CISO Series Podcast Managing Risk Has Been a Priority Ever Since You Asked About It (LIVE in NYC)
Jan 13, 2026
Saket Modi, CEO of Safe Security and a pioneer in cyber risk quantification, shares his insights on autonomous cyber risk management. He discusses the importance of integrating AI with human oversight and the need to rethink governance in cybersecurity. Saket emphasizes the unpredictable nature of AI and the necessity for businesses to prioritize people in risk programs. He highlights that business owners bear the risk responsibility, while CISOs should guide them in minimizing threats. Their engaging conversation offers fresh perspectives on modernizing cyber risk strategies.
AI Snips
Chapters
Transcript
Episode notes
Shift GRC From Compliance To Risk
- Stop treating GRC as only compliance and checkbox work; focus on risk impact instead.
- Pull real telemetry and link controls to business risks so you can burn down risk, not just meet standards.
Treat AI Agents As Identities
- Treat agentic AI like non-human identities and apply identity, access, and privilege controls.
- Guardrails and audit trails for AI should mirror human identity controls to trace actions and limit access.
Worry About AI's Unknown Reasoning
- The scariest AI risks are the unknown unknowns in how AI can reason differently and find novel attack paths.
- Expect new, surprising strategies of infiltration beyond familiar ransomware and phishing patterns.