Key Takeaways
- AI‑assisted coding lets engineers create autonomous agents that inherit the creator’s over‑provisioned privileges, undermining least‑privilege goals.
- When a single engineer leaves, the agents they built keep running, creating an “inverted bus‑factor” problem: undocumented, opaque systems persist without anyone who understands them.
- AI delivers concrete defensive wins—log‑analysis anomaly detection and rapid policy drafting—but fully autonomous security‑operations centers remain out of reach because AI lacks business‑process context.
- Most major breaches still stem from phishing and credential theft, not the nation‑state‑focused scenarios vendors often highlight for AI‑driven SOCs.
- As an IT‑services provider, Span must prove that its own controls are robust; a breach becomes a public test of the very security services it sells.
- The cybersecurity talent gap is less about entry‑level shortages and more about a scarcity of senior practitioners with deep operational experience; automating junior roles threatens the pipeline that builds future experts.
- Englman rejects the “human is the weakest link” narrative, arguing that security failures are design flaws that should be mitigated by resilient systems, not blamed on users.
The Evolving Role of the CISO in the Age of AI‑Assisted Development
At Span, the rapid adoption of AI coding assistants has shifted the security landscape dramatically. Engineers now write software, spin up autonomous agents, and grant those agents the same access rights as their human creators. This trend has pushed the chief information security officer (CISO) into uncharted territory, forcing a re‑evaluation of traditional threat models and defensive priorities. Hrvoje Englman, Span’s CISO, emphasized at the Span Cyber Security Arena conference that his goal is not to block progress but to enable secure use of AI within the organization.
Over‑provisioned Identities and the Least‑Privilege Challenge
A core concern is that each AI‑generated agent inherits the identity of its developer, and those identities are typically over‑provisioned. While the principle of least privilege remains an aspiration, enforcing it in production environments proves difficult when agents operate with broad, inherited permissions. Englman noted that attempting to block such practices would be futile; developers will find workarounds if security becomes a barrier. Consequently, the focus has moved toward establishing safeguards that allow AI‑driven development to proceed without compromising overall security posture.
The Inverted Bus‑Factor Problem
Beyond access control, the proliferation of personal agents introduces a new risk akin to an inverted bus‑factor problem. When a single engineer automates a business process using five interacting agents and then departs, the organization inherits an undocumented system that nobody understands. Previously, the bus‑factor issue centered on knowledge loss when a key person left; now, the agents they built continue to run, creating opaque, self‑sustaining workflows that persist without clear ownership or documentation. This scenario complicates incident response, auditing, and risk assessment because the underlying logic and intent of the agents are hidden.
Defensive Gains from AI: Log Analysis and Policy Drafting
AI is not solely a source of risk; it also delivers measurable benefits to defensive operations. Englman highlighted log analysis as an immediate win: feeding hundreds of megabytes of log files into an AI tool can surface anomalies or pivot on an IP address in minutes—a task that previously required analysts hours. Similarly, generative AI can produce a first draft of security policies from internal context, shrinking a three‑day effort to a single day. When multiplied across the workforce, these time savings compound, allowing security teams to allocate more resources to higher‑value activities such as threat hunting and strategy development.
Limits of Autonomous AI‑Driven SOCs
Despite these advantages, Englman cautioned against over‑enthusiasm for fully autonomous security‑operations centers (SOCs) pitched by vendors. The vision of defensive AI battling offensive AI in real‑time, with no human in the loop, does not align with current capabilities. Log ingestion remains the most challenging component of running a SOC, and detection engineering still depends on skilled analysts who can explain why an alert fired. Overreliance on automation can lead to a situation where analysts receive alerts they do not understand, resulting in a flood of false positives or missed threats. Autonomous isolation of critical services remains out of reach because AI lacks the nuanced understanding of business processes required to judge when a shutdown is warranted; such decisions continue to escalate to senior leadership during real incidents.
Misaligned Vendor Narratives: Phishing Still Dominates
Englman also pushed back on the industry’s framing of breaches as primarily the result of sophisticated nation‑state attacks that AI‑powered SOCs are designed to thwart. In reality, the majority of large‑scale incidents trace back to phishing and credential theft—tactics that exploit human credentials rather than advanced zero‑day exploits. Vendors marketing AI‑driven SOCs as a panacea for nation‑state threats are therefore addressing a smaller slice of the problem than their messaging suggests. Effective defense must prioritize robust identity‑and‑access management, multi‑factor authentication, and user‑awareness training alongside any AI enhancements.
Span’s Dual Exposure as a Services Provider
Because Span sells IT services to enterprise clients, its threat model is doubled: the company is both a direct target and a conduit for attackers seeking to reach its customers. A typical end‑user organization can absorb a breach and recover, but for Span, the response itself becomes a product on display. Englman stressed that the firm must be able to demonstrate that appropriate controls were in place, that any failure was contained, and that the incident was handled with the same rigor it promises to clients. Reputation is the core offering; negligence would jeopardize the business model entirely.
Re‑framing the Cybersecurity Talent Gap
The widely discussed cybersecurity talent shortage is, in Englman’s view, misframed. Entry‑level applicants are plentiful; the real scarcity lies in senior practitioners with five or more years of operational depth. Training programs cannot quickly produce this level of expertise, and the industry’s push toward automated tooling threatens to eliminate the junior roles where future experts traditionally gain hands‑on experience. Span’s Cyber Security Center has trained over 3,000 individuals, underscoring the importance of maintaining a pipeline that nurtures deep, practical skills. Englman’s metric for a SOC analyst remains simple: can they explain what an alert means and how the triggering conditions arose? Without that understanding, an analyst’s guess is no better than a model’s random output.
Discarded Wisdom: Humans Are Not the Weakest Link
When asked which piece of conventional security wisdom he has abandoned, Englman cited the notion that “humans are the weakest link.” He called this perspective lazy and a form of blame culture that distracts from systemic design failures. The responsibility, he argued, rests with the CISO to build environments where a user clicking a malicious link does not precipitate a catastrophic breakdown. Defenses that rely on perfect human behavior are inherently brittle; robust security must assume human error and incorporate controls that limit the impact of such mistakes.
Conclusion
Span’s experience illustrates how AI‑assisted development is reshaping the security landscape: introducing new identity and access challenges, reviving classic knowledge‑transfer risks in novel forms, delivering tangible defensive efficiencies, yet falling short of enabling fully autonomous SOCs. The path forward lies in balancing innovation with pragmatic safeguards—preserving least‑privilege principles wherever possible, maintaining human expertise for contextual judgment, and recognizing that reputation, not just technology, is the ultimate product being sold. By re‑evaluating talent pipelines and rejecting simplistic blame narratives, organizations like Span can build resilient security programs that thrive amid the rapid evolution of AI‑driven engineering.