Rising to the agentic opportunity: How cybersecurity leaders are approaching their biggest AI challenges

Learn how Okta, 909Cyber, Virsec Systems, and Votal AI are navigating the migration to agentic security

The conversation around AI and cybersecurity has shifted from cautious curiosity to an urgent, operational reality. The distillery team joined co-founder and CEO of Votal AI, BobbyGupta, to speak to key leaders in cybersecurity to see how they're navigating the rapid shift to securing agentic workplaces. These leaders included:

  • Allison Johnson, Head of Customer and Executive Marketing at Okta

  • Den Jones, founder and CEO at 909Cyber

  • Satya Gupta, founder and CTO at Virsec Systems

  • Jyotirmoy Sundi, co-founder and CTO at Votal AI

Understanding how AI is shifting day-to-day security operations

As companies hustle to change their mission statements to include AI in their identities, it’s important to ask what that means for their customers, roadmaps, and pipelines. These focus areas help establish what guardrails need to be put in place. This means they can integrate AI in ways that are authentic, honest, and secure, ensuring innovation and security support one another.

Throughout the panel, the speakers identified core areas security leaders should have their eyes on today, including:

  • Increasing rates of prompt injections

  • Training data and models securely

  • Monitoring agents as they move from passive to autonomous actors

  • Developing rules for what employees feed to AI

They also noted that bad actors aren't new to AI. They've been leveraging it for some time, and the pace, scale, and quality of AI-enabled attacks is only increasing. 

The group also emphasized the importance of treating AI like any other powerful tool that requires clear thinking to use well. Getting value from AI responsibly means prompting carefully, validating outputs, and making systems check their own work. And as AI moves from answering questions to actively doing work, it’s important to continually assess its risk profile. Speakers compared the challenge of governing agents to onboarding new employees: you have to define what data they can access and what actions they're responsible for.

Responding to increasing demands for faster AI deployment

Gartner reported that roughly 30% of companies had AI agents live in production last year. This year, that number has jumped to 78%. But deploying at that speed has its tradeoffs. The panelists agree that, while policies and guardrails are important, they aren’t the active steps to protecting their businesses. One speaker shared a quote from one of their customers to drive the point home: “Have you ever seen a perfect guardrail on a road? If you drive a car straight at it, you’ll still go through.”

The practical application of security standards lives in the technical controls baked into the software they use every day. Speakers agreed that the relationship between security protections and innovation hasn’t changed: companies always want to grow quickly, and security has to keep up. What's new is that AI is now being used to build and check the code itself, which means security teams will increasingly need agents to check agents. This is quickly leading to agent sprawl emerging as one of the biggest risks security teams face, and falling behind on it now will be costly.

Since AI is now writing production code, handling QA, and accelerating every step of the development cycle, the volume of code that needs testing is growing. To meet this need, our panelists recommend red teaming early. Even if everything isn't patched, knowing what's vulnerable helps teams prioritize. And as agents grow in number, understanding who owns them, what data they touch, and what applications they're connected to is invaluable. 

Managing AI threats without an AI-backed budget

The panelists agreed that across industries, organizations are hearing from board members that AI can replace headcount and reduce costs, but the gap between expectation and reality is wide. Board members compress multi-year roadmaps into ten-month timelines, handing CISOs a budget and saying "use AI to do it tomorrow." This race to savings reminded a few speakers of the shift to the cloud. Everyone expected overnight savings, but in practice, it's a long transition to get it right, and these security leaders agreed that AI will follow a similar arc: spin up, demonstrate value, then start pulling back where it makes sense.

Panelists noted that frontier models are generating revenue on entirely new outcomes, not by optimizing existing systems. That distinction matters when explaining to boards why compressing a multi-year plan to months isn't as simple as deploying the right agents. There's tribal knowledge involved that doesn't transfer automatically. The group also pointed to small language models (SLMs) as a growing alternative for organizations burning through tokens on large models. For focused, purpose-built tasks, SLMs offer a more efficient and economical path toward improving security processes without burning their limited budgets.

Embracing a rapidly changing agentic future

Despite the novel challenges ahead, the panel shared some optimism: they believe this is a defining moment for security leaders to step up and shine.

The threat landscape is evolving faster than most organizations realize. Multi-layered, sequenced attacks that couldn't have been executed by humans alone, agentic attack surfaces introducing new solutions (and problems), and bad actors already using AI to probe at scale are flipping the traditional security model on its head. The tools, threat models, and skills required to protect organizations are changing to meet threats, and CISOs have to lead the charge on relearning, retooling, and rethinking cybersecurity. 

If your team is tackling the AI security problem, we’re here to help get the word out. AI-generated content is everywhere now, but marketing should be an enabler for your business, not a blocker. Leave the generic AI content to your competitors. 

Talk to our team today to discover creativity that learns, adapts, and proves value for even the most technical of cybersecurity professionals. 

A huge thank you to our friends at Penfolds, for supporting the wine tasting.

Start scaling your marketing strategy now. Get in touch with us.

Next
Next

When Strategy Meets Execution: distillery and Coppers Brook Group reimagine workplace transformation