Description

AI is being embedded into enterprise tools faster than most organizations can govern it. 

Productivity platforms, security systems, and development workflows now include AI capabilities by default, often without a single approval moment or clear ownership model. 

In this episode of ClearTech Loop, Jo Peterson sits down with Nicolas Moy, Founder and CIO of LifeMark Financial and vCISO for Security Engineering at Halyard Labs, to talk about what AI security looks like in practice when it is treated as software, not as a separate discipline. 

Nicolas shares how security teams are already using AI today to accelerate policy development, reduce operational noise, and support threat modeling earlier in the design and build process. The conversation also explores why governance is struggling to keep pace with employee behavior, especially as sensitive information enters AI systems without clear visibility into where data goes or how it is reused. 

Rather than framing AI security as a future problem, this discussion focuses on what CISOs and CIOs are dealing with right now, and why accountability has to keep pace as AI compresses timelines across security and technology decisions. 

If you are navigating AI adoption across security, development, and governance, this episode provides a grounded perspective on how to approach AI without losing control. 

👉 Subscribe to ClearTech Loop on LinkedIn:
https://www.linkedin.com/newsletters/7346174860760416256/ 

Key Quotes 

“For AI, it’s similar, it’s software, but there’s some new evolutions to it.” 
— Nicolas Moy, CISSP, CCSK 

“If my employee puts this confidential information into an AI chat system, where is that being shipped out to?” 
— Nicolas Moy, CISSP, CCSK 

Three Big Ideas from This Episode 

1. AI security accelerates familiar risks rather than creating new ones 

Treating AI as software brings it into existing security and DevSecOps practices earlier, rather than isolating it as a separate problem. 

2. Governance is lagging behind real employee behavior 

AI tools are being used inside normal workflows faster than policies and controls were designed to handle. 

3. CISOs and CIOs must engage together earlier 

AI security sits between architecture, data governance, and risk ownership, requiring shared accountability across roles. 

🎧 Listen on player above.

▶ Watch on YouTube: https://youtu.be/MBVbyAE33e0
📰 Subscribe to the ClearTech Loop Newsletter:
https://www.linkedin.com/newsletters/7346174860760416256/ 

Resources Mentioned 

• OWASP Top 10 for Large Language Model Applications
  https://owasp.org/www-project-top-10-for-large-language-model-applications/ 
• OWASP AI Project
  https://owasp.org/www-project-ai/ 
• ClearTech Loop Episode: AI as a Digital Co Worker with Timothy Youngblood
  https://www.buzzsprout.com/2248577/episodes/18509846-ai-as-a-digital-co-worker-with-the-experience-of-an-intern-with-timothy-youngblood L
• Learn more about Nicolas NicolasMo

🎧 Listen: In Buzzsprout Player
▶ Watch on YouTube: https://www.youtube.com/@ClearTechResearch/playlist
📰 Subscribe to the Newsletter:
https://www.linkedin.com/newsletters/7346174860760416256/