Business Security Weekly (Audio) Internal Audit Focal Points for 2026 as AI Impacts Conventional Cybersecurity - Tim Lietz - BSW #431
20 snips
Jan 21, 2026 Tim Lietz, National Practice Leader for Internal Audit Risk & Compliance at Jefferson Wells, provides insights into critical shifts in internal audit priorities for 2026. He highlights that cybersecurity and AI will dominate the landscape, as organizations grapple with rising economic uncertainties. Lietz discusses the need for trust between audit and IT leaders, the implications of third-party risks, and how conventional cybersecurity won't suffice for AI systems. He also emphasizes the importance of proactive collaboration to identify vulnerabilities and prepare for future challenges.
AI Snips
Chapters
Transcript
Episode notes
Monthly Lunches Built Trust And Focus
- Tim Lietz recounts monthly lunches with his CIO and CISO to build frank, trusted relationships and align audit focus.
- He asked them which risks could cause severe career damage and used those to guide audit priorities.
Third-Party Risk Is Intensified By AI
- Third-party risk can be obscured by AI and shifting priorities, but remains critical given outsourced AI infrastructure and data access.
- Organizations often grant persistent access to vendors and forget to revoke or control how vendors use sensitive data.
Shadow AI Usage Creates Major Data Exposure
- Many employees use unauthorized AI tools and put sensitive company data into public models, creating massive shadow IT risk.
- The convenience of external AI tools drives risky behaviors when corporate controls are too restrictive or slow.