Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

Balancing AI Innovation with Security at Enterprise Scale

Palo Alto Networks
05/31/2026
0 (0%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


delighted to be joined by Ravi Krishnamurthy, VP of AI Foundations and Responsible AI at ServiceNow. Great to see you, Ravi. Pleasure, Anna, to be here. And also joined by Ian Swanson, VP of AI Security Products at Palo Alto Networks. Great to see you, Ian. Thanks for having me. So we're talking about how we can securely accelerate AI. Everybody's talking about this, but Ravi, first, starting with you, from a ServiceNow perspective, how are you seeing AI transform the way organizations operate? Today, we are at an inflection point. I think there's been a lot of talk about AI for the last three, four years. People have been trying to do things. This is the year people are getting serious productivity gains. It is the time to accelerate. Yeah. Yeah. And what are the advantages they're seeing already? I mean, productivity, to start with. Customer service. I mean, I run our voice agent platform. I'm just astonished at how quickly people are adopting technology. I'm astonished at how quickly people, startups, go from zero to 100 million, 10 million, 20 million ARR. It's just the passion to get going. I mean, I've been in AI for 25, 30 years. I never thought I would see this in my lifetime. But enterprises are going all in. They're thinking about how do I transform my customer service? How do I transform my back office, my middle office? So, it's really the time when AI is becoming practical. And that's why this conference, I think, is coming at a very critical time because AI governance and security is going to be the very key driver or accelerator for this transformation. Absolutely. Ian, I would love to hear from you. From a security perspective, does this align with what you're seeing at Palo Alto Networks? So first and foremost, AI can be transformative for any company. It's really a CEO mandate now of how do we use AI to improve our bottom line of the operations of our business, but also build products that delight and surprise our customers in new and novel ways. So, I'm a firm believer in the power of AI. And like Ravi, I've been in AI for over two decades. Now, as the CEO is saying, move faster with AI, they're turning to the CISO and they're saying, how are you enabling this in a way that it's safe, that it's trusted, and that it's secure? And the headline here is there really should be no AI in any enterprise without security of AI. And the CISOs are straddling that line of one foot on the gas pedal and the other one on the brake, and really trying to calibrate, if you will, the adoption in a way that drives the business outcome, but does it in a way that's secure. And they want to transform in a secure way. They want to do this efficiently. They want to do this successfully. But what are the risks that are top of mind for CISOs when it comes to rolling out these agents and models? So a lot of the practices that we had in other areas of security do apply to AI, concepts like secure by design. And so as I meet with CISOs every single day, there's really three things in terms of this journey of what they're trying to check the box and make sure they cover. The first one, I need to discover all the AI that's deployed across my enterprise. So think of it as shadow AI. We need to expose that and really see where and how we're using AI. The second piece is how do we assess the risk? There's new and novel risks to AI. We must scan these artifacts. And then the third component is how do we protect this at the point of runtime from threats like prompt injections all the way through to now memory manipulation in agentic workflows. The tools of old in cybersecurity don't necessarily apply to this new and novel threats of AI. And that's why CISOs need to make sure they can discover, assess, and protect it at runtime. Very good. So I'd love to know about your collaboration. How are you helping CISOs mitigate these risks? So at ServiceNow, I actually four years back envisioned an AI control tower, because AI is a cross-functional team sport. Like Ian put it, there's the business side that wants to go fast, but then there is risk, security, data governance, residency. All of these have to come together so that you can balance ROI and risk, like Ian put it. Like you got to, these two have to be in. Any good executive does that, but how do you do that in the realm of AI? So at ServiceNow, we built this AI control tower that connects the dots across all of these. Think of it like the air traffic control. And what Palo Alto Networks brings is the ability to scan all the different artifacts that go through the system so that we can identify threats and then connect the dots and then come back with a response. And that's why the Better Together story is very strong here. Yeah, I agree. By the way, we're big fans of ServiceNow, and so it's a great partnership. Also, I've now become friends with Robin, so it's been great. But my view is I lead AI security at Palo Alto Networks, the world's largest cybersecurity company, is I need to bring security to where people are doing AI, where they consume AI, where they're building AI. And clearly, people are choosing to build AI in ServiceNow. And so we're taking our capabilities to this partnership where on one side, we can scan these unique artifacts like models for risk, we can behaviorally test them. But then as they put them in production using control tower, we're able to put these runtime protections at the point of inference when it's making decisions. And so again, it's really about how do I take all of our capabilities to where people are doing and building AI, and ServiceNow is a great partner for that. Okay. So any lessons learned that you can impart to our audience as final takeaways as to how they can really drive forward securely but not impacting innovation? My takeaway is it's an and. It's not should I go fast or should I manage risk? You got to do both. And when you do both at scale, using the right tools, the right processes, and with the right people, you have to do and. And that is the way forward in this new world. Okay. My view is very similar to what Ravi shared right now. If I were to expand on that, we're moving from AI that talks to AI that acts with agents. And so just like how it's a team sport, how do we educate our teams? How do we build in security natively, secure by design? We need to make sure that we're doing that end-to-end because AI is taking actions on behalf of systems and humans. It's machine to machine. And so it's a brand new space. And so my advice here to CISOs is, yes, you need to move fast. You need to be an enabler. But you also need to have one foot, again, on that brake, just kind of calibrating that to make sure that we are really securing this end-to-end. And that is critical because it's making very precise decisions that can have a lot of risk. And we need to be able to check that from time. So what you're saying is you don't need to choose between security and speed. I don't think you can. I think you have to move fast. You have to move fast. Otherwise, you're going to be left behind. The risk of not moving is higher than the risk of moving. But how can you move and, like Ian put it, manage risk at the same time? It's a new paradigm. I think a lot of the traditional cybersecurity concepts and tools apply. But the pace, the agility, it's got to be everywhere. Just the way you respond to it is very different. I advise, for example, I advise an AICOE. And they were spending six months writing, figuring out policies. And I'm like, no, you've got to get started. And you've got to do this. Because if you spend six months, your teams are going to build AI outside your secure boundaries anyway. So how do you do both at the same time? It's a very iterative. It's a very different way to approach the problem. But at the same time, all the concepts of the past, secure by design, zero trust, least privilege, you've got to apply them in this new world. They all apply. That's why we are working together to make that possible. And with a partnership like this, we want to enable CISOs along with CIOs to deploy AI bravely. Do it in a way that is, yes, has some amazing capabilities with ServiceNow, but with our security, you can deploy AI bravely where you're like, we're enabling, but we're also doing it in a secure, in a safe, in a trusted way. I want to pick up on that word bravely. How do they do that? What's the key to embracing that? Because they know they're backstopped from a standpoint of we're able to secure the artifacts and understand what they're doing at runtime, add that security and that trust layer in there that gives them the confidence to go tell their teams move fast. Yeah. And on top of that, when you see, I mean, again, it's a new space. When you see things, you have the ability to respond quickly with this partnership, with the control tower, with all the automated scanning and- Context, yeah. Context. You have the ability to pinpoint what happens and respond. So that's the power that people have to move fast and protect themselves. Well, it's an exciting time, no doubt. Thank you so much, Ravi. Thank you so much, Ian, for your perspectives and insights. Thank you. Thank you. And thanks so much for watching. For ISNG, I'm Anna Delaney.

TL;DR

  • Enterprises have reached an inflection point where AI is delivering measurable productivity gains, but CISOs face pressure to accelerate deployment while ensuring security and trust.
  • The partnership between ServiceNow and Palo Alto Networks addresses AI security through three pillars: discovering shadow AI, assessing AI-specific risks through scanning, and protecting against runtime threats like prompt injection.
  • ServiceNow's AI Control Tower provides unified governance that balances business priorities with risk management, while Palo Alto Networks delivers scanning and runtime protection capabilities.
  • Organizations must adopt a secure-by-design approach that embeds security throughout the AI lifecycle rather than treating it as an afterthought, applying principles like zero trust and least privilege.
  • The key message is that enterprises don't need to choose between speed and security—they must achieve both simultaneously, as the risk of not moving forward with AI exceeds the risk of adoption with proper controls.

The AI Acceleration Imperative and Security Challenge

This RSAC 2026 interview captures a pivotal moment in enterprise AI adoption, featuring Ian Swanson from Palo Alto Networks and Ravi Krishnamurthy from ServiceNow discussing how organizations can accelerate AI deployment without compromising security. The conversation centers on the fundamental tension CISOs face: CEOs demanding rapid AI transformation while security leaders must ensure safe, trusted implementation. Both executives emphasize that enterprises have reached an inflection point where AI is delivering tangible productivity gains across customer service, back-office operations, and core workflows. The discussion introduces the concept of deploying AI bravely—moving fast while maintaining comprehensive security controls through integrated visibility, scanning, and runtime protection capabilities.

Shadow AI Discovery and Runtime Protection

The interview explores three critical security pillars for AI governance: discovering shadow AI deployments across the enterprise, assessing novel AI-specific risks through artifact scanning, and protecting systems at runtime from emerging threats like prompt injection and memory manipulation in agentic workflows. Swanson emphasizes that traditional cybersecurity tools don't adequately address these new threat vectors, requiring purpose-built AI security capabilities. The partnership between ServiceNow and Palo Alto Networks addresses this gap by combining ServiceNow's AI Control Tower—a unified governance model that connects business priorities with risk management—with Palo Alto Networks' scanning and runtime protection capabilities. This integrated approach enables organizations to identify hidden AI risks, scan models and artifacts for vulnerabilities, and deploy protections at the point of inference when AI systems make decisions.

Operationalizing Secure-by-Design AI at Scale

The executives stress that secure AI adoption is not a choice between speed and security but rather an imperative to achieve both simultaneously. Krishnamurthy introduces the AI Control Tower concept as a cross-functional coordination mechanism—analogous to air traffic control—that balances ROI and risk across security, data governance, and compliance teams. The partnership enables organizations to embed security natively throughout the AI lifecycle rather than bolting it on after deployment. Both leaders advocate for applying established security principles like zero trust, least privilege, and secure-by-design to AI systems while acknowledging that the pace and agility required for AI transformation demands new approaches. The key lesson is that organizations must move iteratively and quickly, as the risk of not adopting AI exceeds the risk of moving forward with appropriate security controls in place.

Chapters

0:00 - Introduction and AI Transformation Overview
0:32 - Enterprise AI Adoption Inflection Point
1:41 - Security Perspective on AI Acceleration
2:51 - Top CISO Risks and Concerns
3:55 - ServiceNow and Palo Alto Networks Partnership
5:45 - Lessons Learned and Best Practices
8:18 - Deploying AI Bravely
8:59 - Closing Remarks

Key Quotes

0:40 "This is the year people are getting serious productivity gains. It is the time to accelerate."
2:26 "There really should be no AI in any enterprise without security of AI."
5:51 "It's an and. It's not should I go fast or should I manage risk? You got to do both."
7:05 "The risk of not moving is higher than the risk of moving."
8:15 "We want to enable CISOs along with CIOs to deploy AI bravely."

Categories:
  • » AI & Machine Learning
  • » Data Protection
Channels:
News:
Events:
Tags:
  • AI & Machine Learning
  • Security Operations
  • Compliance & Governance
  • Executive Briefing
  • Best Practices
  • AI Security
  • Enterprise AI Adoption
  • AI Governance
  • Shadow AI Discovery
  • Runtime Protection
  • Prompt Injection
  • AI Control Tower
  • Secure-by-Design
  • Agentic AI
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: Balancing AI Innovation with Security at Enterprise Scale

              XStreaminars (watch here)

              • Jul
                28

                Illumio + Netskope: Zero Trust in the Age of AI Autonomy

                07/28/202601:00 PM ET
                • Jul
                  29

                  Ask Your Cloud Anything: Unlocking Governance Silos in your Environments

                  07/29/202601:00 PM ET
                  More events

                  Industry Events (watch there)

                  • Jul
                    22

                    Insights from Attackers During the FIFA World Cup: A HUMAN Dialogue

                    07/22/202601:00 PM ET
                    • Aug
                      19

                      Becoming Agent Ready: Insights from Cyera's Expertise

                      08/19/202612:00 PM ET
                      More events

                      Upcoming Webinar Calendar

                      • 07/21/2026
                        04:00 AM
                        07/21/2026
                        Strategies for Managing AI Governance and Securing App-to-LLM API Traffic
                        https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
                      • 07/22/2026
                        06:30 AM
                        07/22/2026
                        Insights and Strategies in Data Protection and Privacy Management
                        https://www.truthinit.com/index.php/channel/2000/insights-and-strategies-in-data-protection-and-privacy-management/
                      • 07/22/2026
                        01:00 PM
                        07/22/2026
                        Insights from Attackers During the FIFA World Cup: A HUMAN Dialogue
                        https://www.truthinit.com/index.php/channel/2029/insights-from-attackers-during-the-fifa-world-cup-a-human-dialogue/
                      • 07/28/2026
                        01:00 PM
                        07/28/2026
                        Illumio + Netskope: Zero Trust in the Age of AI Autonomy
                        https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
                      • 07/29/2026
                        04:00 AM
                        07/29/2026
                        Real-Time Strategies for Safeguarding Against Prompt Injections
                        https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
                      • 07/29/2026
                        01:00 PM
                        07/29/2026
                        Ask Your Cloud Anything: Unlocking Governance Silos in your Environments
                        https://www.truthinit.com/index.php/channel/2048/ask-your-cloud-anything-unlocking-governance-silos-in-your-environments/
                      • 08/19/2026
                        12:00 PM
                        08/19/2026
                        Becoming Agent Ready: Insights from Cyera's Expertise
                        https://www.truthinit.com/index.php/channel/2036/becoming-agent-ready-insights-from-cyeras-expertise/
                      • 09/02/2026
                        12:00 PM
                        09/02/2026
                        Unified Data Security in Action: Uncover, Analyze, and Resolve Threats
                        https://www.truthinit.com/index.php/channel/2045/unified-data-security-in-action-uncover-analyze-and-resolve-threats/
                      • 09/30/2026
                        04:00 AM
                        09/30/2026
                        AI Command Center: Optimizing Visibility and Control in Your Operations
                        https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/
                      Truth in IT
                      • Sponsor
                      • About Us
                      • Terms of Service
                      • Privacy Policy
                      • Contact Us
                      • Preference Management
                      Desktop version
                      Standard version