AI Security: Maybelyn Plecic on Shadow AI, Non Human Identities, and AI Defense

Show Notes

Your AI policy does not matter much if no one understands how to follow it. 

In this episode of ClearTech Loop, Jo Peterson talks with Maybelyn Plecic, Manager of Training and Adoption at Network to Code, about shadow AI, non human identities, and what AI defense actually means when people are already using AI to get work done. 

Maybelyn brings a security, compliance, training, and adoption lens to the conversation. She is CISSP certified, AWS certified, and has spent her career helping teams strengthen security posture, drive compliance initiatives, and make technical change usable. 

Why This Matters 

AI adoption is already happening inside organizations. 

The challenge is that governance, policy, training, and approved tools are not always keeping pace. 

That creates risk, but not always because people are acting recklessly. In many cases, employees are trying to move faster, automate boring work, and solve problems the official process has not solved yet. 

Maybelyn frames shadow AI as an IT issue, a security issue, and a trust issue. Her point is clear: if leaders want people to use AI safely, they have to make the safe path understandable, practical, and easier than the workaround. 

What You’ll Hear in This Episode 

• Why shadow AI starts with trust, not blame 
• How protected proof of concept environments and AI sandboxes can reduce risk 
• Why shared language matters when AI systems, agents, and workflows touch data 
• How prompt injection, AI training defaults, and history tracking create new security concerns 
• Why AI defense is not just a tooling conversation 
• How leaders can create AI guidance that teams will actually follow 

Key Insight 

AI security is not only about tools and controls. 

It is about whether people understand the rules, whether the approved process works, and whether organizations are willing to meet teams where the work actually happens. 

As Maybelyn says in the episode: “how do you expect someone to be compliant if they don't even know the rules, right?” 

Timestamps 

00:00 Introduction to ClearTech Loop 
00:26 Meet Maybelyn Plecic 
01:29 Shadow AI: IT problem, security problem, or both? 
01:54 Why shadow AI starts with trust 
03:00 AI is moving faster than governance 
04:47 AI generated content, visibility, and accountability 
06:35 How language around AI is changing 
08:43 Using AI to automate the boring work 
10:40 How AI changes the CISO conversation 
12:33 Non human identities and the importance of shared language 
13:05 Workflow questions become security questions 
14:26 Prompt injection, AI defaults, and training gaps 
15:47 What AI defense means beyond tools 
17:30 Why AI guidance has to match each team 
18:45 Closing thoughts 

Guest Bio 

Maybelyn Plecic is the Manager of Training and Adoption at Network to Code. She specializes in helping teams make technical change practical, secure, and usable. 

Her work spans security posture, compliance initiatives, technical enablement, training strategy, and customer adoption. She brings a builder’s perspective to AI security, with a focus on making complex technology easier for people to understand and use responsibly. 

Additional Resources 

• Maybelyn Plecic website: https://www.maybelynplecic.com/ 
• Network to Code Resource Center: https://networktocode.com/resources/resource-center/ 
• NIST AI Risk Management Framework:
  https://www.nist.gov/itl/ai-risk-management-framework 
• Season 1 ClearTech Loop: https://www.buzzsprout.com/2248577 

Follow ClearTech Loop for more conversations on AI security, cybersecurity leadership, AI governance, shadow AI, non human identities, and enterprise technology strategy. 

🎧 Listen: In Buzzsprout Player
▶ Watch on YouTube: https://www.youtube.com/@ClearTechResearch/videos
📰 Subscribe to the Newsletter:
https://www.linkedin.com/newsletters/7346174860760416256/