AI Has a data problem, cascading breaches, and the weekly news - Dimitri Sirota - ESW #459
From Enterprise Security Weekly (Audio) by Adrian Sanabria
May 18, 2026 · 1h 36m
About this episode
Dimitri Sirota discusses the importance of data governance in AI risk and the trend of cascading breaches in enterprise security.
Interview with Dimitri Sirota from BigID Most organizations think AI risk lives in the model – or the identity. It doesn't. It lives in the data. In this episode, BigID's CEO reframes the conversation: why legacy access controls are breaking down, why visibility into sensitive data is the missing foundation, and what it takes to govern humans and machines under a single, accountable framework. Segment Resources: BigID's Agent Access Management Guide BigID's podcast, CTRL + ALT + AI This Week's Topic: Cascading Breaches We're seeing more and more 3rd and 4th party attacks that chain through multiple layers of compromised tools and services. In this topic segment, we discuss the two main aspects of this trend: How we can stop the chain of breaches from a third party library, vendor, or service provider How this might get handled at the legal, contractual, and organizational levels We discuss two big recent examples: Sonicwall's 2025 breach of their cloud firewall configuration backup service The compromise of Aqua Security's widely used Trivy open source tool The Weekly Enterprise News Finally, in the enterprise security news, Funding and M&A courtesy of the Security, Funded…
People in this episode
Host: Adrian Sanabria
Guest: Dimitri Sirota
Topics covered
- AI risk
- data governance
- cascading breaches
- third party attacks
- enterprise security news
Keywords
- AI risk
- data governance
- cascading breaches
- third party attacks
- enterprise security
Mentioned in this episode
Organizations: BigID, Sonicwall, Aqua Security
Products: Trivy
More episodes of Enterprise Security Weekly (Audio)
- The State of AI in SecOps, the Unintended Consequences of Vulnmaxxing, and the News - Filip Stojkovski - ESW #462 · June 8, 2026 · 1h 38m
- Helping defense's use of AI catch up with offense, cost of the vulnpocalypse, news - Evan Powell - ESW #461 · June 1, 2026 · 1h 38m
- Visibility with EDR/MDR is still important, 'the basics' are impossible, and the news - Rob Allen - ESW #460 · May 25, 2026 · 1h 45m
- The impact of Mythos and Florida Man, confidence gaps, phishing, & AI adoption - Chris Wallis, Deepen Desai, Erich Kron - ESW #458 · May 11, 2026 · 1h 40m
- Post Quantum Migration Struggles, AI Threats, and Modern Defenses - HD Moore, Ramin Farassat, Eyal Benishti, Daniel dos Santos, Bobby Ford - ESW #457 · May 4, 2026 · 1h 33m
- Rethinking Security from the OS Up in the Age of AI and more RSAC 2026 Interviews - Karen Heart, Sachin Jade, Phil Calvin, Craig Sanderson, Travis Wong - ESW #456 · April 27, 2026 · 1h 36m
Explore listener stats, chart rankings, contacts and more on the Enterprise Security Weekly (Audio) podcast page.