Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

CSO Hall of Fame recognition and what it signals for AI security


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 9059
Topic starter  

TL;DR: Malcolm Harkins has been inducted into the CSO Hall of Fame for decades of work in cybersecurity, risk management, and responsible AI adoption, with formal recognition planned at the CSO Cybersecurity Awards & Conference in Nashville, according to HiddenLayer.

NHIMG editorial — based on content published by HiddenLayer: Malcolm Harkins' CSO Hall of Fame induction

Questions worth separating out

Q: How should security teams govern AI systems that act like non-human identities?

A: Treat them as governed identities, not just applications.

Q: Why do agentic AI systems change the identity governance problem?

A: They change the problem because behaviour can vary at runtime.

Q: What should organisations measure in an AI security governance programme?

A: Measure whether every AI workload has a named owner, whether its permissions are documented, and whether runtime actions are logged well enough to support review and containment.

Practitioner guidance

  • Map AI systems to identity ownership Create an inventory that links each AI workload or agent to a named owner, its authentication method, and the permissions it can exercise across tools and data sources.
  • Review AI lifecycle controls end to end Validate discovery, supply chain checks, runtime restrictions, and offboarding steps as one control chain rather than treating them as separate programmes.
  • Set explicit authority boundaries for agentic systems Define which actions require human approval, which can be executed automatically, and which data sources or tools remain off limits during runtime.

What's in the full analysis

HiddenLayer's full news item covers the organisational context and leadership detail this post intentionally leaves out:

  • The formal Hall of Fame recognition context and event details from the CSO Cybersecurity Awards & Conference
  • HiddenLayer's own framing of Malcolm Harkins' career contributions to cybersecurity and risk management
  • The company's broader positioning on AI security across discovery, supply chain security, and runtime protection
  • The additional related news links that place this recognition alongside HiddenLayer's wider AI security announcements

👉 Read HiddenLayer's Hall of Fame announcement for Malcolm Harkins →

CSO Hall of Fame recognition and what it signals for AI security?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 8498
 

AI security recognition is increasingly a proxy for governance maturity. The article is not about a breach or a product launch, but it still reveals where the market is heading: leadership in AI security is being recognised for risk management, resilience, and operational discipline. That is significant because enterprises do not just need tools, they need executives who can align identity, data, and AI controls under one decision model. Practitioners should read this as a signal that AI governance is becoming a board-level accountability issue, not a narrow technical specialty.

A few things that frame the scale:

  • 1 in 4 organisations are already investing in dedicated NHI security capabilities, with an additional 60% planning to do so within the next twelve months, according to The State of Non-Human Identity Security.
  • Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, which shows that confidence remains far behind deployment pressure.

A question worth separating out:

Q: What is the difference between AI security controls and NHI controls?

A: NHI controls focus on identities such as service accounts, keys, tokens, and certificates. AI security controls extend that model to systems that can reason, select tools, and sometimes act autonomously. In practice, the strongest programmes use NHI discipline as the baseline and then add governance for runtime decision-making.

👉 Read our full editorial: HiddenLayer CSO Hall of Fame induction underscores AI security leadership



   
ReplyQuote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 8498
 

AI security recognition is increasingly a proxy for governance maturity. The article is not about a breach or a product launch, but it still reveals where the market is heading: leadership in AI security is being recognised for risk management, resilience, and operational discipline. That is significant because enterprises do not just need tools, they need executives who can align identity, data, and AI controls under one decision model. Practitioners should read this as a signal that AI governance is becoming a board-level accountability issue, not a narrow technical specialty.

A few things that frame the scale:

  • 1 in 4 organisations are already investing in dedicated NHI security capabilities, with an additional 60% planning to do so within the next twelve months, according to The State of Non-Human Identity Security.
  • Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, which shows that confidence remains far behind deployment pressure.

A question worth separating out:

Q: What is the difference between AI security controls and NHI controls?

A: NHI controls focus on identities such as service accounts, keys, tokens, and certificates. AI security controls extend that model to systems that can reason, select tools, and sometimes act autonomously. In practice, the strongest programmes use NHI discipline as the baseline and then add governance for runtime decision-making.

👉 Read our full editorial: HiddenLayer CSO Hall of Fame induction underscores AI security leadership



   
ReplyQuote
Share: