
EP265 Beyond Shadow IT: Unsanctioned AI Agents Don't Just Talk, They Act!
From Cloud Security Podcast by Google by Anton Chuvakin
March 2, 2026 · 29 min · Season 1 · Episode 265
About this episode
The episode discusses the risks and governance of unsanctioned AI tools, featuring insights from Alastair Paterson of Harmonic Security.
Guest: Alastair Paterson , CEO and co-founder @ Harmonic Security Topics: Harmonic Security focuses on securing generative AI in use. Can you walk us through a real, anonymized example of a data leak caused by employee AI usage that your platform has identified? AI governance gets thrown around a lot. What does this mean in the context of Shadow AI? How should organizations be thinking about governing AI in light of upcoming AI regulations in the US and in the EU? If we generally agree that employees are using AI tools before they are sanctioned, how can organizations control this? Network, API, endpoint? Many organizations struggle with the "ban vs. embrace" debate for generative AI. Based on your experience, what's a compelling argument for moving from a blanket ban to a managed, secure adoption model? Can you share a success story where this approach demonstrably reduced risk? The term "shadow AI" is often used interchangeably with "shadow IT" (but for AI-powered applications) but you've highlighted that AI is a different beast. What is the single biggest distinction between managing the risk of unsanctioned AI tools versus unsanctioned IT applications? Looking forward, where…
People in this episode
Host: Anton Chuvakin
Guest: Alastair Paterson
Topics covered
- shadow AI
- AI governance
- generative AI
- data leak
- risk management
- AI regulations
Keywords
- shadow IT
- data leak
- AI tools
- generative AI
- AI regulations
- risk management
- Harmonic Security
Mentioned in this episode
Organizations: Harmonic Security
More episodes of Cloud Security Podcast by Google
- EP275 Google Cloud Next 2026: The AI Earthquake, "SOC-home" Syndrome, and the Ragged Edge of Reality · May 4, 2026 · 20 min
- EP274 AI, Zero Trust and Secure by Design Walk into a Bar... · April 27, 2026 · 30 min
- EP273 From CISA to Cloud: AI Assurance, Concentration Risk, and the New Regulatory Frontier · April 20, 2026 · 29 min
- EP272 More Than Just Packets: Is NDR a "First-Class" Cloud Security Control? · April 13, 2026 · 34 min
- EP271 Can AI-Native MDR Actually Fix Your Broken SOC Workflows or Just Automate the Mess? · April 9, 2026 · 27 min
- EP270 The Convenience Tax: Why We Keep Failing at Supply Chain Security · April 6, 2026 · 27 min
Explore listener stats, chart rankings, contacts and more on the Cloud Security Podcast by Google podcast page.