Security Leaders Must Stop Living by the Framework
Data Breach TodayArchived Jun 09, 2026✓ Full text saved
Paul Watts of Keywords Studios on Business Alignment, AI Hype and Workforce Risk Cybersecurity leaders who still operate through the lens of frameworks and risk registers could be irrelevant in a world where business moves without them, said Paul Watts, CISO at Keywords Studios. He recommends investing in both AI and people to sustain operations over the long haul, he said.
Full text archived locally
✦ AI Summary· Claude Sonnet
Agentic AI , Artificial Intelligence & Machine Learning , CISO Trainings
Security Leaders Must Stop Living by the Framework
Paul Watts of Keywords Studios on Business Alignment, AI Hype and Workforce Risk
Anna Delaney (annamadeline) • June 9, 2026
Credit Eligible
Get Permission
Video Player
00:00
00:00
Paul Watts, CISO, Keywords Studios
Security leaders who still operate through the lens of frameworks and risk registers could be irrelevant in a world where business moves without them, said Paul Watts, CISO at Keywords Studios, an Irish video game industry services firm.
See Also: Know Thy Enemy: Threats to Cyber Resilience
Watts said eight months into his return to a practitioner role - after four years at the Information Security Forum advising security leaders - the lesson he keeps relearning is that security strategy must begin with shared business outcomes, not with a controls inventory. At Keywords Studios, that meant understanding a new industry from scratch and opening every conversation with studio leaders by asking how security can help them succeed.
"Let's think about our EBITDA, let's think about our revenue, our clients' needs and wants," he said. "Now let's think about the tradecraft and security, and how those two things dance together."
In this video interview with ISMG at Infosecurity Europe 2026, Watts also discussed:
Why security teams must adopt a prioritized approach instead of spreading their time across every risk;
Why the industry must resist over-reliance on AI and instead invest in apprenticeships, internships and age-diverse teams to develop the next generation of security leaders;
His skepticism about whether AI-driven vulnerability management narratives encourage organizations to lose strategic focus.
Watts is a security and IT leader with more than three decades of experience across the financial services, retail, critical national infrastructure, food and beverage, data analytics, and market research sectors. He has researched and undertaken advisory work in the field of security leadership and security strategy development, working with global security and business leaders.