The Road to Accountable AI

Kevin Werbach

Artificial intelligence is changing business, and the world. How can you navigate through the hype to understand AI's true potential, and the ways it can be implemented effectively, responsibly, and safely? Wharton Professor and Chair of Legal Studies and Business Ethics Kevin Werbach has analyzed emerging technologies for thirty years, and created one of the first business school course on legal and ethical considerations of AI in 2016. He interviews the experts and executives building accountable AI systems in the real world, today.

  1. Harish Peri (Okta): When the Thing Accessing Your Systems Has a Brain

    1d ago

    Harish Peri (Okta): When the Thing Accessing Your Systems Has a Brain

    In the final episode of our series on governing AI agents, Kevin Werbach speaks with Harish Peri, SVP and General Manager for AI Security at Okta. Peri frames agent governance as the natural next chapter of what Okta has done for two decades: standing in the middle of people accessing technology. The twist is that the new "software" is a non-deterministic agent with a brain, which imposes a much higher security bar. He argues that agents live at the application layer, where the real question is one of authorization: is this agent allowed to take this action or access this data, at this moment, on behalf of this user, given all available signals? Much of the conversation explores why a neutral, independent control plane separate from the frontier models and agent runtimes matters from a cybersecurity standpoint, spreading risk across multiple layers rather than concentrating it in one place. Peri notes that while awareness of rogue AI is universal, roughly 20% of agents carry about 80% of the risk. He distinguishes security threats like prompt injection and poisoned skill files from "intent mismatch," where an under-specified instruction such as "clean this up" gets read as "delete," and explains how coarse-grained limits, fine-grained context-based authorization, and selectively applied human-in-the-loop checks each play a role in agent governance. Harish Peri is the SVP and General Manager for AI Security at Okta, where he leads product, go-to-market, and commercial strategy for securing agentic AI. He has more than 20 years of experience across engineering, product management, marketing, and general management, spanning financial services, technology, and human capital management, with prior roles at Salesforce, ADP, and Proxyclick. He holds an MBA from the Haas School of Business at UC Berkeley. Transcript The Future of AI Security: The Right Architecture for Agents Secure Your Business Against AI Agents

    33 min
  2. Logan Kelly (Waxell): The Accidental Agent Governance Company

    Jun 18

    Logan Kelly (Waxell): The Accidental Agent Governance Company

    Logan Kelly never set out to build an AI governance solution. Waxell spun out of CallSine, an AI-native sales engagement platform, when the team realized that agents that could act on their own produced a cascade of problems: burning through tokens, accessing databases, creating data-quality issues, and generally doing things no one had explicitly approved. Unable to find existing tooling that addressed the problems effectively, the team built a control plane for agents, which became the foundation of Waxell.  In this episode in our series on governing AI agents, CEO Logan Kelly emphasizes that governance should be legible to finance, legal, and compliance teams, not just developers. As he explains, agent governance is less about exotic AI risks than about visibility and control over things companies already care about, such as cost, data access, and who's allowed to do what. Kelly makes the case that the worst outcome isn't an agent misbehaving but companies losing trust in agents altogether and missing their value—arguing that every major technology, from cloud computing onward, arrived with new risks that good governance ultimately made manageable. Looking ahead, he bets that flexible, general-purpose governance will win out over locked-in "walled garden" platforms, as the pace of change in AI keeps accelerating.. Logan Kelly is the Co-Founder and CEO of Waxell, an AI governance and agent observability company that provides a control plane for operating autonomous AI agents in production. The company entered public beta in early 2026. Transcript

    33 min
  3. Nadav Cornberg (Eve Security): Interrogating Agents Before They Act

    Jun 11

    Nadav Cornberg (Eve Security): Interrogating Agents Before They Act

    Kevin Werbach speaks with Nadav Cornberg, co-founder and CEO of Eve Security, about securing agentic AI where it counts: at the moment an agent actually does something. He recounts how customers upended his own assumptions that AI agent security should focus on visibility and after-the-fact detection. Buyers insisted on runtime enforcement first, reasoning that learning a production database was deleted after the fact helps no one. With Eve's "interrogation" approach, when an agent attempts an anomalous, high-risk action, Eve's agent-in-the-loop pauses and questions it about its intent, before approving, blocking, or escalating to a human. Cornberg describes building a deterministic enforcement layer on top of inherently non-deterministic models, with the system minting explicit rules from observed behavior so that the large majority of everyday requests resolve deterministically. Ultimately, the consequenes are the same whether an unintended action originates in a prompt injection or a simple hallucination. On the perennial human-in-the-loop question, Cornberg argues that escalating everything would drown security teams as the agentic workforce scales, so the platform automatically handles lower-risk cases with justification and reserves human review for the genuinely critical. He closes predicting that "agentic security" will fragment into distinct segments much as endpoint, network, and cloud security once did, and that intent is fast becoming the field's organizing idea. Nadav Cornberg is the co-founder and CEO of Eve Security, an Austin-based agentic AI observability and policy-enforcement company whose platform governs how AI agents interact with an organization's most critical systems. He brings roughly two decades in product development and engineering, including an early decade in cybersecurity at RSA and Check Point and later work in physical access security across gaming and hospitality before returning to security for the agentic era.  Transcript Founders' blog: Why We Started Eve Security

    33 min
  4. Venkat Siva (Compfly): Governing Agents at the Execution Boundary

    Jun 4

    Venkat Siva (Compfly): Governing Agents at the Execution Boundary

    Kevin Werbach speaks with Venkat Siva, co-founder and CEO of CompFly AI, about why governing autonomous agents requires a fundamentally different approach than securing traditional software. Siva argues that agents create a genuinely new control problem. Because they decide at runtime which tools to call and which actions to take, governance cannot simply be bolted onto existing MLOps or security platforms built for fixed, deterministic workflows. Instead, control has to move to the "execution boundary" — the point where an agent's decision turns into a real-world action. And agent safety is much more than just model safety. In practical terms, Siva makes the case for giving every enterprise agent a distinct, cryptographically verifiable identity using decentralized identifiers (DIDs) and verifiable credentials. He addresses the growing problem of "shadow agents," pointing to employees experimenting with powerful open-source autonomous tools inside enterprises, and explains discovery techniques like intercepting traffic to model APIs and watching for who requests LLM keys. He offers the concept of an "autonomy budget": classify actions by reversibility and financial, regulatory, and customer impact, so an agent might autonomously issue a small refund but require human approval for a large one. Drawing on his time at the electric automaker Rivian, Siva closes by contrasting recoverable digital failures with the irreversible stakes of agents embedded in physical systems, arguing that governance there must borrow from safety engineering. Venkat Siva is the co-founder and CEO of CompFly AI, an early-stage company building a control plane to discover, validate, secure, and govern autonomous agents from code to production. Before founding CompFly with Anand Salodkar, he spent more than two decades building enterprise platform products that help organizations adopt new technology safely and at scale, including work at the electric vehicle maker Rivian.  Transcript The Architecture of Trust (Compfly Manifesto) CoSAI Model Context Protocol Security white paper

    33 min
  5. Munmun De Choudhury (Georgia Tech): Conversational AI and Mental Health

    May 28

    Munmun De Choudhury (Georgia Tech): Conversational AI and Mental Health

    Conversational AI is increasingly being used as a source of emotional support, even though general-purpose chatbots were never designed for that purpose. Concerns about AI's mental health impact, up to and including suicides, have moved onto the public policy agenda. Munmun De Choudhury, who has been studying the intersection of digital technology and mental health longer than almost anyone, walks through what researchers know, what they don't, and why the answers keep moving.  The conversation centers on the difficulty of governing technologies whose capabilities and patterns of use are both changing every few weeks. De Choudhury invokes the cautionary tale of Google Flu Trends as a warning: any framework that assumes user behavior is fixed will eventually break. She argues that the harms and benefits of conversational AI are not just person-dependent but task-dependent, which makes general-purpose chatbots fundamentally harder to evaluate than the narrow medical AI systems researchers built for decades. She lays out a multi-stakeholder agenda to address AI's mental health risks, and argues that foundation models need to take into account principles from psychotherapy.  Dr. Munmun De Choudhury is the J.Z. Liang Professor in the School of Interactive Computing at Georgia Tech, where she founded and directs the Social Dynamics and Wellbeing Lab (SocWeB). She is one of the most cited researchers in digital mental health and is widely credited with pioneering the computational use of social media data to study mental health outcomes. She co-leads the Patient-Centered Care Delivery research pillar at the Children's Healthcare of Atlanta Pediatric Technology Center, serves on the advisory board for the Australian government's eSafety panel, and was inducted into the SIGCHI Academy in 2024. Her honors include the 2023 SIGCHI Societal Impact Award and the 2021 ACM-W Rising Star Award.  Transcript Benefits and Harms of Large Language Models in Digital Mental Health From Lived Experience to Insight: Unpacking the Psychological Risks of Using AI Conversational Agents

    32 min
  6. Emre Kazim (Holistic AI): Why AI Governance is Life Cybersecurity

    May 21

    Emre Kazim (Holistic AI): Why AI Governance is Life Cybersecurity

    Holistic AI was one of the first companies built specifically to govern, audit, and red team AI systems. As co-founder and co-CEO Emre Kazim explains, its original thesis was that AI governance would mirror data governance: a compliance-driven regime. He now believes the better analogy is cybersecurity: a more technical, incident-driven discipline where best practices emerge from real-world events and propagate across industry, rather than descending from abstract regulatory frameworks. Kazim argues this shift has significant implications for who owns AI governance inside enterprises, what skills they need, and why documentation-and-reporting vendors are unlikely to capture the core of the market. Kazim also makes the case that human-in-the-loop oversight, long treated as the default answer to AI risk, has become untenable as systems grow more dynamic and agentic. He distinguishes between two enterprise adoption patterns: a democratic model in which every employee has a copilot, and a vanguard model in which a small number of mission-critical agentic systems drive most of the value and demand most of the governance attention. Finally, he argues that meaningful research capacity will be the price of entry for AI governance firms going forward. Dr. Emre Kazim is the co-founder and co-CEO of Holistic AI, an AI governance platform company spun out of University College London in 2020. He previously served as a Research Fellow in UCL's Department of Computer Science. Kazim has published more than 50 peer-reviewed articles on AI ethics and governance, serves as a member of the OECD's Network of Experts on AI, and is involved with the NIST AI Safety Institute. Transcript Towards Algorithm Auditing (Royal Society Open Science, 2024) What is AI Governance? (Holistic Blog, February 2026)

    33 min
  7. Rumman Chowdhury (Humane Intelligence): The Need for Discernment

    May 14

    Rumman Chowdhury (Humane Intelligence): The Need for Discernment

    Kevin Werbach speaks with long-time responsible AI leader Rumman Chowdhury the current environment, in which substantive standards and oversight efforts for AI are taking shape amid a larger anti-regulation wave. Chowdhury distinguishes sharply between frontier labs, where the posture is largely "AI at all costs," and the non-tech enterprises she works with, who are wrestling with how to scale governance bodies that originally reviewed single AI implementations to hundreds of systems, third-party procurement questions, and agentic workloads. She describes the current evaluations market as immature on nearly every dimension, and explains why generic benchmarks rarely translate to enterprise contexts like insurance or auto manufacturing. The conversation then turns to AI's impact on work and education. Her concern is that companies pursuing short-term efficiency by cutting entry-level hiring will face what MIT researchers Caosun and Aral call the "augmentation trap," in which workers' cognitive skills atrophy while new workers never develop them. She offers "discernment" as her 2026 word of the year, discribing the skill -- more than just critical thinking -- we must cultivate and defend. Her new podcast and forthcoming book, Thinking About Thinking, argues that our notion of intelligence was built for an Industrial Revolution workforce we are now automating away. Dr. Rumman Chowdhury is the founder of Humane Intelligence PBC, building modular, tool-agnostic AI evaluation infrastructure for enterprise and real-world contexts. She co-founded the nonprofit Humane Intelligence in 2022 and served as its CEO until 2025. She previously was Director of the Machine Learning Ethics, Transparency, and Accountability team at Twitter, founder of the algorithmic audit platform Parity, and Global Lead of Responsible AI at Accenture, where she built one of the first enterprise-level bias detection tools. She has served as U.S. Science Envoy for AI and as a Responsible AI Fellow at Harvard's Berkman Klein Center, and holds a doctorate in political science from the University of California, San Diego. Transcript Virginia SB 384 / HB 797 — Independent Verification Organization legislation (Fathom) The Augmentation Trap: AI Productivity and the Cost of Cognitive Offloading Open to Debate: Will AI Make Work Obsolete? Why AI evals need to reflect the real world (Transformer)

    36 min
  8. Var Shankar: AI Governance for Smaller Organizations

    May 7

    Var Shankar: AI Governance for Smaller Organizations

    Var Shankar makes the case that most AI governance guidance is built for large, sophisticated, multifunctional global enterprises — and that this leaves out the roughly half of American workers employed at organizations with fewer than 500 people. Through the Council on AI Governance, the nonprofit he leads with Alexis Cook, he is trying to fill that gap with open, current, and pragmatic resources, including an AI Governance Playbook organized around four focus areas: strategy, risk and compliance, workforce literacy, and operational management. He tells Kevin that the case for AI governance no longer needs to be made; what smaller organizations now need is help asking vendors the right questions and clarifying who owns what internally when a few people are doing many jobs. The conversation then turns to the parts of the field Var thinks are most undercooked. Workforce literacy, he argues, is the focus area most often neglected because it functions as a vitamin rather than a painkiller — long-term, hard to resource, and easy to reduce to a training module when what is actually needed is hands-on involvement in pilots and documentation. He explains why healthcare offers an unusually strong foundation for AI assurance, with its existing regulatory architecture, comfort with use-case variability, and tradition of post-deployment monitoring, and he describes assurance itself as the connective tissue between an organization and the outside world — distinct from regulation and from internal governance, not a substitute for either. Drawing on a pilot he co-authored on with the Standards Council of Canada testing system-level certification at a Canadian bank, he highlights two surprising lessons: that even simplified certification criteria get interpreted differently by different actors, and that even one of the world's most forward-thinking public standards bodies lacked the technical capacity to play standard-setter for something as dynamic as an AI system. He closes with practical advice for risk and compliance professionals: start with the positive vision of what the organization is trying to do with AI, observe how existing IT, data, and security governance already work, and identify which standards ecosystems the organization is already plugged into. Var Shankar is Executive Director of the Council on AI Governance, an independent nonprofit developing open AI governance resources for organizations of all sizes. He previously served as Executive Director of the Responsible AI Institute and as Chief AI and Privacy Officer at Enzai, a regtech AI compliance startup. An attorney by training and a graduate of Harvard Law School, he practiced law at Cravath, Swaine & Moore and earlier worked on the Clinton Global Initiative and with the government of British Columbia on digital government and COVID response. He teaches AI governance at Purdue, where he has helped develop a master's-level AI auditing program, and serves on the OECD Network of Experts on AI, the World Economic Forum's AI Governance Alliance, and the Brookings Forum for Cooperation on AI. He co-developed Kaggle's Intro to AI Ethics course with Alexis Cook. Transcript   Council on AI Governance: AI Governance Playbook Context-specific certification of AI systems: a pilot in the financial industry (AI and Ethics, 2025) Standards Council of Canada AI accreditation pilot

    29 min
See All (73)

Ratings & Reviews

5
out of 5
25 Ratings

About

Artificial intelligence is changing business, and the world. How can you navigate through the hype to understand AI's true potential, and the ways it can be implemented effectively, responsibly, and safely? Wharton Professor and Chair of Legal Studies and Business Ethics Kevin Werbach has analyzed emerging technologies for thirty years, and created one of the first business school course on legal and ethical considerations of AI in 2016. He interviews the experts and executives building accountable AI systems in the real world, today.

Information

You Might Also Like