Everyone Wants AI. Who Wants to Own the Risk Though?
Posted: Thursday, Jul 16
  • KBI.Media
  • $
  • Everyone Wants AI. Who Wants to Own the Risk Though?
Karissa Breen, more commonly known as KB, is crowned a LinkedIn ‘Top Voice in Technology’, and widely recognised across the global cybersecurity industry. A serial entrepreneur, she is the co-founder of the TMFE Group, a portfolio of cybersecurity-focused businesses spanning an industry-leading media platform, a specialist marketing agency, a content production studio, and the executive headhunting firm, MercSec. Now based in the United States, KB oversees US editorial operations and leads the expansion of the group’s media footprint across North America, while maintaining a strong presence in Australia, and the broader global market. She is the former Producer and Host of the streaming show 2Fa.tv, and currently sits at the helm of journalism for the group’s flagship arm, KBI.Media, the independent cybersecurity media company. As a cybersecurity investigative journalist, KB hosts her globally-renowned podcast, KBKast, where she interviews leading cybersecurity practitioners, CISOs, government officials including heads-of-state, and industry pioneers from around the world. The podcast has been downloaded in over 65 countries with more than 400,000 global downloads, influencing billions of dollars in cybersecurity budgets. KB is known for asking the hard questions and extracting real, commercially relevant insights. Her approach provides an uncoloured, strategic lens on the evolving cybersecurity landscape, demystifying complex security issues and translating them into practical intelligence for executives navigating risk, regulation, and rapid technological change.

i 3 Table of Contents

Everyone Wants AI. Who Wants to Own the Risk Though?

Boards want AI to move faster. CISOs now have to make sure it does not move out of control.

“Adoption isn’t, you know, watching some YouTube clips, keeping up to date with some articles, maybe doing a course in AI,” Mark Jones says. “That’s not adoption.”

For cybersecurity leaders, the line lands with force because it exposes a quiet problem inside many organisations. AI has moved from experiment to executive priority, but many of the people expected to govern it have not yet had time to properly understand it.

Jones, Co-Founder and deployed engineer at MosaicalAI, has been spending time with CISOs, security leaders and boards across Australia as they confront a difficult time, which is to enable AI adoption without becoming the ‘department of no’. Security cannot sit behind the business and review AI after the fact. It has to help shape how AI is adopted, governed and measured. That requires more than a policy.

“Adoption is getting your hands dirty, as in your machine, your lab. Understanding how it works, what it looks like,” he says.
Jones sees organizations spread across a wide spectrum. Some “really don’t understand even where to start.” Others have basic access to tools such as Copilot or chat interfaces. At the more mature end are companies with “fully set up, governed, guard railed, harnessed environments, builders in every team.”

Australia, he says, is behind in aggressive adoption compared with some other markets, although the pattern is uneven.

Many CISOs are not resisting AI because they dismiss it. They are time poor, overloaded and reluctant to admit they have not yet developed practical fluency. Jones says one senior Australian CISO warned him early that embarrassment would be part of the challenge.

The problem is that AI cannot be governed from a distance. Leaders who have only read about agentic systems, frontier models, local models, token consumption or model routing will struggle to make confident decisions when the business starts building with them.

And the business is already moving.

Jones describes a meeting with a CTO and CISO at a retail organisation. The CTO saw AI as a way to build a layer over inventory and warehouse data, identify demand spikes and reduce storage costs. The CISO’s instinct was to slow things down and control the risk.

Jones does not dismiss that instinct, as that is the DNA of a CISO. Uncontrolled AI development can create serious exposure. But he argues that growth and control are not opposites.

“What AI is giving us is the possibility of doing both,” he says. “You can turn up revenue through new ways of doing things, and you can increase productivity.”

That is why boards are paying attention. AI is being framed not purely as a productivity tool, but as a way to change revenue generation, operations and workforce output at once.

“It’s not a matter of if,” Jones says. “It’s how and when is it going to start generating results.”

For cyber teams, that changes the role. If security is absent, AI adoption will continue anyway. The question is whether it happens with proper controls, or around them.

Some security teams have responded by writing AI policies, joining governance forums and reviewing proposed use cases. Jones views that as a weak form of participation.

“You’re absolutely a passenger,” he says. “You’re just sitting there, you’re not really doing much.”

The better model, in his view, is live governance, which is a technical layer that monitors what models are being used, what data is being accessed, how interactions are logged, how tokens are consumed and when controls need to intervene.

Security should not necessarily own all of AI governance, Jones says. It is too broad for that. It touches business strategy, cost, data architecture, operations, legal exposure and productivity. But cyber needs a meaningful role in designing and validating the guardrails.

He separates the work into two streams, putting cyber into the AI process and putting AI into cyber processes. Both matter.

The simplest control is to block. Mr Jones understands why security leaders reach for it. But he warns that AI bans can recreate the same dynamic many businesses saw with cloud.

“What happens, you get shadow AI,” he says. “Shadow AI is a real thing.”

Employees who believe AI will help them work faster may find ways to use it anyway. They may move content into personal tools, take screenshots or use unapproved services beyond corporate visibility. Jones is careful not to suggest everyone will behave recklessly. His point is that blocking creates incentives.

“The process of blocking it will generate its own issues,” he says.

The alternative is controlled openness. Jones points to one company that placed no blanket ban on models, but controlled routing, usage, training and the environment in which models operated. It brought builders from different departments into structured sessions, identified real problems and placed AI use inside a governed architecture.

Not every task needs the most powerful model. Jones compares it to paying a professor to answer “what’s two plus two?” The professor can do it, but it is an expensive misuse of capability. Smaller, local models may be enough for many internal workflows.

Jones says enterprises are beginning to understand that AI consumption can become expensive quickly and token shock is coming down the pike. Open access to powerful models, without routing or cost controls, can create budget blindsides.

“Look out for your next bill,” he says. “Like it’s going to be out of control.”

He argues that companies are still operating in a heavily subsidised market for frontier models. If those economics shift, poorly architected AI programs may become far more costly than expected and completely blow the doors of annual budgets.

That challenges one of the central promises of AI, like ‘lower cost’. If employees use expensive models for routine work, the business may end up paying more for the same task and could even be more expensive the human employee.

The answer, Jones says, is architecture. Companies need to understand which models are appropriate for which tasks, where local processing makes sense, how workflows should be routed and how token consumption is measured. This is not just a technical issue, it’s financial governance.

For Jones, AI governance cannot live as a document on the intranet. Policies and standards matter, but they are only the starting point.

“Get a safe environment and build it,” he says. “Just build it.”

A real governance layer should capture inventory, access controls, data boundaries, model selection, logs, cost visibility, kill switches and data usage. It should show what is happening, not only state what should happen.

He expects platforms will emerge, but he resists the assumption that every company must wait for a vendor. Some governance capabilities can be prototyped internally and shaped around the organisation’s own architecture, risk appetite and regulatory obligations.

“The longer we just sit around talking about it, the more out of control things are going,” he says.

Jones believes the next two years will reshape work far beyond security.

“In two years, every single team that sits in front of a computer is going to change,” he says.

For cyber, that means roles will shift. Security professionals will not only assess tools. They will become builders, adapters and applied users of AI powered systems.

The CISO’s job is not becoming smaller. It is becoming more consequential. But the leaders who succeed will be those who can govern in motion. Everyone else may learn that the business of ‘no’ was never really a control.

Share This