AI Tidal Wave: What Defenders Must Do Now

Agentic AI , Artificial Intelligence & Machine Learning , Customer Identity & Access Management (CIAM) AI Tidal Wave: What Defenders Must Do Now Phil Venables of Ballistic Ventures on the Second-Order Consequences of AI Tom Field (SecurityEditor) • March 25, 2026     Credit Eligible Get Permission Phil Venables, partner, Ballistic Ventures Artificial intelligence is not just transforming how organizations operate, it's fundamentally altering the cybersecurity landscape, said Phil Venables, partner at Ballistic Ventures. The consequences, he warned, are only beginning to emerge. See Also: Securing AI Agents in the Zero Trust Era Foundation models are proving highly effective at finding software vulnerabilities, and with attackers no longer resource-constrained, the industry faces what Venables called a "tidal wave" of vulnerabilities. At the same time, the explosion of AI-generated software is increasing code density faster than traditional security practices can keep pace. "AI security is a meaningless phrase. Even agentic security is a meaningless phrase. You drop it down a level and say, what does it mean to give identity to agents?" he said. In this video interview with Information Security Media Group at RSAC Conference 2026, Venables also discussed: Why defenders hold a structural advantage over attackers in extracting value from AI, and what it will take to realize it; How the proliferation of non-human identities is compounding an access management problem organizations never fully solved; Why the enterprise agentic control plane - governing what agents can do and how they operate - is his central focus for 2026. Venables is a cybersecurity leader and investor focused on early-stage innovation. He was the first CISO of Google Cloud and previously spent 17 years as Goldman Sachs' first CISO, later moving into senior risk and board roles. He sits on multiple tech boards and advises national security and standards bodies.