Hacker Valley Studio18 Maj

Who Owns Your AI Security Policy? with Chris Cochran

Right now, someone in your organization is probably feeding sensitive data into an AI system that nobody approved. So when something goes wrong, who's responsible? And more critically, do you even have a policy in place to answer that question?

Ron Eddings sits down with his Hacker Valley co-founder, Chris Cochran, now serving as SANS Field CISO and VP of AI Security, to talk about his freshly released SANS AI Security Maturity Model, a practical framework built for security leaders who need to stop philosophizing and start making decisions.

They cover the three pillars of AI security maturity: utilizing AI for defense, protecting AI itself, and governing it across the organization. Chris then gets real about where most enterprises actually stand (hint: not as far along as they think). Listen for a conversation that meets you wherever you are: skeptic, early adopter, or somewhere in between.

Impactful Moments

00:00 - Introduction

03:00 - Chris Cochran: from Co-Founder to SANS Field CISO

04:20 - Your board is pushing AI before security is ready

06:00 - Tiers of AI uses: summarization to full automation

07:50 - When AI shouldn't make the final call

10:10 - Bite-sized AI: starting small in the enterprise

11:45 - Introducing the SANS AI Security Maturity Model

13:20 - You can no longer afford to be an AI skeptic

16:30 - Three buckets: utilize, protect, and govern AI

18:50 - Fact or Cap: what level of maturity is your enterprise?

21:00 - Retroactive vendor risk and the AI explosion

23:05 - Agentic Identity: workforce, non-human, and beyond

25:00 - What works in the agentic identity space?

27:05 - Blockchain for agent identity: promising or hype?

29:00 - A Message for the next generation of practitioners

31:30 - Ron's closing take: who owns your AI policy?

Links

Connect with Chris Cochran on LinkedIn: ​​https://www.linkedin.com/in/chrishvm/

Download the SANS AI Security Maturity Model: https://www.sans.org/mlp/2026-ai-security-maturity-model-ebook

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(424)

What’s Next After Building a $2.5B Cybersecurity Company with Dean Sysman

What’s Next After Building a $2.5B Cybersecurity Company with Dean Sysman

What does it look like when a cybersecurity founder who built a $2.5 billion company decides to level up, again? Dean Sysman, co-founder of Axonius, sits down with Ron Eddings to pull back the curtain...

16 Mars 37min

Can AI Do Your Cyber Job? Post Your Job Req and Find Out with Marcus J. Carey

Can AI Do Your Cyber Job? Post Your Job Req and Find Out with Marcus J. Carey

Last episode, Ron and Marcus made predictions. This episode, they brought the receipts. A journalist built an app with vibe coding and got hacked on live television.  A social network built entirely...

6 Mars 38min

Why 69% of CISOs Are Ready to Walk Away with Anthony Johnson

Why 69% of CISOs Are Ready to Walk Away with Anthony Johnson

The CISO role isn’t the finish line, it’s a launchpad. 69% of security executives are eyeing the exit, and Anthony Johnson is proof that what comes next can be even bigger. Anthony Johnson, former Gl...

6 Mars 40min

Securing the Workspace Attackers Already Live In with Rajan Kapoor

Securing the Workspace Attackers Already Live In with Rajan Kapoor

Your email gateway isn't enough anymore, attackers are already inside the workspace through OAuth apps, browser extensions, and account takeover.  In this episode, Ron sits down with Rajan Kapoor, VP...

19 Feb 38min

Beating “Checkbox Security” With Continuous Offense with Sonali Shah

Beating “Checkbox Security” With Continuous Offense with Sonali Shah

Security doesn’t fail because you missed a tool, it fails because “secure today” tricks you into relaxing tomorrow. This episode exposes why the real fight isn’t compliance… it’s whether your defenses...

12 Feb 41min

Turning Agent Chaos into a Command Center with Pedram Amini

Turning Agent Chaos into a Command Center with Pedram Amini

Text threads made AI feel personal, then agents made it productive, and suddenly “success” turns into chaos you can’t even track. In this episode, Ron sits down with Pedram Amini, creator of Maestro,...

10 Feb 37min

Why MFA Isn’t the Safety Net You Think It Is with Yaamini Barathi Mohan

Why MFA Isn’t the Safety Net You Think It Is with Yaamini Barathi Mohan

Phishing didn’t get smarter, it got better at looking normal. What used to be obvious scams now blend directly into the platforms, workflows, and security controls people trust every day. In this epi...

29 Jan 32min

When Cybercrime Learned How to Make Money and Never Looked Back with Graham Cluley

When Cybercrime Learned How to Make Money and Never Looked Back with Graham Cluley

Cybersecurity didn’t start as a billion-dollar crime machine. It started as pranks, ego, and curiosity. That origin story explains almost everything that’s breaking today. Ron sits down with Graham C...

25 Jan 37min

Populärt inom Utbildning

historiepodden-se
rss-bara-en-till-om-missbruk-medberoende-2
det-skaver
nu-blir-det-historia
harrisons-dramatiska-historia
allt-du-velat-veta
johannes-hansen-podcast
not-fanny-anymore
rss-viktmedicinpodden
roda-vita-rosen
sa-in-i-sjalen
i-vantan-pa-katastrofen
sektledare
rss-max-tant-med-max-villman
rss-foraldramotet-bring-lagercrantz
rikatillsammans-om-privatekonomi-rikedom-i-livet
rss-sjalsligt-avkladd
rss-traningsklubben
rss-dr-bjorklund
vi-gar-till-historien