Notifications
Clear all
Topic starter
27/06/2026 1:10 pm
TL;DR: CISOs are using AI in security today, separating real capability from marketing hype, and prioritising what they expect to defend against AI-powered threats, according to Abnormal AI. The practical takeaway is that AI strategy now has to be judged by governance fit and operational trust, not by labels or demos alone.
NHIMG editorial — here’s why we think this discussion matters
Questions worth separating out
Q: How should security teams evaluate AI tools in cybersecurity operations?
A: Security teams should evaluate AI tools by control outcome, not by branding or novelty.
Q: Why does AI in security change identity governance discussions?
A: AI changes identity governance when it begins to influence access, response, or operational decisions that were previously made by humans alone.
Practitioner guidance
- Define the AI control boundary Classify every AI use case in security operations as advisory, orchestrated, or authoritative.
- Test vendor claims against control evidence Require a demonstration of what the AI sees, what it decides, and what it can execute before it is trusted in production workflows.
- Keep human approval where authority changes Preserve a human review step whenever AI output can alter identity, privilege, or response paths.
What to expect at the briefing
Abnormal AI's full webinar covers the operational detail this post intentionally leaves for the source:
- Panel discussion on how CISOs are using AI in current security strategy
- Practical guidance on separating real AI capability from marketing hype
- Insight into the tools modern security teams are using to respond to AI-powered threats
- Discussion of how organisations are thinking about the future of AI in cybersecurity
👉 Watch Abnormal AI's on-demand webinar on AI in cybersecurity strategy →
AI in cybersecurity strategy: what practitioners are really prioritizing?
Explore further
27/06/2026 2:24 pm
AI in security is now a governance problem before it is a tooling problem. The article shows that CISOs are already treating AI as part of security strategy, which means the debate has moved beyond curiosity and into control design. The hard question is whether the organisation can distinguish AI that supports decisions from AI that starts to influence them. Practitioners should treat AI adoption as an access and accountability issue, not just a capability selection exercise.
A few things that frame the scale:
- 1 in 4 organisations are already investing in dedicated NHI security capabilities, with an additional 60% planning to do so within the next twelve months, according to The State of Non-Human Identity Security.
- Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities.
A question worth separating out:
Q: Who should remain accountable when AI is embedded in security workflows?
A: A named human owner should remain accountable for AI-enabled security workflows, including review, exception handling, and escalation. The model can assist decisions, but it cannot own policy, risk acceptance, or operational failure. That accountability is essential wherever AI touches identity, access, or incident response.
👉 Read our full editorial: AI in cybersecurity strategy: what CISOs say actually matters
