How AI Is Rewriting the Rules of Cybersecurity

John Graves is an innovative legal leader and Senior Counsel at Nisos Holdings, Inc. He has a diverse legal background at the intersection of law, highly regulated industry, and technology. John has over two decades of legal experience advising business leaders, global privacy teams, CISOs and security teams, product groups, and compliance functions. He is a graduate of the University of Oklahoma.

Here’s a glimpse of what you’ll learn:

• John Graves shares his career journey from litigation to founding his law firm and in-house privacy leadership to Senior Counsel at Nisos Holdings, Inc.
• How AI enables threat actors through synthetic identities, impersonations, and large-scale attacks
• Ways AI tools help defenders analyze data to uncover risks
• The risks of adopting AI without proper governance
• When companies should employ human risk management
• How tabletop exercises help teams evaluate and prepare for AI-related risks
• Guidance on when tabletop exercises should be conducted and who should participate
• John’s personal cyber tip

In this episode…

AI is fundamentally changing the cybersecurity landscape. Threat actors are using AI to move faster, scale attacks, and create synthetic identities that are difficult for companies to detect. At the same time, defenders rely on AI to sift through large amounts of data and separate the signal from noise to determine whether usernames and email addresses are tied to legitimate users or malicious actors. As businesses rush to adopt AI, how can they do so without creating gaps that leave them vulnerable to risks and cyber threats?

To stay ahead of evolving cyber risks, organizations should conduct tabletop exercises with security and technical teams. These exercises help business leaders understand risks like prompt injection, poisoned data, and social engineering by walking through how AI systems operate and asking what would happen if certain situations occurred. They are most effective when conducted early in the AI lifecycle, giving companies the chance to simulate attack scenarios and identify risks before systems are deployed. Companies also need to establish AI governance because, without oversight of inputs, processes, and outputs, AI adoption carries significant risk.

In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels chat with John Graves, Senior Counsel at Nisos Holdings, Inc., about how AI is reshaping cyber threats and defenses. John shares how threat actors leverage AI to scale ransomware, impersonate real people, and improve social engineering tactics, while defenders use the technology to analyze data and uncover hidden risks. He explains why public digital footprints of executives and their families are becoming prime targets for attackers and why companies must take human risk management seriously. John also highlights why establishing governance and conducting tabletop exercises are essential for identifying vulnerabilities and preparing leaders to respond to real-world challenges.

Resources Mentioned in this episode

• Jodi Daniels on LinkedIn
• Justin Daniels on LinkedIn
• Red Clover Advisors’ website
• Red Clover Advisors on LinkedIn
• Red Clover Advisors on Facebook
• Red Clover Advisors’ email: info@redcloveradvisors.com
• Data Reimagined: Building Trust One Byte at a Time by Jodi and Justin Daniels
• John Graves: LinkedIn | Email
• Nisos Holdings, Inc.
• “Real AI Risks No One Wants To Talk About And What Companies Can Do About Them” with Anne Bradley on She Said Privacy/He Said Security

Sponsor for this episode…

This episode is brought to you by Red Clover Advisors.

Red Clover Advisors uses data privacy to transform the way that companies do business together and create a future where there is greater trust between companies and consumers.

Founded by Jodi Daniels, Red Clover Advisors helps companies to comply with data privacy laws and establish customer trust so that they can grow and nurture integrity. They work with companies in a variety of fields, including technology, e-commerce, professional services, and digital media.

To learn more, and to check out their Wall Street Journal best-selling book, Data Reimagined: Building Trust One Byte At a Time, visit www.redcloveradvisors.com.