In this panel looking at emerging technology and cybersecurity trends, ISC2 Insights spoke to information security consultant Trecia Knight, CISSP, CCSP and virtual CIO and CISO Carrie Nedrow, CISSP. They shared their views and experiences of both technology and human risk factors and how these are being complicated further by the current pace of cybersecurity technology change.
Successful AI and other emerging technology adoption requires more than technological innovation. Organizations must balance innovation with governance, preserve critical knowledge, plan for ethical challenges and create structures that enable both trust and accountability.
The discussion with Knight and Nedrow centred on governance, organisational knowledge, risk management, ethics and cybersecurity preparedness.
Dealing With Emerginig Technology Adoption
Knight argued that the greatest risk organisations face today is not strictly a cybersecurity risk but an erosion of trust. AI adoption is accelerating at a pace that far exceeds the development of governance, oversight and accountability structures. Organizations are increasingly relying on AI systems to automate decision-making, yet many have not clearly defined who owns the associated risks or who should be held accountable when AI systems make mistakes. Without effective governance, organisations struggle to assess the reliability of AI-generated outputs and make informed decisions based on them.
Nedrow approached the issue from a digital transformation perspective and highlighted an often-overlooked human risk. Many organizations have reduced costs by relying heavily on contractors and third-party workers. While this approach may provide short-term benefits, it can result in the loss of valuable institutional knowledge when those workers leave. While innovation is necessary, the panellists warn against embracing new technologies without sufficient safeguards.
Both experts offered advice for cybersecurity professionals navigating emerging technology risks. They stressed that cybercriminals are already using advanced AI capabilities to create more convincing attacks, making traditional detection methods less effective. To respond effectively, organizations must evaluate AI systems carefully, understand the data used to train them and implement governance frameworks that support trustworthy outcomes. Organizations need safe environments in which to experiment with and deploy new technologies rapidly. As threats evolve faster than ever before, organizations must move beyond purely defensive strategies and develop the capability to adapt and respond proactively.
