What happens when the technology designed to make us more productive quietly becomes one of the biggest security risks inside the enterprise? In this episode of The Business of Cybersecurity, I sit down with Leslie Nielsen, CISO at Mimecast, to discuss the growing tension between AI adoption and cybersecurity, and why many organizations may be exposing sensitive information faster than they realize.
As businesses race to deploy generative AI, AI agents, and Model Context Protocol integrations, Leslie explains why AI models themselves are becoming valuable targets. When organizations pool large volumes of sensitive data into centralized AI systems, they create what he describes as a corporate brain, one that can quickly become attractive to attackers if the right controls are not in place.
We explore the rise of shadow AI, where employees use unsanctioned AI tools to meet deadlines and improve productivity, often without understanding the long-term consequences. Leslie shares why a simple upload of financial data, customer information, or proprietary documents into a public AI platform can create risks that traditional security teams struggle to contain once the information has entered a large language model.
The conversation also examines the changing nature of insider threats. From negligent behavior to deliberate misuse of credentials, attackers are increasingly targeting employees directly. Leslie discusses how AI is making it easier for threat actors to identify vulnerable individuals, while growing concerns around job displacement may create new pressures inside organizations.
We also discuss why visibility remains one of the biggest cybersecurity challenges facing modern enterprises. As AI changes data flows, communication channels, and user behavior, many organizations are discovering that traditional security controls were never designed for the speed and complexity of today's AI-powered environments. Leslie explains why cybersecurity leaders need to become AI champions rather than blockers, helping businesses adopt AI safely while maintaining visibility, governance, and trust.
Looking ahead, Leslie remains optimistic about using AI to strengthen cyber defenses. As attackers embrace AI, defenders are doing the same, creating a new chapter in cybersecurity where automation, intelligence, and human expertise will work together to protect organizations from emerging threats. How is your organization balancing AI innovation with security, and are you confident you can see where your data is really going? Share your thoughts with me.
