Your AI agents are users now. They have your permissions. They read your email. They send messages. And they act on instructions that anyone with an internet connection can drop into your inbox.
In this episode of Threat Talks, Lieuwe Jan Koning, Co-founder and CTO at ON2IT Cybersecurity, sits down with Jack Cable, CEO and Co-founder of Corridor and former lead of Secure by Design at CISA, to walk through the “lethal triangle” (the three conditions that turn helpful AI into a breach vector) and what CISOs should be doing right now, before the technology runs further ahead of the controls.
Timestamps
00:00 – 01:36 Cold Open: The User Inside Your Software 01:36 – 04:23 What Agentic AI Actually Is 04:23 – 07:20 The Lethal Triangle: Three Conditions for a Breach 07:20 – 10:05 Why Prompt Injection Has No Fix Today 10:05 – 14:09 Sanctioning Agents Without “Allow Fatigue” 14:09 – 18:45 OpenClaw: Should Your CISO Authorize It? 18:45 – 21:17 Sandboxing, Sub-Agents, and What to Do Right Now
Key Topics Covered
The “lethal triangle” – sensitive access, untrusted input, and the ability to take unapproved actions – and why every basic email agent already breaks all three rules
Why prompt injection cannot be reliably solved by another LLM, and why deterministic guardrails (sandboxing, allow-lists, human-in-the-loop) are the only durable answer today
Why “allow, allow, allow” fatigue makes per-action approvals largely theatrical, and why routing approvals through a separate model is a real, if partial, improvement
Why Jack Cable’s CISO answer on OpenClaw and similar general-purpose agents today is short: don’t authorize (and what to deploy in its place)
Podden och tillhörande omslagsbild på den här sidan tillhör
Threat Talks. Innehållet i podden är skapat av Threat Talks och inte av,
eller tillsammans med, Poddtoppen.