AI Governance in an Era of Rapid Change

In this episode of Cyber Sentries, John Richards talks with Walter Haydock, founder of StackAware, about navigating the complex landscape of AI governance and security. Walter brings unique insights from his background as a Marine Corps intelligence officer and his extensive experience in both government and private sectors.

Understanding AI Risk Management

Walter shares his perspective on how organizations can develop practical AI governance frameworks while balancing innovation with security. He outlines a three-step approach starting with policy development, followed by thorough inventory of AI tools, and assessment of cybersecurity implications.

The discussion explores how different industries face varying levels of AI risk, with healthcare emerging as a particularly challenging sector where both opportunities and dangers are amplified. Walter emphasizes the importance of aligning AI governance with business objectives rather than treating it as a standalone initiative.

Questions We Answer in This Episode:

• How should organizations approach AI governance and risk management?
• What are the key challenges in implementing ISO 42001 for AI systems?
• How can companies address the growing problem of "shadow AI"?
• What are the implications of fragmented AI regulations across different jurisdictions?

Key Takeaways:

• Organizations need clear AI policies that define acceptable use boundaries
• Risk management should integrate with existing frameworks rather than create separate systems
• Companies must balance compliance requirements with innovation needs
• Employee education and flexible approval processes help prevent shadow AI usage

The Regulatory Landscape

The conversation delves into emerging AI regulations, from New York City's local laws to Colorado's comprehensive AI Act. Walter provides valuable insights into how organizations can prepare for upcoming regulatory changes while maintaining operational efficiency.

Links & Notes

• StackAware
• Connect with Walter on LinkedIn
• Learn more about Paladin Cloud
• Got a question? Ask us here!

• (00:04) - Welcome to Cyber Sentries
• (00:30) - Walter Haydock from Stackaware
• (01:13) - Walter’s Background
• (02:36) - Areas Needing Improvement
• (03:23) - Integrating AI
• (04:33) - Stackaware’s Role
• (06:25) - AI Certification Standard
• (07:17) - Implementation Challenges
• (08:28) - Thoughts on Looser Protocols
• (11:16) - Regulations
• (13:01) - Approaches
• (14:57) - Areas of Concern
• (17:26) - Handling Risk
• (18:37) - Who Should Own AI Governance
• (19:43) - Pushback?
• (21:15) - Proper Techniques
• (22:26) - What Levels
• (23:49) - Smaller Companies
• (25:54) - Ideal Legislation
• (28:48) - Plugging Walter
• (29:36) - Wrap Up

Revolutionizing Cloud Security with AI-Powered Distributed Systems

In this episode of Cyber Sentries, John Richards sits down with Mark Fussell, CEO of Diagrid and co-creator of the Distributed Application Runtime (DAPR). Mark shares insights from his extensive experience in distributed systems and discusses how modern architectures are evolving to incorporate AI capabilities.

The Evolution of Distributed Applications

Mark explains how DAPR emerged from observing common challenges teams faced when building distributed systems. The project, which started in 2018 and became open source in 2019, has grown into a graduated Cloud Native Computing Foundation (CNCF) project used by thousands of companies worldwide. He details how DAPR's component model allows teams to swap infrastructure without changing code, providing crucial flexibility for enterprise systems.

Questions We Answer in This Episode

• How are distributed applications transforming modern software development?
• What role does security play in distributed architectures?
• How can organizations integrate AI agents into existing distributed systems?
• What's next for distributed systems in the age of AI?

Key Takeaways

• DAPR provides essential building blocks for secure, distributed applications
• Workflow durability is crucial for enterprise-ready AI agent systems
• Identity-based security principles are fundamental to distributed architectures
• The future of distributed systems will blend traditional microservices with AI agents

The Future of AI in Distributed Systems

Mark discusses Diagrid's Catalyst platform, which helps organizations build enterprise-ready distributed applications with integrated AI capabilities. He emphasizes the importance of security, durability, and workflow management as organizations begin incorporating AI agents into their systems.

Links & Notes

• Connect with Mark on LinkedIn
• Learn more about DAPR
• Diagrid
• Learn more about Paladin Cloud
• Got a question? Ask us here!

• (00:00) - Welcome to Cyber Sentries
• (00:30) - Diagrid’s Mark Fussell
• (01:07) - Meet Mark
• (04:37) - The Journey
• (10:55) - New AI Models
• (15:01) - On the Security Side
• (16:52) - Where Things Go Next
• (20:10) - Bringing in New Agentic Models
• (24:20) - Catalyst
• (27:12) - Getting in Touch
• (28:35) - Wrap Up

AI-Powered Cloud Security: From Research Lab to Enterprise Reality

In this episode of Cyber Sentries, John Richards talks with Mohit Tiwari, co-founder and CEO of Symmetry Systems and associate professor at UT Austin, about transforming academic research into practical enterprise security solutions. Mohit shares his journey from academic research to founding a company that's revolutionizing how organizations approach data security in the age of AI.

Bridging Academia and Industry

Mohit discusses how his research team at UT Austin developed innovative approaches to data security and privacy, working with organizations like NSA, Lockheed, and General Dynamics. Their work led to founding Symmetry Systems in 2020, focusing on operationalizing data flow security across enterprise environments.

The Evolution of Data Security

The conversation explores how traditional asset-centric security approaches are giving way to data-centric models. Mohit explains how Symmetry Systems helps organizations protect data flows across multiple applications and platforms, making security more efficient and effective than traditional bespoke solutions.

Questions We Answer in This Episode:

• How can organizations move from bespoke security solutions to systematic approaches?
• What role does AI governance play in modern enterprise security?
• How can companies effectively manage data security across different AI implementation scenarios?

Key Takeaways:

• Data-centric security approaches are becoming crucial as AI adoption increases
• Organizations need interoperable policy languages for effective AI governance
• Purpose-built, smaller AI models can be more effective than large, general-purpose ones
• Security solutions must evolve to handle the massive scale of modern enterprise data

Looking Ahead: The Future of AI Security

The episode concludes with insights into emerging challenges in AI security, including the need for better business purpose frameworks and advanced detection capabilities for sophisticated attacks like ransomware.

Resources

• Symmetry Systems website
• Connect with Symmetry Systems on LinkedIn
• Learn more about Paladin Cloud
• Learn more about Cyberproof
• Got a question? Ask us here!

• (00:04) - Welcome to Cyber Sentries
• (01:02) - Meet Mohit
• (03:06) - Application Examples
• (08:15) - Key Metrics
• (10:52) - Effects of AI
• (14:16) - Environments and Interfaces
• (16:39) - Tying It Together
• (18:19) - AI in the Process
• (22:51) - Model Decisions
• (25:41) - Research to Project
• (29:13) - Problems
• (31:25) - Wrap Up