AI Security, Cyber Risk, and Cloud Strategy on ClearTech Loop

ClearTech Loop Special Edition: Rethinking CDN Pricing with AWS CloudFront

Cloud pricing can look simple until the bill arrives.  In this ClearTech Loop Special Edition, Jo Peterson talks with Cristian Graziano, Principal Product Manager at Amazon Web Services, about AWS CloudFront flat rate plans and why predictable pricing matters for teams delivering internet facing applications.  Cristian explains how CloudFront helps accelerate and secure applications, why customers often combine CDN, WAF, DDoS protection, DNS, logging, and monitoring, and how flat rate plans are designed to make that model easier to understand, approve, and manage.  In this episode  Jo and Cristian discuss:  * What AWS CloudFront does   * Why CDN pricing can get complicated   * How CloudFront flat rate plans simplify pricing   * Why predictable monthly costs matter for developers, business units, SMBs, and enterprise teams   * How AWS is making security part of the starting point   * Why WAF, DDoS protection, bot controls, and security visibility matter for internet facing applications   Featured quote  “Security is included by default.” Cristian Graziano, Principal Product Manager, AWS  About the guest  Cristian Graziano is a Principal Product Manager at Amazon Web Services. His work focuses on the customer experience for AWS CloudFront, including onboarding, console experience, and pricing.  🎧 Listen: In Buzzsprout Player ▶ Watch on YouTube: https://www.youtube.com/@ClearTechResearch/playlist [https://youtu.be/byUzDwQV-DY] 📰 Subscribe to the Newsletter: https://www.linkedin.com/newsletters/7346174860760416256/ [https://www.linkedin.com/newsletters/7346174860760416256/]

AI Security Starts with Education: James McQuiggan on Shadow AI, NHIs, and AI Defense

AI security is not only about policies, tools, and controls. It is also about education.  In this episode of ClearTech Loop, Jo Peterson talks with James McQuiggan, founder and CISO of Apparent Security, about shadow AI, non human identities, and what AI defense means as organizations try to keep up with real world AI adoption.  James brings the lens of an educator to the conversation. His perspective keeps coming back to how people learn, how they adopt new tools, and why security teams need to guide safe AI use instead of relying on blocking or policy alone.  In this episode  Jo and James discuss:  * Shadow AI as the next version of shadow IT  * Why AI adoption is happening faster than governance and training  * How CISOs and CIOs can create safer paths for employees using AI  * Why non human identities create new access and data flow risks  * How AI defense includes defending with AI, defending against AI enabled attacks, and protecting AI systems themselves  Timestamps  00:00 Introduction to James McQuiggan and the episode theme  02:32 Shadow AI as the next version of shadow IT  06:17 Why education matters in AI policy and rollout  07:34 Training, micro learning, and helping users work safely  10:05 Non human identities, access, and data flow  12:27 What AI defense means in practice  15:00 Final thoughts and closing  Guest Bio  James McQuiggan is founder and CISO of Apparent Security. He is a threat intelligence strategist, cybersecurity educator, and practitioner with more than 25 years of experience across critical infrastructure, human risk management, and security leadership.   Resources  * AI and the Boardroom: Bridging Innovation and Security by James McQuiggan: https://blog.knowbe4.com/ai-and-the-boardroom-bridging-innovation-and-security [https://blog.knowbe4.com/ai-and-the-boardroom-bridging-innovation-and-security?utm_source=chatgpt.com]  * National Institute of Standards and Technology Cybersecurity Framework: https://www.nist.gov/cyberframework [https://www.nist.gov/cyberframework]  Follow  Follow ClearTech Loop for more conversations on AI security, cybersecurity leadership, AI governance, and enterprise technology strategy.  🎧 Listen: In Buzzsprout Player ▶ Watch on YouTube: https://www.youtube.com/@ClearTechResearch/playlist [https://youtu.be/byUzDwQV-DY] 📰 Subscribe to the Newsletter: https://www.linkedin.com/newsletters/7346174860760416256/ [https://www.linkedin.com/newsletters/7346174860760416256/]

AI Security: Shadow AI, Non Human Identities, and AI Defense (Rock Lambros)

AI is already inside your environment.  The problem is most organizations don’t fully see where or how it’s being used.  In this episode of ClearTech Loop, Jo Peterson sits down with Rock Lambros, CEO of RockCyber, to break down what’s actually happening with shadow AI, non human identities, and AI defense as adoption moves faster than governance.  Why This Matters  This isn’t a future problem.  Teams are already:  * Using AI tools outside of approved environments   * Creating machine and agent identities at scale   * Relying on security models that were never designed for this level of automation   That gap between adoption and control is where risk is showing up.  What You’ll Hear in This Episode  * Why shadow AI is a governance issue, not just a security problem   * How non human identities are scaling beyond what most organizations can manage   * What AI defense actually means beyond vendor messaging   * Where organizations are most exposed right now   Key Insight  AI security isn’t breaking because organizations aren’t trying.  It’s breaking because the systems meant to manage risk are moving slower than the systems creating it.  About the Guest  Rock Lambros is CEO and Founder of RockCyber and a contributor to the OWASP GenAI Security Project. His work focuses on AI governance, agentic security, and helping organizations understand how AI changes the attacksurface.  Resources  OWASP GenAI Security Project: https://genai.owasp.org/ [https://genai.owasp.org/] AAGATE Framework: https://www.rockcybermusings.com/p/aagate-governing-the-ungovernable-operationalizing-nist-ai-rmf-agentic-ai [https://www.rockcybermusings.com/p/aagate-governing-the-ungovernable-operationalizing-nist-ai-rmf-agentic-ai] Governing the Ungovernable: https://aicybermagazine.com/governing-the-ungovernable/ [https://aicybermagazine.com/governing-the-ungovernable/]  🎧 Listen: In Buzzsprout Player ▶ Watch on YouTube: https://www.youtube.com/@ClearTechResearch/playlist [https://youtu.be/byUzDwQV-DY] 📰 Subscribe to the Newsletter: https://www.linkedin.com/newsletters/7346174860760416256/ [https://www.linkedin.com/newsletters/7346174860760416256/]

AI Security: Todd Smith on Shadow AI, NHIs, and AI Defense

What does AI security actually look like inside real organizations?  In this episode of ClearTech Loop, Jo Peterson talks with Todd Smith, SVP and Director of Customer IAM and Threat Intelligence at Ameris Bank, about shadow AI, non human identities, and what AI defense looks like in environments where identity, fraud, and security are tightly connected.  They unpack why shadow AI is both an IT and security issue, why blocking AI tools is not a long term strategy, and how organizations are trying to bring more visibility and control to environments where AI adoption is already happening across teams.  Todd explains how shadow AI creates real risk through data leakage, IP exposure, and regulatory pressure, especially when employees turn to unapproved tools to move faster. The conversation also highlights the role of training, as organizations shift from simply restricting behavior to helping employees understand how to use AI safely.  The discussion then moves to non human identities, where Todd describes the operational challenge of managing identities that do not follow a clean lifecycle. These identities can accumulate over time, often without clear ownership, creating a growing need for discovery, cleanup, and better control moving forward.  From there, Jo and Todd explore AI defense from a practical standpoint. Instead of starting with external threats, the conversation focuses on understanding what is happening inside the environment first, including how AI interacts with data, identity, and access. That internal visibility becomes the foundation for any broader defense strategy.  This episode is especially relevant for CIOs, CISOs, security leaders, and identity leaders working through the realities of AI adoption, governance, and risk in enterprise environments.  Timestamps  00:00 Introduction to Todd Smith and episode context  01:40 Shadow AI: IT problem, security problem, or both?  04:50 Discovery, visibility, and managing shadow AI  07:55 Security as the “Department of Education”  10:45 Non human identities and lifecycle challenges  13:20 AI defense: starting inside the environment  Guest Bio  Todd Smith is SVP and Director of Customer IAM and Threat Intelligence at Ameris Bank. His work spans identity, fraud, threat intelligence, and AI security in financial services environments. He has held leadership roles across Ameris Bank, SoFi, Barclays, Citi, and the FBI, focusing on identity, cyber fraud, and intelligence driven security operations.  Additional Resources  * National Institute of Standards and Technology AI Risk Management Framework: https://www.nist.gov/itl/ai-risk-management-framework [https://www.nist.gov/itl/ai-risk-management-framework]  * National Institute of Standards and Technology Cybersecurity Framework (CSF): https://www.nist.gov/cyberframework [https://www.nist.gov/cyberframework]  * MITRE ATT&CK Framework: https://attack.mitre.org/ [https://attack.mitre.org/]  * Season 1 ClearTech Loop: https://www.buzzsprout.com/2248577 [https://www.buzzsprout.com/2248577]  Follow ClearTech Loop  Follow ClearTech Loop for more conversations on AI security, cybersecurity leadership, AI governance, and enterprise technology strategy.  🎧 Listen: In Buzzsprout Player ▶ Watch on YouTube: https://www.youtube.com/@ClearTechResearch/playlist [https://youtu.be/byUzDwQV-DY] 📰 Subscribe to the Newsletter: https://www.linkedin.com/newsletters/7346174860760416256/ [https://www.linkedin.com/newsletters/7346174860760416256/]

AI Security: Thomas Bryant on Shadow AI, NHIs, and AI Defense

What does AI security actually look like inside real organizations?  In this episode of ClearTech Loop, Jo Peterson talks with Thomas Bryant, Director of Technical Marketing at Pure Storage and independent analyst and consultant at THB3, about shadow AI, non human identities, and what leaders should really mean when they talk about AI defense.  They unpack why shadow AI is both an IT and security issue, how CISOs and CIOs are approaching identity and governance, and why AI defense is increasingly becoming a resilience question rather than just a detection one.   In this conversation, Thomas explains why shadow AI is not just a security problem. It is also an IT, tooling, and governance problem, especially when organizations are trying to help employees move faster without exposing enterprise data through non approved tools. He also shares how leaders are using discovery, inventory, and training to bring more structure to environments where AI adoption is already ahead of visibility.   The discussion then shifts to non human identities, where Thomas argues that organizations need to think differently about bots, scripts, and AI agents that can outnumber humans at massive scale. From there, Jo and Thomas dig into AI defense as a broader operational challenge centered on adversarial AI, faster response, resilience, and recovery when humans cannot keep up on their own. This episode is especially relevant for CIOs, CISOs, security leaders, IT leaders, and enterprise technology teams trying to balance AI adoption with governance, accountability, and resilience.   Timestamps  00:00 Introduction to Thomas Bryant and the episode theme  01:39 Shadow AI: IT problem, security problem, or both?  03:04 Discovery, standardization, and training around shadow AI  05:07 NHIs, onboarding, and machine identity management  07:18 Super agents, governance, and traceability  11:09 AI defense, adversarial AI, and resilient security   Guest Bio  Thomas Bryant is Director of Technical Marketing at Pure Storage and an independent analyst and consultant at THB3. He has held leadership roles across Pure Storage, Commvault, VMware, and Dell, with a focus on technical marketing, infrastructure, cloud, AI, and cybersecurity. His work centers on helping technical teams make complex technology easier to understand and act on.   Additional Resources  * Thomas Bryant on LinkedIn: https://www.linkedin.com/in/thomashbryant/ [https://www.linkedin.com/in/thomashbryant/]   * Season 1 ClearTech Loop: https://www.buzzsprout.com/2248577 [https://www.buzzsprout.com/2248577]   * Thomas Bryant Podcast (2024): https://podcasts.apple.com/us/podcast/the-resilience-rundown/id1730107130 [https://podcasts.apple.com/us/podcast/the-resilience-rundown/id1730107130]   Follow ClearTech Loop for more conversations on AI security, cybersecurity leadership, AI governance, and enterprise technology strategy    🎧 Listen: In Buzzsprout Player ▶ Watch on YouTube: https://www.youtube.com/@ClearTechResearch/playlist [https://youtu.be/byUzDwQV-DY] 📰 Subscribe to the Newsletter: https://www.linkedin.com/newsletters/7346174860760416256/ [https://www.linkedin.com/newsletters/7346174860760416256/]