AI Security, Cyber Risk, and Cloud Strategy on ClearTech Loop
Season 2 of ClearTech Loop is built around three questions:
How is AI changing the way organizations think about risk?
What does stronger cybersecurity leadership look like right now?
How should leaders rethink cloud strategy as business and technology keep shifting?
Hosted by Jo Peterson, Chief Analyst at ClearTech Research, ClearTech Loop is a fast, focused podcast covering AI, cybersecurity, and cloud risk through a business leadership lens.
Each 10-15 minute episode explores the issues shaping modern technology strategy and the decisions leaders cannot afford to ignore.
From governance and resilience to infrastructure change and emerging risk, ClearTech Loop helps leaders make sense of what is shifting, what matters most, and what comes next.
AI Security, Cyber Risk, and Cloud Strategy on ClearTech Loop
AI Security Isn’t a Regex Problem — Lori MacVittie on Governing the New Threat Surface
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
Rules don’t scale. Architecture does. F5’s Lori MacVittie makes the case for putting security policy in the infrastructure—not the app—and for treating AI as its own threat surface. If your program is still chasing strings with rules, you’re already behind.
If your “AI security” strategy is a pile of brittle rules, you’re governing yesterday’s system. In this no-fluff conversation, Lori MacVittie argues for a structural fix: move policy and enforcement into the architecture where they can evolve without redeploys—then govern AI as a distinct threat surface (prompts, context, responses, completions, agents), not just another API.
She also shows how to use LLMs for what humans are bad at: fast pattern discovery. Her real-world example? A packet capture fed to an LLM surfaced a noisy IoT device in minutes—compressing mean-time-to-repair by skipping the rule-writing slog.
Reality check: AI adoption is outrunning AI security. If you’re still reactive, you’re late.
Quick explainer for non-practitioners: Regex (regular expressions) = rule-based string pattern matching; useful for forms, brittle against attackers who mutate text. Lori’s point: shift to semantic signals (meaning/behavior), not just string matches.
In This Episode
- From rules to semantics: why regex won’t save you—and how AI helps detect semantic patterns of abuse.
- Put controls in the architecture: keep secure coding by default, but move policy/enforcement/governance out of the app to avoid security debt and dev drag.
- Govern the AI loop: prompts, context windows, responses, completions, agents—the surface is broader than APIs or the network stack.
- Adoption vs. security: the Road Runner problem—AI is sprinting ahead of the controls.
- Practical win: use LLMs to accelerate discovery in telemetry (e.g., packet captures) and cut MTTR.
Guest Bio
Lori MacVittie is a Distinguished Engineer & Chief Evangelist in F5’s Office of the CTO. She writes and speaks extensively on modern app delivery, AI-driven operations, and security governance.
🎧 Listen: In Buzzsprout Player
▶ Watch on YouTube: https://www.youtube.com/@ClearTechResearch/playlist
📰 Subscribe to the Newsletter:
https://www.linkedin.com/newsletters/7346174860760416256/