Sensitive data in public AI prompts.

Thousands of AI agents operating without oversight.

An incident response plan that's just a PDF.

These are the kinds of surprises security leaders hate — and Insight CISO Jason Rader has 20 ways to help you avoid them.

 

Jump right to…

00:00 – Welcome/intro

02:58 – Tip 1: Use governance to enable innovation

04:20 – Tip 2: Treat AI agents like human users

05:42 – Tip 3: Apply Zero Trust to AI workflows

07:03 – Tip 4: Use segmentation to reduce blast radius

08:15 – Tip 5: Monitor AI behavior with telemetry

09:30 – Tip 6: Build layered identity controls

10:42 – Tip 7: Use frameworks even without AI standards

12:05 – Tip 8: Avoid hoarding data for "future AI"

13:18 – Tip 9: Reduce residual risk with retention policies

14:30 – Tip 10: Align security with business goals

15:45 – Tip 11: Run tabletop exercises for AI threats

17:00 – Tip 12: Focus on real incident response

18:12 – Tip 13: Avoid "incident theater"

19:25 – Tip 14: Build cross-functional security teams

20:40 – Tip 15: Use compliance as a strategic advantage

21:52 – Tip 16: Don't block tools — build guardrails

23:05 – Tip 17: Treat governance as a growth enabler

24:18 – Tip 18: Use AI to improve security operations

25:30 – Tip 19: Prioritize developer accountability

26:42 – Tip 20: Keep security programs flexible

28:00 – Wrap-up and CTA

 

This episode is a holistic review of security best practices — from governance and identity to incident response and AI-specific threats. Insight CISO Jason Rader joins host Jillian Viner to share 20 practical tips for building resilient programs that support innovation without compromising control.

 

Whether you're a security leader, IT architect, or business exec exploring AI, you'll walk away with clear, actionable insights you can apply today.

 

Jason explains why governance is the real enabler of innovation, and how treating AI agents like human users helps teams apply Zero Trust principles to emerging workflows. He shares how Insight uses segmentation, telemetry, and layered identity controls to reduce risk — and why frameworks like NIST still apply, even without formal AI standards.

 

The conversation also covers common missteps, like hoarding data for "future AI use," and how retention policies reduce residual risk. Jason dives into incident response readiness, sharing how tabletop exercises help teams prepare for threats like prompt injection, model manipulation, and unauthorized agent behavior.

 

🔗 Additional resources:

Client Story: https://www.insight.com/en_US/content-and-resources/case-studies/mobile-gaming-leader-kabam-levels-up-defenses-with-security-deep-dive.html

Ransomware readiness guide: https://www.insight.com/en_US/content-and-resources/gated/a-modern-approach-to-ransomware-readiness-ac1370.html