THE CYBER INTERVIEW
CISOs are facing a storm – and frontier AI is to blame. With novel models sniffing out more bugs in our critical software than ever before, security patches are piling up and if the mood of the industry can be summarised in a single word, it would be“ stressed”.
Not Chester Wisniewski. The Global Field CISO at Sophos is excited to steer his ship through the sea of possibilities that AI has to offer.“ Well trained, it is an incredibly efficient way of looking for malicious things,” Chet says. The greatest benefit to security practitioners from the technology, Chet notes, is when it is paired with humans who are combing through massive datasets.
In Chet’ s words:“ Humans are terrible at dealing with terabytes of information and trying to figure out which interesting thing to make decisions about.”
The solution here is an intelligent division of labour, with AI doing the grunt work to get precise answers to the security questions of human analysts, who are digging through a vast variety of information sources to help the human brain make smarter decisions.
“ The last time I checked there were four million malicious files a day coming into our labs for analysis,” Chet recalls.
“ Obviously humans can’ t look at four million files, but 20 of them are probably really interesting – they could be a nation state attack from an adversary or they could be a new strain of ransomware.
“ What we as humans really struggle with is finding that needle in a haystack.” The malicious files in its millions are just the tip of the iceberg, another major
“ Everything is being scanned constantly and even a minor slip up will be exploited by someone”
Chester Wisniewski Director and Global Field CISO Sophos
hurdle in security is staffing. The industry is generally short staffed and with the mounting volumes, AI is a real lifesaver.
One thing that everybody is unsure about however are hallucinations. But Chet is unfazed, he says that as long as AI helps to get the numbers down from a billion to a hundred, and of these, if 80 are interesting, that’ s a big win in his books.
The criminal surveillance machine When you mess up in the age of AI, there is little that can help.“ Everything is being scanned constantly and even a minor slip up will be exploited by someone,” the CISO says, describing the thorny reality developers face.“ If you accidentally publish your API key on your Github repo, when playing on a weekend project writing some code, something will discover that in five seconds. That key is burnt, it’ s gone.
“ Everything that isn’ t nailed to the floor is being stolen instantly on the internet.” Chet describes AI as smart automation and it is unfortunately being deployed by cybercriminals to“ scan everything, all the time”.
20 July 2026