Recently on the DevSecOops podcast, hosts Tom Walker and Scott Fletcher sat down with George Abraham, CISO at Influx, to discuss the changing nature of cybersecurity leadership, the human challenges of leading teams, and the complex security risks emerging from new technologies.
George began with a note that cybersecurity careers rarely follow a straight line. For instance, his journey began with a spark of curiosity after watching the film Ferris Bueller’s Day Off. What started as an interest in a connected world led him to become a Firewall Engineer at Check Point and eventually into a career that spanned telecommunications, managed services, compliance auditing, penetration testing, and senior leadership.
When asked how the role of cybersecurity leadership has changed, George was quick to point out that modern CISO can no longer rely on technical mastery alone. He emphasised that executives are now expecting fluency in business and technology, treating cybersecurity as a core part of corporate governance. He shared that this shift is partly driven by how adversaries and defenders evolve over time. Scott agreed and highlighted the importance of having people on board who have the skills to interpret and understand what is being presented to them.
While this shift is a huge improvement from the then ‘security-is-an-IT-only-task’ perspective, it also created a new set of challenges. Managing a distributed workforce, from engineers to part-time support staff, is as much about culture and motivation as it is about systems. With the competing priorities, George admitted that aligning a diverse workforce with a common vision can be harder than solving technical problems.
The conversation then turned to artificial intelligence, which Tom described as a double-edged sword. On one hand, AI can strengthen defences by analysing patterns and responding at speed. On the other, it is increasingly being weaponised to personalise threats at a scale, something that individual attackers could never achieve.
George agreed and shared that at Influx, his team has played around with a range of generative AI platforms and found each to carry a distinct character. For example, ChatGPT often comes across as agreeable, Gemini tends to be more fact-driven but impersonal, while others lean in different directions. In security, though, the real story is how these tools are applied. Defensively, AI has been part of the toolkit for years, with organisations like CrowdStrike moving away from signatures and relying instead on AI-driven telemetry. Offensively, however, platforms such as WormGPT are now being used to create phishing content that is more convincing, more targeted, and ultimately harder to spot.
The rise of AI may be reshaping phishing, detection, and even leadership expectations, but the message was clear: defenders have no choice but to evolve just as quickly as attackers. For CISOs like George, the challenge is not only in keeping up with the technology, but in preparing teams and businesses to navigate a world where the line between human and machine-led threats is blurring.