This week on GRC Uncensored, hosts Troy Fine and Elliot Volkman sat down with Merritt Baer, Chief Security Officer at Enkrypt AI, for a candid conversation about the collision between AI, governance, and security. Merritt brought decades of CISO experience — from AWS to the intelligence community — and didn’t hold back, fully embracing our podcast name, on what’s hype, what’s real, and what CISOs should be doing today. 

Key Moments

• [00:03:00 ] – How Merritt uses ChatGPT to re-voice her own drafts — and why she immediately strips out the “saccharine” endings.
• [00:05:30 ] – Why security and innovation don’t need to “hold hands” — they just need shared expectations.
• [00:08:45 ] – The “foot guns” moment: how an accounting firm’s chatbot started teaching customers to hide assets from the IRS.
• [00:13:30 ] – Why most enterprises don’t even know where AI is being used internally.
• [00:15:00 ] – How to build guardrails that are realistic, enforceable, and tuned over time.
• [00:24:30 ] – Why “ostrich” policies will fail — and how enforcement actions, not regulations, will shape AI accountability.
• [00:40:00 ] – Merritt’s closing advice for CISOs: you don’t need to be an expert, but you do need a plan.

Hosted on Acast. See acast.com/privacy for more information.