Future of Data Security

• EP 22 — Databricks' Omar Khawaja on Why Inertia Is Security's Greatest Enemy

  What if inertia — not attackers — is security's greatest enemy? At Databricks, CISO Omar Khawaja transformed this insight into a systematic approach that flips traditional security thinking on its head and treats employees as assets rather than threats.   Omar offers his T-junction methodology for breaking organizational inertia: instead of letting teams default to existing behaviors, he creates explicit decision points where continuing the status quo becomes impossible. This approach drove thousands of employees to voluntarily take optional security training in a single year.   There’s also Databricks' systematic response to AI security chaos. Rather than succumb to "top five AI risks" thinking, Omar's team catalogued 62 specific AI risks across four subsystems: data operations, model operations, serving layer, and unified governance. Their public Databricks AI Security Framework (DASF) provides enterprise-ready controls for each risk, moving beyond generic guidance to actionable frameworks that work regardless of whether you're a Databricks customer.   Topics discussed:   The T-Junction Framework to systematically break organizational inertia by eliminating default paths and forcing explicit decision-making Human risk management strategy of moving to behavior-driven programs that convert employees from liabilities to champions 62-Risk AI security classifications of data layer, model operations, serving layer, and governance risks with specific controls for each Methods for understanding true organizational risk appetite across business units, including the "double-check your math" approach Four-component agent definition and specific risks emerging from chain-of-thought reasoning and multi-system connectivity Why "AI strategy" creates shiny object syndrome and how to instead use AI to accelerate existing business strategy

  --------  

  31:34

  --------

  31:34
• EP 21 — Sendbird's Yashvier Kosaraju on Creating Shared Responsibility Models for AI Data Security

  Sendbird had AI agents take backend actions on behalf of customers while processing sensitive support data across multiple LLM providers. This required building contractual frameworks that prevent customer data from training generic models while maintaining the feedback loops needed for enterprise-grade AI performance.   CISO Yashvier Kosaraju walks Jean through their approach to securing agentic AI platforms that serve enterprise customers. Instead of treating AI security as a compliance checkbox, they've built verification pipelines that let customers see exactly what decisions the AI is making and adjust configurations in real-time.   But the biggest operational win isn't replacing security analysts: it's eliminating query languages entirely. Natural language processing now lets incident responders ask direct questions like "show me when Yash logged into his laptop over the last 90 days" instead of learning vendor-specific syntax. This cuts incident response time while making it easier to onboard new team members and switch between security tools without retraining.    Topics discussed:   Reframing zero trust as explicit and continuously verified trust rather than eliminating trust entirely from security architectures. Building contractual frameworks with LLM providers to prevent customer data from training generic models in enterprise AI deployments. Implementing verification pipelines and feedback loops that allow customers to review AI decisions and adjust agentic configurations. Using natural language processing to eliminate vendor-specific query languages during incident response and security investigations. Managing security culture across multicultural organizations through physical presence and collaborative problem-solving approaches rather than enforcement. Addressing shadow AI adoption by understanding underlying problems employees solve instead of punishing policy violations. Implementing shared responsibility models for AI data security across LLM providers, platform vendors, and enterprise customers. Prioritizing internal employee authentication and enterprise security basics in startup scaling patterns from zero to hundred employees.

  --------  

  20:40

  --------

  20:40
• EP 20 — MoonPay's Doug Innocenti on The Gut Instinct Gap in AI Security Operations

  What happens when you scale a crypto company across 160+ countries while maintaining the same security standards as Wells Fargo? At MoonPay, it meant rethinking how traditional banking security translates to high-velocity fintech environments. Doug Innocenti, CISO, breaks down how his team achieved PCI, SOC 2 Type 2, and regulatory licenses like BitLicense and MiCA without slowing product development. The secret is the ability to test multiple security tools in parallel and pivot quickly when something isn't working.   But velocity alone isn't enough, he cautions Jean. Doug's approach to AI in security reveals a critical insight: although AI-powered tools can dramatically reduce SOC response times and automate incident analysis, the "gut instinct gap" remains. His team uses AI to enable faster decisions, not replace human judgment — especially when patterns don't match what the algorithms expect to see.    Topics discussed:   Maintaining bank-level security posture while enabling startup velocity through security-first architecture and platform design principles. Scaling compliance across 160+ countries using pre-built infrastructure that accommodates PCI, SOC 2, BitLicense, and MiCA requirements. Implementing parallel security tool testing to accelerate vendor evaluation and avoid bureaucratic delays in enterprise environments. Adopting next-generation DLP solutions like DoControl that use AI-powered business intelligence for dynamic data boundary creation. Balancing insider threat monitoring with external threat defense through compensated controls and rapid reaction capabilities. Managing AI adoption risks while embracing acceleration benefits through defensive technology investment and vendor selection criteria. Using AI-enhanced SOC and SIEM operations to reduce incident response times while preserving human judgment for pattern recognition. Building transparent security culture where all employees become security professionals rather than maintaining background security operations.

  --------  

  22:36

  --------

  22:36
• EP 19 — Cribl's Myke Lyons on Data Hierarchies That Cut Security Costs

  Myke Lyons brings an unconventional background to cybersecurity leadership, having trained as a chef before discovering his passion for breaking and rebuilding IT systems. As CISO at Cribl, he applies culinary principles like mise en place to security operations while solving the fundamental economics problem facing every security team.   The math is unforgiving, he tells Jean: data volumes grow at 28% annually while security budgets remain flat. Myke's solution involves intelligent data hierarchies that route critical authentication logs to expensive SIEM systems while automatically sending regulatory compliance data to cheaper cold storage, reducing costs by 70-80% through format optimization.   Topics discussed:   The fundamental economics challenge of increasing annual data growth versus flat security budgets and how intelligent data hierarchies solve this by routing critical logs to expensive systems while storing compliance data in cheaper cold storage. Smart data pipeline architecture that eliminates vendor lock-in by enabling simultaneous testing of multiple security technologies on identical datasets while maintaining complete data ownership across any storage platform. Building security culture through partnership rather than punishment, including automated nudges for personal account security and micro-bonus rewards for completing security training. AI agent implementation for automated phishing response that performs tier-two-level analysis, hunts across email environments, and provides cohesive incident summaries with risk ratings for security analysts. The evolution from manual security operations to AI-powered automation, with predictions that full tier one analyst capabilities will be available within months for organizations with comprehensive security telemetry. Data format optimization strategies that reduce log storage costs by 70-80% through UNIX timestamp conversion and elimination of redundant vendor-specific wrapper formats that create unnecessary data bloat. Mise en place principles from professional kitchens applied to security incident response, treating procedures like recipes with clear preparation steps and proper tooling to reduce response time and improve consistency. The importance of establishing data architecture early in security programs to avoid complicated remediation of poor data decisions that become exponentially more expensive to fix over time. LLM integration for security operations including query writing assistance, pipeline creation, sensitive data redaction, and context-aware threat intelligence that reduces analyst toil and improves detection capabilities.

  --------  

  28:51

  --------

  28:51
• Ask Jean – How Does Data Visibility Transform Crisis into Calm?

  Welcome to a special edition of Future of Data Security, where our host Jean Le Bouthillier answers the top questions our listeners have asked us. In today's episode, Jean addresses how data visibility can turn crisis into calm.  Would you like to have Jean answer one of your questions in a future episode? Email [email protected] with your question and a short summary of why you're looking for an answer!

  --------  

  2:22

  --------

  2:22

More Technology podcasts

Trending Technology podcasts

About Future of Data Security

Future of Data Security: Podcasts in Family