

Why AI should live in the business unit, not security: Lessons from mobile and cloud transitions | Mandy Andress (Elastic)
Jun 27, 2025
35:34
At Elastic, CISO Mandy Andress learned that pragmatic guardrails work better than blanket bans for managing AI adoption across their 3,500-person distributed workforce. Instead, she enables AI tools with smart controls rather than block them entirely.
As both a customer and provider in the AI ecosystem, Elastic faces unique challenges in AI strategy. Mandy explains how they're applying hard-learned lessons from cloud vendor lock-in to build flexible AI systems that can switch foundation models with minimal engineering effort.
She also shares why AI ownership is naturally migrating from security teams to business units as organizations mature their understanding of the technology.
Topics discussed:
- Elastic's dual role as vector database provider and AI customer.
- Transitioning AI ownership from security teams to business units.
- Building foundation model flexibility to avoid vendor lock-in.
- Quantifying AI business value through time auditing versus traditional ROI.
- Managing enterprise AI tool procurement floods without innovation barriers.
- Pragmatic AI guardrails versus blanket AI-blocking strategies.
- AI team organizational structures based on technical maturity.
- Focusing AI governance on access controls and API fundamentals.
- Behavioral analytics for credential-based attack detection.
Listen to more episodes: