Not All Agents Are Created Equal featuring Brian Fricke
Watch / Listen:
Breakout time has collapsed from 285 minutes to 17 seconds. Attackers are running orchestration agents around the clock while defenders are still scheduling a meeting about it.
Brian Fricke, CISO at AutoNation, has done something rare. He's built security programs from the ground up four times across the military, government, and heavily regulated financial institutions. He joins Nate and Lior, live from RSAC, to break down the governance mistake almost every organization is making with AI agents right now, and what a risk-tiered framework actually looks like in practice.
Lior Div
CEO & Co-Founder, 7AI
Nathan Burke
Chief Marketing Officer, 7AI
Brian Fricke
CISO, AutoNationImpactful Moments
- 00:00 – Introduction
- 01:00 – Brian's background: four programs built from scratch
- 05:10 – Why bad guys don't have a human-in-the-loop problem
- 08:00 – How to structure an information security program: the full framework
- 11:50 – Not everything needs AI: the case for deterministic automation
- 15:00 – The four agent types and why risk tiering matters for governance
- 19:00 – Why vendors should start agents in read-only mode and earn trust
- 20:50 – People on the loop, not in the loop
- 30:00 – Attackers are running at machine speed, defenders are running at meeting speed
- 33:00 – The inflection point: finding attacks no other tool caught
- 38:40 – Unpopular opinion: CISOs would make the best CIOs
- 41:00 – What security teams look like in the future: upscaling with the next agents
Interested in being a guest or want to recommend someone? Reach out to us at DoHumanWork@7ai.com