Wrapping up the first full day at Forrester Security & Risk Summit 

George Colony Opens: "How Much Should You Slow Down to Be Secure?"

George Colony and Amy DeMartine kicked things off by framing the central challenge: the next 10 years will be "absolutely wild" for security. George introduced AEGIS - Forrester's framework for securing agentic AI - and asked the question that echoed through every session: "How much should you slow down the corporation to be secure?"

Amy introduced the 3E's of risk that security leaders have to balance simultaneously:

• Enterprise (full control): Your policies, controls, decisions. Info security is the #1 enterprise risk.
• Ecosystem (partial control): Third parties and partners. Only 2% of orgs evaluate 100% of vendors.
• External (no control): Systemic risks like data integrity issues and AI innovation speed.

The kicker: 32% of respondents said discrete critical risk events are increasing year-over-year. 41% identified cyberattacks as the #1 risk event. You have to manage all three E's at once while threats are accelerating.

The Security Singularity - AI Agents Are Here

Allie Mellen followed with what she calls "the security singularity" - which seems like the point where AI actually helps us more than it hurts us. Here's the wild part: AI agents fail at tasks 60-90% of the time according to Carnegie Mellon research. Salesforce's own internal agents? 62% failure rate.

But nobody cares. The economics are too good. Revenue per employee jumped from $300K in 2019 to $585K now. Fewer people, more money. So agentic AI is happening whether security is ready or not.

The promising stuff? Red Canary cut investigation time from 20 minutes to under 3 minutes using AI agents. Veracode saw remediation time drop from 150 minutes to 12. Those are real numbers that matter.

The catch: We have to stop expecting AI to be right. Build processes that assume it'll be wrong and work anyway. Document everything because AI can't improve what you haven't written down.

AEGIS Framework - Making It Practical

The AEGIS framework George introduced has six domains and it's actually useful because it maps 100% to NIST AI RMF and ISO 42001 - not another random framework that doesn't connect to anything.

Six domains: governance/risk/compliance, identity and access management, data security and privacy, application security, threat management, and Zero Trust architecture.

The "least agency" principle stood out - give agents minimum authority + make those permissions temporary. Ephemeral identities for autonomous systems.

The 30% AI Tax on Security Salaries

Jess Burn and Jeff Pollard dropped some fresh data: enterprises now pay premiums for AI skills. 46% are paying 11-20% more. Forrester's prediction? Expect 30% premium within two years for security people who actually understand AI.

Roles are changing too. SOC analysts become AI Security Orchestrators. Red teamers become AI Red Team Orchestrators testing for jailbreaks. Incident responders become AI Forensic Specialists. GRC folks become AI Governance Advisors.

And the "AI tax" is real. Yes, you'll save on some automation. But you're paying more in salaries, new vendor pricing models, and something called "Forward Deployed Engineers" - basically vendors selling you consultants to make their AI products work. Palantir's already doing it.

What to Actually Do

Start small. Pick low-risk, high-reward AI use cases like report writing, alert triage, policy docs. Document your processes before trying to automate them. Build guardrails - API limits, scope restrictions, explainability requirements.

Prepare for budget conversations. The CFO thinks AI = cost savings. Reality: You're paying 30% more for talent, new vendor pricing, consultant fees. Yes, you'll be more efficient. No, it won't be cheaper.

Bottom Line

Back to George Colony's opening question: "How much should you slow down the corporation to be secure?"

Answer: You don't slow down. You build controls that let you move fast safely. That means adopting frameworks like AEGIS, implementing identity-based Zero Trust, and accepting that AI agents are coming whether you're ready or not.

Attackers are already using AI to automate everything. Standing still isn't an option.

Zero Trust Governance Framework - The Missing Piece

Carlos Rivera's session on Zero Trust governance connected a lot of dots.

The Problem: 37% of organizations say the #1 thing delaying Zero Trust is lack of IT/security/enterprise architecture alignment. Translation: Alignemnt is not where it should be on who does what, who owns what, or how to make decisions.

The Three-Layer Model:

Strategic - The "why are we doing this?" layer. Where you get executive buy-in, secure funding (35% cited budget as blocker #2), and define what you're actually protecting. Think Mission Control planning the launch.

Operational - The "how do we execute?" layer. Build RACI matrices showing who's responsible/accountable/consulted/informed across Zero Trust domains. Roadmaps. Metrics. Policy structures. The coordination layer.

Tactical - The "what gets enforced?" layer. Real-time policy enforcement. Network segmentation. Conditional access. The tech is getting deployed. Your XDR, SOAR, monitoring tools.

What Stood Out: PNC Bank's Soe Yi talked about their "governance factory" concept - treating governance like an agile software factory rather than a static compliance exercise. Every security project runs through stations that document policies, map to regulations, define IAM requirements, etc.

The artifact library approach is smart: Build it once, reuse it for audits, compliance, business cases. Metrics at every layer - not just tactical. If your stakeholder cares about it, measure it.

Key Insight: Governance isn't optional bureaucracy. It's the fabric connecting disparate teams (identity, network, endpoint, data) who all need to collaborate on Zero Trust but have different priorities and owners.

Without governance, you launch the rocket but it's just debris - no direction, no ROI, no business value.

Proactive Security - Fantasy vs Reality

Erik Nost closed out Day 1 with a reality check on proactive security. His framework is built on three principles: Visibility, Prioritization, and Remediation. But each one has fantasies vs realities that security leaders need to understand.

Visibility (answering "what" and "when"): Fantasy: Security teams know everything that needs to be protected. Reality: Asset management is the hardest part. As soon as you think you know what to protect, it changes through M&A, ephemeral environments, new zero days.

You need both breadth (all the assets - endpoints, identities, networks, apps, cloud, data, controls) and depth (subjective stuff - what's it do, how valuable is it, who owns it). Depth is harder because you get different answers depending on who you ask.

Prioritization (answering "where" and "why"): Fantasy: Just implement exposure management and breaches drop 3x. Reality: Organizations breached 2.8 times per year on average. Exposure management alone doesn't reduce breaches. What actually matters? Whether you're managing and tracking vulnerabilities - doesn't matter if it's in a UVM tool, ITSM, or SIEM. Just track and respond.

Exposure management is vulnerability management in a new outfit. Look at what makes up exposure scores - CVSS, threat intelligence - same stuff as a few years ago. Real exposure management needs breadth/depth of assets plus validation (continuous security testing, not just assessments).

Remediation (answering "how" and "who"): Fantasy: AI will autonomously remediate everything. Reality: Humans will always be in the loop. Why? Change management exists for a reason. We're accessing sensitive control planes. Remember the AWS DNS incident? Too many changes at once = race conditions that bring everything down.

But AI will help. The future is remediation-centric, not exposure-centric:

• Taking millions of findings → hundreds/thousands of optimal actions
• Not lists of what's wrong, but lists of what to do
• Using LLMs to answer "how" - tactical steps, knowledge articles, services to restart, dependencies
• Better "who" recommendations based on code owners, sys admins who log in, not just CMDB tags

Key stat: CISOs control prioritization (based on the visibility they collect). CISOs don't control remediation. The remediation owners control that. Security needs to partner with people who wrote the code and architected the solution.

The 6 Questions Framework:

• Visibility: What? When?
• Prioritization: Where? Why?
• Remediation: How? Who?

Answer these to build your proactive security program.

Day 1 wrap. The themes are already clear: AI agents are inevitable, governance is critical, and identity-based controls are the foundation.