Risky Business Features Why CISOs need to be more flexible in the AI era
Apr 3, 2026
Brad Arkin, experienced cybersecurity leader and former CISO at Adobe, Cisco and Salesforce, shares perspectives on supply-chain risks and AI-driven threats. He discusses how AI accelerates attackers more than defenders. He explores trade-offs like patch timing versus supply-chain risk. He highlights prevention, stronger egress controls, and new tools like syscall sandboxing and network-layer defenses.
AI Snips
Chapters
Transcript
Episode notes
Attackers Scale Faster Than Defenders
- Attackers are more efficiently aligned to malicious goals than defenders because they lack lawyers and bureaucratic delays.
- Brad Arkin notes AI amplifies attackers' focus, letting them find and exploit bugs without waiting for CVEs or red tape.
LightLM Compromise Hit RSA Weekend
- A supply-chain compromise (LightLM) hit during RSA, illustrating simultaneous excitement and crisis at the conference.
- James Wilson describes Team PCP's rapid activity and how LightLM's compromise arrived Sunday night of RSA.
Allow Controlled AI Experimentation
- Don't be the office of no; enable experimentation with AI tools or you'll be excluded from critical conversations.
- Brad Arkin describes CISOs bending past prior "hard-no" rules and running OpenClaw facilitation programs to permit safe experimentation.