ClearTech Loop: In the Know, On the Move

ClearTech Research / Jo Peterson

ClearTech Loop is a fast, focused podcast delivering sharp, soundbite-ready insights on what’s next in cybersecurity, cloud, and AI. Hosted by Jo Peterson, Chief Analyst at ClearTech Research, each 10-minute episode explores today’s most pressing tech and risk issues through a business-focused lens.  Whether it’s CISOs rethinking cyber strategy or AI reshaping risk governance, ClearTech Loop brings clarity to a shifting landscape—built for tech leaders who don’t have time for fluff.  We cut through hype. We rethink assumptions. We keep you in the loop.

  1. From Tool-Driven Cyber to Adaptive AI Defense with Ryan Lutz

    8H AGO

    From Tool-Driven Cyber to Adaptive AI Defense with Ryan Lutz

    Cybersecurity has become a tool driven industry. Organizations buy platforms, stack controls, generate alerts, and ask humans to stitch it all together under pressure.   In this episode of ClearTech Loop, Jo Peterson sits down with Ryan Lutz to explore what changes when AI becomes part of the security workflow. Not as another console, but as an adaptive capability that helps teams interpret signals faster, prioritize more intelligently, and respond with more consistency when the volume is too high for humans to manage alone.   The conversation focuses on three real-world themes:  Why the SOC is the best initial use case for AI augmentation, how leaders should think about the inherent exposure that comes with more AI and more code, and why Ryan’s research on AI malware matters for building adaptive defensive responses.   Subscribe to ClearTech Loop on LinkedIn: https://www.linkedin.com/newsletters/7346174860760416256/   Key Quotes  “Cyber is a very tool driven industry… with the implementation of AI being generative, I think that we’re going to see AI being used more in a way that’s adaptive.” — Ryan Lutz   “In a setting like a SOC analyst… you have a ton of information coming in… millions of possible attack vectors… it’s very applicable to use AI… to generate a response very quickly and more efficiently.” — Ryan Lutz   “How should the CISO be thinking about AI adoption… from an organizational governance perspective, because you don’t want to be the Department of no.” — Jo Peterson   Three Big Ideas from This Episode  1) Adaptive beats tool-driven  AI helps security teams move beyond tool sprawl by accelerating interpretation, prioritization, and decision-making in high-volume environments.   2) The SOC is the natural first use case  SOC work is overwhelmed by inputs and possible attack paths. Ryan explains why AI can rank what matters, accelerate analysis, and suggest response paths quickly and efficiently.   3) Governance must guide adoption without killing innovation  More AI and more code creates more exposure. The leadership job is balance: govern the use and guide adoption without becoming the “Department of No.”   Episode Notes / Links  🎧 Listen: In player ▶ Watch on YouTube: https://youtu.be/-2mxfnCexjQ    📰 Subscribe to the Newsletter: https://www.linkedin.com/newsletters/7346174860760416256/   Resources Mentioned  MITRE ATT&CK Framework https://attack.mitre.org/ NIST Cybersecurity Framework (CSF) https://www.nist.gov/cyberframework ClearTech Loop AI Only Works If Your Foundations Do: A Conversation with Dr. Anton Chuvakin https://www.buzzsprout.com/2248577/episodes/18211623-ai-only-works-if-your-foundations-do-a-conversation-with-dr-anton-chuvakin

    17 min
  2. From Reactive to Predictive in AI Security with Jen Waltz

    2D AGO

    From Reactive to Predictive in AI Security with Jen Waltz

    Cybersecurity has been trapped in a reactive cycle for years: a new threat emerges, a new tool gets purchased, and teams get overwhelmed by alerts.  In this episode of ClearTech Loop, Jo Peterson sits down with Jen Waltz (Chief Information Security Officer at IMAJENATIVE) to unpack how generative AI can fundamentally disrupt that cycle—shifting the focus from managing tools to achieving strategic outcomes.  The conversation goes beyond “faster alerts” and gets practical about what’s changing right now:  Moving beyond alert triage into predictive threat hunting, including simulating adversary behavior and generating TTP playbooks—especially when paired with threat intel and MITRE ATT&CK data. Upskilling SOC teams by using GenAI to reduce menial work, provide clearer remediation paths, and support more anticipatory defense postures. Embedding security, privacy, and governance early so “secure-by-design” becomes a business enabler, not a speed bump. Jen also gives a clear governance warning: as AI adoption accelerates, organizations must guide usage with approved tools and acceptable-use controls—especially to reduce the risk of sensitive data being dropped into consumer AI chat tools like ChatGPT.  If you’re responsible for security operations, AI strategy, or governance, this episode offers a grounded path for how to adopt GenAI without losing control.  👉 Subscribe to ClearTech Loop on LinkedIn: https://www.linkedin.com/newsletters/7346174860760416256/  Key Quotes  “Cybersecurity has long been trapped in this reactive cycle… generative AI… can fundamentally disrupt the cycle by shifting the focus from managing tools to achieving strategic outcomes.” — Jen Waltz  “The CISO no longer is this superhero defender of the perimeter. You have to become a business strategist…” — Jen Waltz  Three Big Ideas from This Episode  1. GenAI can break the reactive cycle—if teams target outcomes, not tools  Jen frames GenAI as an opportunity to move beyond buying more technology and instead shift security programs toward strategic outcomes and anticipatory defense.  2. Predictive threat hunting becomes practical with TTP playbooks + MITRE ATT&CK context  Rather than only prioritizing alerts, Jen describes prompting GenAI to simulate adversaries and generate playbooks—then connecting that to threat intel and MITRE ATT&CK data to anticipate attacker evolution earlier.  3. AI governance is a leadership mandate—and the CISO role expands  Jen argues the CISO must operate as a business strategist balancing innovation enablement with risk governance. That includes guiding internal AI use with hardened, approved tools and clear controls—without shutting down creativity.  🎧 Listen: Buzzsprout player above ▶ Watch on YouTube: https://youtu.be/EEf0eRdCfzg 📰 Subscribe to the ClearTech Loop Newsletter: https://www.linkedin.com/newsletters/7346174860760416256/  Resources Mentioned  MITRE ATT&CK Framework: https://attack.mitre.org/resources/attack-data-and-tools/  NIST Cybersecurity Framework (CSF): https://www.nist.gov/cyberframework  ISO/IEC 27001 (ISMS): https://www.iso.org/standard/27001  ISO/IEC 42001 (AI Management System): https://www.iso.org/standard/42001

    17 min
  3. AI Security Is Still Software Security with Nicolas Moy

    JAN 29

    AI Security Is Still Software Security with Nicolas Moy

    AI is being embedded into enterprise tools faster than most organizations can govern it.  Productivity platforms, security systems, and development workflows now include AI capabilities by default, often without a single approval moment or clear ownership model.  In this episode of ClearTech Loop, Jo Peterson sits down with Nicolas Moy, Founder and CIO of LifeMark Financial and vCISO for Security Engineering at Halyard Labs, to talk about what AI security looks like in practice when it is treated as software, not as a separate discipline.  Nicolas shares how security teams are already using AI today to accelerate policy development, reduce operational noise, and support threat modeling earlier in the design and build process. The conversation also explores why governance is struggling to keep pace with employee behavior, especially as sensitive information enters AI systems without clear visibility into where data goes or how it is reused.  Rather than framing AI security as a future problem, this discussion focuses on what CISOs and CIOs are dealing with right now, and why accountability has to keep pace as AI compresses timelines across security and technology decisions.  If you are navigating AI adoption across security, development, and governance, this episode provides a grounded perspective on how to approach AI without losing control.  👉 Subscribe to ClearTech Loop on LinkedIn: https://www.linkedin.com/newsletters/7346174860760416256/  Key Quotes  “For AI, it’s similar, it’s software, but there’s some new evolutions to it.”  — Nicolas Moy, CISSP, CCSK  “If my employee puts this confidential information into an AI chat system, where is that being shipped out to?”  — Nicolas Moy, CISSP, CCSK  Three Big Ideas from This Episode  1. AI security accelerates familiar risks rather than creating new ones  Treating AI as software brings it into existing security and DevSecOps practices earlier, rather than isolating it as a separate problem.  2. Governance is lagging behind real employee behavior  AI tools are being used inside normal workflows faster than policies and controls were designed to handle.  3. CISOs and CIOs must engage together earlier  AI security sits between architecture, data governance, and risk ownership, requiring shared accountability across roles.  Episode Notes / Links for Suzie to Fill Out  🎧 Listen on player above. ▶ Watch on YouTube: https://youtu.be/MBVbyAE33e0 📰 Subscribe to the ClearTech Loop Newsletter: https://www.linkedin.com/newsletters/7346174860760416256/  Resources Mentioned  OWASP Top 10 for Large Language Model Applications https://owasp.org/www-project-top-10-for-large-language-model-applications/ OWASP AI Project https://owasp.org/www-project-ai/ ClearTech Loop Episode: AI as a Digital Co Worker with Timothy Youngblood https://www.buzzsprout.com/2248577/episodes/18509846-ai-as-a-digital-co-worker-with-the-experience-of-an-intern-with-timothy-youngblood

    11 min
  4. The CISO’s Job in AI Is Not to Stop the Wave, But to Shape It with Travis Farral, CISO at Archaea Energy

    JAN 27

    The CISO’s Job in AI Is Not to Stop the Wave, But to Shape It with Travis Farral, CISO at Archaea Energy

    AI did not arrive through a single decision. It crept into enterprises through productivity tools, cloud platforms, security products, and SaaS applications that teams were already using.  Most organizations did not choose to adopt AI. They woke up and realized it was already there.  In this episode of ClearTech Loop, Jo Peterson sits down with Travis Farral, Vice President and Chief Information Security Officer at Archaea Energy, to talk about what that reality means for security leaders who are being asked to govern AI systems that are still evolving in real time.  Travis explains why AI cannot be stopped, only shaped, and why the real risk is not the technology itself but the lack of clarity around what is actually being deployed.  “This is not something that we’re going to be able to stop,” he said. “Even if we wanted to. It’s like standing in front of a tidal wave.”   The conversation covers:  Why “AI” has become a dangerously vague label How the AI threat model is shifting toward training data, prompts, and model behavior Why frameworks from NIST, OWASP, and MITRE already exist Why fluency, not guidance, is the real gap How CISOs can define guardrails without becoming the Department of No If you are responsible for cybersecurity, data governance, or enterprise risk, this episode offers a grounded way to think about AI adoption without losing control of your environment.  🎧 Listen to the episode ▶ Watch on YouTube https://youtu.be/JyQ2mgg_hYw 📬 Subscribe to the ClearTech Loop Newsletter https://www.linkedin.com/newsletters/7346174860760416256/  Key Quote  “This is not something that we’re going to be able to stop. Even if we wanted to. It’s like standing in front of a tidal wave.”  Travis Farral, CISO, Archaea Energy   Additional Resources  NIST AI Risk Management Framework Travis specifically called out NIST as one of the primary sources for understanding the risks and controls around generative and agentic AI: https://www.nist.gov/itl/ai-risk-management-framework OWASP Top 10 for Large Language Model Applications When Travis talked about protecting prompts, inputs, and model interfaces, he was pointing directly at the kinds of risks OWASP is mapping for LLMs. https://owasp.org/www-project-top-10-for-large-language-model-applications/ MITRE ATLAS MITRE’s Adversarial Threat Landscape for AI is one of the frameworks Travis referenced when he talked about how attacks against models are different from traditional exploits. https://atlas.mitre.org/ ClearTech Loop with Dutch Schwartz Travis’s comments about guardrails, controls, and not being the Department of No connect directly to Dutch’s episode on pragmatic AI safety. https://cleartechresearch.com/bumpers-not-brakes/

    12 min
  5. AI Risk Is Mostly Not New with Michael Machado

    JAN 20

    AI Risk Is Mostly Not New with Michael Machado

    AI has technically been around for years. What changed is not the math, it is the front door. Suddenly anyone in the organization can touch it, feed it data, and make decisions with it and that shift in accessibility is rewriting business risk.   In this episode of ClearTech Loop, Jo Peterson sits down with Michael Machado, CISO and Chief Data Officer at Hyland, to break down a calm, practical truth CISOs need right now. Most of the AI risk conversation is not new. The disciplines are familiar. Visibility. Data movement. Accountability. Audit trails. Resilience. What is different is the speed and the number of people who can now participate in risk without realizing it.  The conversation focuses on leadership realities, not hype:  Why there is risk in doing things and risk in not doing things How AI accessibility changes governance pressure inside enterprises Why governance should start with business goals, not tools What it means to build an AI governance model that is multi department by design Why CISOs should measure adoption and value signals, not only exposure 👉 Subscribe to ClearTech Loop on LinkedIn: https://www.linkedin.com/newsletters/7346174860760416256/  Key Quotes  “Waves of technology come. Cloud, SaaS, mobile, AI. The muscles we flex are things we have seen before.”  Michael Machado  “There’s a risk of doing things and a risk of not doing things, and it’s important to strike a balance when we’re having that conversation.”  Michael Machado  Three Big Ideas from This Episode  AI risk is not new, accessibility is  The models are not the headline. The fact that anyone can use them is. That changes how quickly data moves and how quickly decisions get made. Governance starts with the business problem  Tool first governance creates policies that look responsible and work poorly. Start with the objective, map the data movement, then apply controls that support the mission.  Measure value analytics alongside risk analytics  It is not enough to track what could go wrong. CISOs also need visibility into whether tools are being used and whether adoption is producing meaningful value. Episode Notes / Links 🎧 Listen in player  ▶ Watch on YouTube: https://youtu.be/D-1-Ny4hlF0 📰 Subscribe to the ClearTech Loop Newsletter: https://www.linkedin.com/newsletters/7346174860760416256/  Resources Mentioned An Evolution of Defensive Security Operations: From Simple Detection to Modern SOC Automation https://www.linkedin.com/pulse/evolution-defensive-security-operations-from-simple-modern-machado-unctc/  NIST AI Risk Management Framework https://www.nist.gov/itl/ai-risk-management-framework  ClearTech Research Insights https://cleartechresearch.com

    18 min
  6. AI as a Digital Co-Worker With the Experience of an Intern with Timothy Youngblood

    JAN 15

    AI as a Digital Co-Worker With the Experience of an Intern with Timothy Youngblood

    As AI becomes embedded across security operations and business workflows, organizations are confronting a new reality. AI is no longer just a tool. It is behaving like a digital co-worker acting on data, surfacing decisions, and influencing outcomes.  In this episode of ClearTech Loop, Jo Peterson sits down with Timothy Youngblood, a four-time Fortune 500 CSO and CISO, board member, angel investor, and adjunct professor, to explore what it really means to manage AI responsibly at scale.  Tim introduces a powerful and practical analogy: AI as a digital co-worker with the experience of an intern. Capable, fast, and eager, but not ready to operate without oversight, guardrails, and accountability.  The conversation looks beyond hype and focuses on leadership realities:  • Why AI capability is advancing faster than accountability models  • How AI agents quietly expand risk through data aggregation  • Why governance must be operational, not policy driven  • How oversight enables innovation instead of slowing it down  • What CISOs and executives must own as AI becomes embedded across the enterprise  If you are responsible for cybersecurity, risk, or enterprise technology strategy, this episode offers a grounded way to think about AI adoption without losing control.  👉 Subscribe to ClearTech Loop on LinkedIn: https://www.linkedin.com/newsletters/7346174860760416256/  Key Quotes  “That digital worker right now has the experience of a slightly experienced intern. And you wouldn’t let a slightly experienced intern go off on their own and start doing things without some oversight.”  — Timothy Youngblood  “I’ve been in this industry 30 years, and I try to make sure people can learn from all the mistakes I’ve made. And I’ve made many.”  — Timothy Youngblood  Three Big Ideas from This Episode  1. AI should be treated like a junior employee, not an autonomous system  AI can move fast, analyze data, and surface insights, but it lacks judgment and accountability. Treating AI as a digital co-worker reframes governance around supervision and responsibility.  2. Guardrails must exist before AI is deployed, not after  AI agents aggregate data and create new risk simply by combining systems. Governance applied after deployment documents exposure instead of preventing it.  3. Oversight is the control that enables sustainable innovation  Human review, scoped access, and accountability are not blockers. They are what allow organizations to experiment with AI without creating consequences they cannot unwind.  Episode Notes / Links  🎧 Listen: In player above ▶ Watch on YouTube: https://youtu.be/796uzmuBQE4 📰 Subscribe to the ClearTech Loop Newsletter: https://www.linkedin.com/newsletters/7346174860760416256/  Resources Mentioned  AI’s Newest Employee: Who Bears the Burden of Your Digital Co-Workers https://tdan.com/ais-newest-employee-who-bears-the-burden-of-your-digital-co-workers/  To Fix AI Governance, Stop Building It Backwards https://www.reworked.co/digital-workplace/to-fix-ai-governance-stop-building-it-backwards/  ClearTech Loop: AI, Trust, and Growth with Mike Britton https://cleartechresearch.com/clear

    19 min
  7. The CISO’s Role in AI Is to Lead the Risk Conversation with Mustapha Kebbeh, Chief Security Officer at UKG

    JAN 12

    The CISO’s Role in AI Is to Lead the Risk Conversation with Mustapha Kebbeh, Chief Security Officer at UKG

    AI adoption is accelerating across the enterprise, often faster than governance and risk models were designed to support. Boards want innovation. Business leaders want speed. Security teams are expected to manage risk in environments where the technology itself is still evolving.  In this episode of ClearTech Loop, Jo Peterson speaks with Mustapha Kebbeh, Chief Security Officer at UKG, about why the CISO’s role in AI is not to block innovation or own governance outright, but to lead the enterprise risk conversation that enables informed decision making.  Mustapha shares how CISOs can help organizations understand what is being protected, why it matters, and what level of risk the organization is intentionally accepting as AI adoption accelerates. He also explains why effective AI governance depends on early involvement, clear guardrails, and shared ownership across the enterprise.  👉 Subscribe to ClearTech Loop on LinkedIn: https://www.linkedin.com/newsletters/7346174860760416256/  In This Episode, We Cover  Why AI does not create new risk, but accelerates existing risk How the CISO role is evolving from control owner to risk leader Why AI governance fails when security is brought in too late The importance of early involvement and shared ownership How governance enables informed decisions rather than documenting failure Key Quotes  “Every cyber program is going to have risk.”  “But the most important piece in my mind is what is it that you are protecting.”  “The reason that’s really important is everything that touches data creates a risk management program.”  “Am I investing in the right risk.”  About the Guest  Mustapha Kebbeh is Chief Security Officer at UKG, where he leads global cybersecurity strategy, enterprise risk management, and architecture supporting more than 75,000 employees worldwide.  He has held senior security leadership roles at Brink’s, IBM, Vodafone, and CompuCom, and is known for building large-scale security programs that balance governance, resilience, and business growth. He also serves as a CISO Executive Governing Body Member and Co Chair with Evanta, a Gartner company.    🎧 Listen above ▶ Watch on YouTube: https://youtu.be/XxA0Uw3xll0 📰 Subscribe to the ClearTech Loop Newsletter: https://www.linkedin.com/newsletters/7346174860760416256/  Resources Mentioned  Gartner: CISO FAQs on AI Governance and Cybersecurity Strategy https://www.gartner.com/en/cybersecurity/cybersecurity-faqs  Webinar Replay: Building Trust Through Enhanced Security Measures (UKG) https://www.ukg.com/learn/resources/webinar-replay/building-trust-through-enhanced-security-measures  ClearTech Loop: Simplifying Complexity in Modern Infrastructure with Dan DeBacker https://www.buzzsprout.com/2248577/episodes/18455780

    14 min
  8. When the Market Converges with Dan DeBacker

    JAN 6

    When the Market Converges with Dan DeBacker

    The market is converging.  Networking, security, and cloud operations are no longer separate conversations. They are colliding at the operational layer, driven by hybrid environments, AI driven operations, and growing pressure to reduce complexity without losing control.  In this episode of ClearTech Loop Market Perspective, Jo Peterson sits down with Dan DeBacker, Chief Product Officer at Extreme Networks, to explore what this convergence looks like in practice and why simplicity, unified policy, and cloud design are increasingly inseparable decisions.  Dan shares how enterprises are grappling with operational friction created by multiple control planes and fragmented policy engines, and why the market is responding by collapsing domains into platforms. The conversation examines convergence not as a trend, but as a response to real operational pressure.  Through the lens of AI Enhanced Cloud Operations, the discussion focuses on how AI is tightening feedback loops, exposing hidden complexity, and forcing organizations to rethink how visibility, policy, and control operate across cloud and on premises environments.  If you’re navigating hybrid operations, policy sprawl, or the growing pressure to simplify without sacrificing sovereignty, this episode brings clarity to where the market is headed.  👉 Subscribe to ClearTech Loop on LinkedIn: https://www.linkedin.com/newsletters/7346174860760416256/  Key Quotes  “If you have to integrate and manage multiple UI experiences, multiple policies, multiple ways of doing things… that’s complexity. Our goal is to reduce friction by bringing those together.”  — Dan DeBacker  “When you talk about NAC policy, VPN policy, Zero Trust policy ideally they should not live in silos. The next evolution is a unified policy engine.”  — Dan DeBacker  “AI doesn’t tolerate fragmentation. The more intelligence we embed into operations, the more exposed complexity becomes.”  — Jo Peterson  Three Big Ideas from This Episode  1. Convergence is an operational reality, not a future state  The collision of networking, security, and cloud operations is happening because fragmented environments cannot keep up with AI driven decision cycles.  2. Policy is becoming shared operational infrastructure  Unified policy models are emerging as the connective tissue across access, security, and network operations, replacing siloed controls that slow response and increase risk.  3. Cloud and on premises now function as a continuum  Organizations are designing for flexibility and sovereignty by treating cloud as an experience rather than a location, applying consistent control across environments.  Episode Notes 🎧 Listen in player ▶ Watch on YouTube: https://youtu.be/75DciQR03DY 📰 Subscribe to the ClearTech Loop Newsletter: https://www.linkedin.com/newsletters/7346174860760416256/  Resources Mentioned  Extreme Platform ONE Security: Accelerating Zero Trust and Simplifying Operations for Network Leaders https://www.extremenetworks.com/resources/blogs/extreme-platform-one-security-accelerating-zero-trust-and-simplifying-operations-for-network-leaders  Gartner: AI Enabling Cloud Services Are the Future of Cloud

    11 min
See All (35)

About

ClearTech Loop is a fast, focused podcast delivering sharp, soundbite-ready insights on what’s next in cybersecurity, cloud, and AI. Hosted by Jo Peterson, Chief Analyst at ClearTech Research, each 10-minute episode explores today’s most pressing tech and risk issues through a business-focused lens.  Whether it’s CISOs rethinking cyber strategy or AI reshaping risk governance, ClearTech Loop brings clarity to a shifting landscape—built for tech leaders who don’t have time for fluff.  We cut through hype. We rethink assumptions. We keep you in the loop.

Information