AI or Not

E050 - AI or Not - Tony Carrato and Pamela Isom

Season 2 Episode 50

Share episode

Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.

0:00 | 37:37

Welcome to "AI or Not," the podcast where we explore the intersection of digital transformation and real-world wisdom, hosted by the accomplished Pamela Isom. With over 25 years of experience guiding leaders in corporate, public, and private sectors, Pamela, the CEO and Founder of IsAdvice & Consulting LLC, is a veteran in successfully navigating the complex realms of artificial intelligence, innovation, cyber issues, governance, data management, and ethical decision-making.

Overwhelmed by the pace of AI and the constant drumbeat of cyber threats? We break the noise into a clear plan you can follow, starting with basics that actually block attacks and habits that keep you current without draining your week. With returning guest Tony Carrato, a veteran of global security and AI programs, we explore how leaders can protect their brand, make smart use of modern AI tools, and build resilience into systems before the next headline risk arrives.

We start with a reality check: attackers use bots that don’t care whether you’re a startup or a giant, making fundamentals non-negotiable. Strong, unique passwords, 2FA, link and QR hygiene, and real backups you’ve tested for restore are the highest-ROI moves. From there, we outline a focused learning routine—just one dedicated hour per week—powered by a curated list of thought leaders, security teams that publish freely, and concise newsletters, including global sources that surface what’s happening beyond the usual feeds.

We also examine executive presence in a world shaped by AI and cyber risk. Speak more slowly, be concise, demonstrate your applied fluency with tools like Copilot or ChatGPT, and keep your voice by editing AI outputs for accuracy and redundancy. Ask sharper questions about risk, resilience, and outcomes, and protect your time without going silent. Teaching—whether at a lunch-and-learn, a standards group, or a local security forum—cements your knowledge and strengthens your network.

A major takeaway is the blind spot of data integrity. Confidentiality and privacy matter, but integrity failures can cripple decisions and trust. Track provenance and chain of custody, align systems of record, and test your recovery paths so AI-informed decisions sit on solid ground. Leave with one action for the week: identify your top priorities, confirm the controls that matter most, and invest a single focused hour in learning that moves the needle. Subscribe, share this with a colleague who needs clarity, and leave a quick review to help more leaders build resilience in 2026.



[00:00] Pamela Isom: This podcast is for informational purposes only.

[00:27] Personal views and opinions expressed by our podcast guests are their own and not legal advice,

[00:35] neither health tax, nor professional nor official statements by their organizations.

[00:42] Guest views may not be those of the host.

[00:51] Hello everybody and welcome to AI or Not, the podcast where business leaders from around the globe and get together and share wisdom and insights that are needed now, right now to address issues and guide success in your artificial intelligence and digital transformation journey.

[01:07] My name is Pamela Isom and I'm the podcast host. And today we're exploring one of the most pressing challenges for leaders in 2026, and that is staying current in cyber and AI without becoming overwhelmed.

[01:23] So I thought we would talk about that today. I have a special guest that's coming back to talk to us about this and he lives this work every day.

[01:34] So that is Tony Carrato. Tony, welcome back to air not the podcast.

[01:39] Tony Carrato: Thank you, Pam.

[01:41] Pamela Isom: Okay, so now before we dive in, I'd like you to do what you do,

[01:45] which is to tell us a bit about yourself,

[01:48] about your career journey,

[01:50] and what brought you into this space.

[01:53] Tony Carrato: So for those who don't know, Pam and I go back probably what, 15 or 20 years when both of us were at IBM and after IBM, both of us moved in somewhat different directions.

[02:06] But to get there, I've lived on three continents and worked on six of the seven.

[02:13] And part of that was dealing with solution and system design. And I can remember as long ago as in the middle 70s when I was in the US Air Force working on networked and distributed systems.

[02:30] And the question came to a few of us,

[02:34] how do we know these are secure? What are we going to do?

[02:37] And I can tell you, most people's cybersecurity journey did not start that long ago.

[02:43] So we started looking at that. And over time, as I moved through different roles, security was always part of that journey.

[02:52] Now AI didn't become part of that journey for me at least until maybe 10ish years ago.

[03:01] But one observation I'd make which is probably central to today's discussion, is that the rate and pace of change in technology is just almost overwhelming.

[03:16] In fact,

[03:17] it's not hard to get overwhelmed and to be left with,

[03:22] how can I possibly keep up?

[03:25] Maybe I just won't bother.

[03:27] And I liken this.

[03:30] The last time I saw a change like this was probably in the mid-90s when the web became a real thing in about 95, 96ish.

[03:43] And I can remember I was at AT&T in Hong Kong in those days talking to people about how things like Internet based advertising was going to become a big deal and people, nah, that'll never happen kind of thing.

[03:59] And of course it has AI. We're probably past the no, it'll never happen moment,

[04:08] but I think an awful lot of people are. Maybe I shouldn't get involved. It's awfully early,

[04:14] feels kind of weird and flaky.

[04:18] And then there are other people trying to ask how in the world do I keep up.

[04:24] The other thing is,

[04:26] if you look at where I spend a lot of my time, which is in cybersecurity,

[04:32] we're almost drowning in the threats.

[04:36] They're everywhere.

[04:37] I sit on a couple of boards and small companies will say, well, you know, it sounds bad, but we're so small it'll never happen to us.

[04:46] And that's probably true until they get wiped out. Because remember that cyber attackers aren't running down the Dun and Bradstreet's list of companies or the Fortune 500 or something. They're running bots.

[04:59] And if bots can find an opening, they don't care if you're big or small.

[05:03] So with all that, you have the. The issue of how in the world do I keep up?

[05:10] And let's talk before we talk about how. Talk just a moment about why Pam knows this. She's known me for a long time. I believe that everyone has a personal brand.

[05:23] When people think about you,

[05:25] what do they think?

[05:27] You know, when I think about Pamela Isom, I think about a tech savvy senior executive leader who can interact with people and leave them going. I'm glad I talked to her.

[05:39] That's Pam's brand in my mind.

[05:43] But we've all got one.

[05:45] Your brand, especially if you're a technologist,

[05:49] is related to.

[05:51] Are you in fact tuned in on the most current technologies? Doesn't mean you're an expert in everything. Nobody is.

[05:57] But are you tuned in?

[05:59] Are you actually using any of these technologies?

[06:04] For example, I put together and Pam will make it available however she thinks makes most sense.

[06:10] Some slides for this backing material and I wrote the content but then I just went into.

[06:17] In my case I used copilot and said make these look good.

[06:21] That's a very simple one.

[06:23] There are lots of other things I've done where you. I tend not to be a coder anymore for whatever reason. I find myself in sort of senior roles because of my board memberships and I tend to use them in those areas.

[06:37] Something that will hurt your brand is if you're not cautious about protecting yourself and your Organization from cyber threats.

[06:45] Whether your job is in cyber, it's in enterprise architecture, it's business change.

[06:51] Don't be careless.

[06:53] So how are you going to do that?

[06:56] I do a few things.

[06:59] First of all,

[07:00] there are folks out there and we're hosted by one of them who are thought leaders.

[07:06] Now what's a thought leader?

[07:08] Well, there's the part about thought and there's the part about leading.

[07:14] Someone who has an analytical, insightful view of things,

[07:19] who gives other people a reason to listen to them, is in my mind a thought leader.

[07:26] One of the ways you get there is learn by doing.

[07:30] Are you taking advantage of the AIs for example, that are out there and are you doing that on a regular basis? Do you turn to Google Gemini instead of Google Search?

[07:42] When you have a query,

[07:44] Try it. You'll get very different results.

[07:47] Do you use Open a open API's ChatGPT?

[07:52] Do you use Copilot?

[07:54] If you go, oh, I gotta pay for ChatGPT? Well, the odds are pretty fair you're paying for Copilot anyway because you're a Microsoft customer. And as my friends in Microsoft say, pretty much everybody's a Microsoft customer if you're a coder.

[08:08] Are you using Claude routinely?

[08:12] Not once in a while.

[08:16] Pamela Isom: Let me just, let me just pause for a second, kind of replay some things that I've heard you say and then add a little bit to it before we go forward.

[08:26] But I will say that when you speak to protecting your brand,

[08:32] I learned about branding way back when we were in our IBM days because that was a critical success factor for folks.

[08:42] But I do think that when you talk about protecting your brand, that's an area that we don't think about. So we think about establishing a brand,

[08:51] but we don't think about really protecting that brand.

[08:54] And I think that we also have a tendency to lean on cybersecurity experts for protection when we really should take ownership and responsibility ourselves or look at what can we do ourselves.

[09:11] And I think if we're for this day and time in particular,

[09:14] so you know,

[09:16] we're talking about AI and cyber and we're talking about dealing with the challenges that we're faced with today because everything is evolving so fast.

[09:26] So we want to stay current in a such cyber and AI.

[09:30] And my thinking when you were saying all that is go back to the common, just the common sense things,

[09:37] just the common sense things that we need to do like think about our brand, how do we protect our brand, which you pointed out.

[09:45] And also you said don't Be careless.

[09:48] So I often say when it comes to cyber,

[09:52] we are in a,

[09:54] in a realm where the threats are overwhelming and we can't just throw up our hands and say,

[10:01] lead that to X.

[10:02] Do you walk into a store with your money hanging off of your,

[10:08] your clothes?

[10:09] Right. So go back to some of the common sense things that we want to think about and translate that into what does that. Why is this so important in the digital world?

[10:19] Right. So what are the,

[10:21] those simple things that we could be doing and where are we just asking for it? Like, where are we just asking for trouble? Right. And so I just wanted to add that to what you were saying because I like us to think about it and not get overwhelmed.

[10:35] I'll say this, I was in this. I talk a lot about cybersecurity and I talk to government contractors and I, and I use that example with them a lot. Like, go think about why this is important.

[10:47] You don't need security guards standing by you to tell you to put your money away, stop having it hang, and definitely don't pin it on your clothes. But we're doing things silly that we're doing some things that could be just as obvious.

[11:02] Right.

[11:03] So I talked to the cybersecurity contractor about cybersecurity and a lot of them tend to think that if I'm a small business,

[11:11] that I'm not really as vulnerable as some of the others because. And I tell them all the time, and then I'll give it back to you here, but I tell them all the time that yes, you are a target and if you're a government contractor, you are really a target.

[11:26] I don't care if you're small, large, whatever,

[11:29] you are more of a target if you're smaller because you wear so many hats and they know it. So you have access to people and you have access to so much and it's usually one or two people,

[11:41] right? So, so you do become vulnerable. So you have to know the things to do to protect yourself and don't be overwhelmed. Just think about some of the common sense things that we want to focus on to protect our data, to protect our environment,

[11:55] to protect ourselves.

[11:57] Right? So I just kind of wanted to say that because of the theme that we have today and because we're talking about staying current in cyber and AI.

[12:07] All right, so I'm going to give it back to you and talking about some things that you see are important to stay current and to stay relevant and also share with us some key references that you have.

[12:20] Like are there some key materials or people or and thanks for the compliments that you made of me, but are there key things that we should be paying attention to that would just help us in this journey?

[12:32] Tony Carrato: Absolutely. And you're spot on with what you just said.

[12:36] Most of the cybersecurity incidents you see are not some massively sophisticated nation state attacker who does some nefarious and almost impossible to understand thing.

[12:52] There are absolutely nation states out there. There are cyber gangs.

[12:57] Most of what they take advantage of can be avoided or alleviated by paying attention to the basics.

[13:06] That's not things like force people to change their passwords every 30 seconds,

[13:12] make sure people use non obvious passwords,

[13:15] use two factor authentication with your phone or an authenticator app.

[13:21] Basic stuff like that.

[13:23] Don't click on a URL without at least taking the time to look at it. Says it's from Amazon, but if you look at the URL it goes nowhere near there.

[13:34] Little things like that try and avoid the urge to scan every QR code you ran into.

[13:42] On the other hand,

[13:44] don't worry about the power plugs at airports,

[13:48] the chances that an army of North Koreans have gone into every airport in the western world and rewired the USB charging ports as essentially zero.

[14:00] Now I was saying pay attention to thought leaders. I'm going to give you a few out of a list I have.

[14:06] Pamela has the list.

[14:08] She can make it available as she chooses. But in addition to listening to Pam and her podcasts and looking at her website,

[14:17] which I do,

[14:18] people like Tracy Reagan, who is the CEO of a small company called Deploy Hub. She leads the Ortelius Open Source project and is a regular podcaster on Tech Strong Women.

[14:32] I sit on her, I'm an advisor to her board and I get to interact with a lot of really smart people there.

[14:39] I'm not going to list all the people I have material I gave you Pam, but Omkar Arasaratnam, who Pam and I both worked with at IBM,

[14:47] who is LinkedIn's first distinguished engineer for security.

[14:52] A really good guy on Cloud and AI is David Linthicum.

[14:57] He was at AT&T and then was at Deloitte and has now got his own company.

[15:03] Jen Easterly, who led the CISA and is out these days doing her own thing, is very, very good.

[15:13] A couple of retired IBM fellows who are now active doing other things would be Kerry Holley and Mark Fiamant.

[15:22] Really good folks.

[15:24] So those are some examples of people and I've included a list of a bunch that are worth listening to.

[15:33] A couple others.

[15:35] Yahtzu in Hong Kong. Yacht is the executive chairman of a company you may never have heard of called Animoca Brands. But it's a billion plus dollar company that actually got its start in email, is huge in mobile gaming and in web3 and even distributed finance, blockchain and cipher.

[15:57] There's another guy who is one of the smartest people I know and very insightful and with that said,

[16:06] some other ones I think very highly of the security team at Microsoft. So I talked to folks like Mark Simos,

[16:15] Joseph Davis and Ben Henderson.

[16:18] Surprisingly often it's unusual for a week goes by that I'll talk to at least one of them and they make a ton of information broadly available,

[16:29] unlike a lot of the other vendors. They will give you a lot for free. That's really good.

[16:35] The other thing I do is,

[16:39] and this may be too much for people who are already working 55 hours a week, but invest in yourself a little bit. Spend some time on things like newsletters and I'll mention a few.

[16:52] And again the URLs are available in the material that Pam has.

[16:59] But for example,

[17:00] All Things AI is a weekly newsletter by a friend in Hong Kong, Yusuf Columbus,

[17:07] who actually works for Yacht and is his chief strategy guy who does a weekly very brief. It's typically a page or two summary of important announcements. One of the values in that one is based in a place like Hong Kong.

[17:23] You get more occasion to be aware of what's going on in China,

[17:27] which for those of us in the US and Europe, it's easier to lose track of.

[17:32] The company Pam and I both worked for,

[17:35] IBM has a thing called the Institute for Business Value.

[17:40] They do both technology focused materials and industry focused materials.

[17:47] They're free.

[17:48] You don't have to go write someone a check for a quarter million dollars.

[17:52] Sign up and they will send you, in my opinion, quite insightful material.

[17:58] One that is perhaps less technically focused, but from a very, very savvy guy who again I worked with at IBM,

[18:09] who's now in fact the chief strategy officer at a company called Ridgeline. They do software for the financial services industry.

[18:18] Guy named Jack lynch does a weekly newsletter he calls Reading Ambitiously,

[18:26] which is another.

[18:29] You can get through it in less than 10 minutes depending on how deeply you dive into things.

[18:34] But it brings a smart, tech savvy business person's view to you that you probably don't get otherwise, depending on how much of a techno nerd you are. And I admit I am.

[18:48] But it's a good thing to do if you want to Veer off in the other direction and look at somebody who is a really sharp developer.

[18:58] There's someone named Sohail and writes under Sohail X codes on medium and you get some really interesting to at least people like me who have a reasonably technical focus.

[19:15] Senior level development topic why did my production system run great and then three days into the week it slows down dramatically,

[19:23] I restart it and it's all wonderful again.

[19:26] Why is that happening? What do you do about it?

[19:29] How do you make soft deletes work for you in a database system, those sorts of things?

[19:35] That's a really good one there.

[19:38] Another one that's oriented towards software mostly engineers that I think is really good and ranges from technical topics to career topics is the Pragmatic Engineer and I'm going to have another shout out.

[19:52] Go look at Pam's blog.

[19:54] It's worth it. Spend the time so what I'm trying to say here is invest in yourself.

[20:02] Find an hour a week that's not really that much.

[20:07] Do it while you're having your sandwich at lunch or something to just keep yourself focused on things beyond what's right in front of you every day.

[20:19] Be known as the person who keeps aware of things and you know, don't get overwhelmed. Spend an hour. Don't, don't go, oh my gosh, if I don't spend 80 hours I'll drown.

[20:29] Well, if you try and spend 80 hours you will drown.

[20:33] If you say I'm going to take lunch on Tuesdays and just do a little,

[20:37] you know, self maintenance.

[20:40] And with regard to maintaining your brand,

[20:44] take the opportunity to share some of what you do learn with other people that's part of your brand is I'm open and will help you. The other thing I do,

[20:55] I'm very active in the security forum at a standards group called the Open Group.

[21:02] If you go look at their standards, you'll find my name on a bunch of them.

[21:06] I don't do it because of that. I'm not at the point in my career where that matters too much to me.

[21:11] What matters to me is engaging with people who are really interesting in being able to share what they do.

[21:18] In the state of New Mexico where I happen to live, even though the background pictures from just across the border into Colorado,

[21:25] we have a CyberSecurity group called Chilisec which you can find on LinkedIn if you're interested.

[21:31] It's aimed at folks who live in this state who are sharing actively what we do.

[21:36] So I do that and I engage and I share and I pay attention to other people.

[21:41] But one of the things that helps you stay current is you learn something the best when you're trying to teach someone else.

[21:51] Make the time,

[21:52] volunteer to go do a talk. Whether your organization does a lunch and learn or they encourage you to be part of a standards organization or they're going to have you get out in front of customers, any of those things that will push you to learn things.

[22:08] When you have to be able to explain it,

[22:12] then you actually will learn it.

[22:16] And if you don't, you'll get reminded right quick the first time you try and do it. So I'd try not to do that in front of a customer. I used to have people and I still do.

[22:26] I'd try and run my presentation by them first.

[22:30] Why? Because it would come out better if I get input from someone like Pam,

[22:35] say, now wait a minute, you forgot something here. Tell them about that.

[22:40] Pamela Isom: And feedback is always good. Right? So we're in a day and time where, well, we've always been that way though. But now more so than ever, you do want to give, you do want to give feedback on content.

[22:52] It's just wise to do before you communicate it, especially if it's presentations. And there's nothing wrong with that. Like it's the way of the world. Everybody knows that that's the thing to do.

[23:03] Right. So you can get, and there's many different ways to get feedback.

[23:06] But I do have a question for you along those lines. So as you were talking, it made me think about our executive presence.

[23:15] And we're talking about how to keep up today,

[23:20] how to not become inundated, how to not become overwhelmed. But I provide executive coaching. And a lot of times what I hear from those that I'm providing guidance to is how do I strengthen and cultivate the executive presence.

[23:36] So they're wanting to know, they're wanting to get ideas. And I'm asking you, especially in a world that's driven by AI and cyber risk,

[23:45] what guidance would you offer to those who want to grow their executive presence? And it ties into what you've been saying. But let me hear your thoughts.

[23:55] Tony Carrato: Sure.

[23:56] So the first thing is talk more softly and more slowly.

[24:02] If you look at who's commanding the room,

[24:05] they are not normally the people who are shouting and speaking really fast.

[24:11] So part of it is just how do you handle yourself?

[24:16] Second,

[24:17] brevity matters.

[24:19] Anybody can write a 20 page paper on something. And I often find it's like the kid who wrote the book report and just kept writing and writing and Writing and hoping the teacher would find something in it.

[24:31] I've worked for a couple of pretty senior people who told me if you can't communicate it in one page,

[24:36] you don't know it.

[24:38] Now obviously that one page may have 500 pages of backing material, but brevity.

[24:45] Another one in Executive presence is humor.

[24:49] Humor doesn't work for everybody.

[24:51] It may or may not work for you.

[24:54] What I recommend is watch people how well they use it or don't use it and ask yourself, would that work for me?

[25:04] And just remember, if you have to explain the joke, it probably wasn't funny.

[25:09] So that's part of it. Now let's turn to the more AI and cyber focused things.

[25:14] One of the things is simply demonstrate your use of or knowledge of them. For example,

[25:22] I put this presentation together and here's what I used AI to do in it.

[25:27] Just casually mention it.

[25:30] You don't have to get into the. It took me eight prompts to get this picture.

[25:35] Demonstrate some mastery in cyber.

[25:41] Think critically about systems.

[25:44] I know that when I do things with the folks where I'm engaged as a senior person,

[25:50] a lot of what I find important to do is ask questions.

[25:54] Have we thought about what happens if this occurs?

[25:58] How will we protect ourself if that happens?

[26:02] So use your personal presence to speak more slowly and calmly.

[26:09] Speak sometimes work a little humor in be brief.

[26:13] Demonstrate use of and capability with some of the technologies and ask questions.

[26:22] Pamela Isom: And I would just add to that because I really like that. So much so that I'm taking notes.

[26:27] But I would just add to that that be very careful of the tools that you do use.

[26:34] Some of the tools tend to be redundant.

[26:37] So be careful with the AI tools. And if you're using them to help you summarize content or helping you to generate content,

[26:46] just watch out for the redundancy because it has a tendency to repeat itself. Right? So your content,

[26:52] I'm going to the brevity point. The content that is self generated using the tools. Just be mindful that you need to read through it, you need to tain it,

[27:03] even though it sounds really, really good.

[27:05] And watch out for redundancy. When I'm in a bad mood,

[27:09] I can go to the AI tools and I can ask it to tell me about myself, right? Tell me something good. It'll tell me exactly what I want to hear.

[27:18] It'll tell me and then some about how wonderful you are, how you can conquer the world. You can do this, you can do that. I say that to say be good stewards.

[27:29] When it comes to using the tools and monitor the outputs so that when you are presenting,

[27:39] you are actually speaking still in your own voice.

[27:43] So use it to assist,

[27:44] but not totally control.

[27:46] And so I just wanted to say that. And if you're talking about building. So when we think about the executive presence.

[27:52] Yes, that's. Those are the things that we want. Right. I like everything that you said there.

[27:58] And you do want to be able to use the tools and you do want to be able to show that you have a mindset for cybersecurity stewardship.

[28:07] You don't, as I said, like, you don't have to be a cybersecurity engineer, although there's nothing wrong with that. Right. So, but you don't have to.

[28:16] You want to be a steward,

[28:18] you want to protect. You want to do the things that you need to do to show that you are a person or an executive or an executive protege that has eye and a mind for protecting and guarding and defending your business.

[28:39] Right. Yourself, your business,

[28:41] your leaders.

[28:42] And they want to see that in you. They want to know that you can lead an organization, you can lead a division, you can lead some component of the organization,

[28:51] and you have an eye on everything that needs to be done, including the financials, including the immediate job at hand. You have an eye for AI threats. You know what some of those threats are and how to watch out for them.

[29:06] Do you know malware can get intercepted in the middle of all that text that it generates and gives you back? And all this, all this, all this great stuff,

[29:15] right in the middle of that could sit some malware, right? So you want to be read the content that the AI generates and read it carefully. Don't just run with it.

[29:27] Tony Carrato: Absolutely true. And that goes to another point.

[29:31] Ruthlessly prioritize,

[29:34] focus.

[29:36] So part of being an executive is paying attention to what's important, which means you've got to think about what's important. And, you know, some things have to say, yeah, interesting.

[29:46] But we really can't focus on that.

[29:49] This is an area where we have to keep things going and protect ourselves and including that, protect your own time.

[30:01] You can't say yes to everyone, but don't get the reputation of someone who you send them an email and it's like throwing a pebble in a. Well, you never hear anything thereafter.

[30:11] Sometimes the answer is,

[30:13] I'm really not the right person to help you with it,

[30:16] but don't get the reputation of I'm the person who will ignore you,

[30:20] but you don't have to say yes to everything. You don't have to take on everything.

[30:25] So hopefully this has been helpful to your listeners panel.

[30:29] Pamela Isom: I think it will be. I have one more thing that I want to talk about and the hidden aspects of surviving in today's world. So I talk a lot about health, headline risk and how leaders focus on the headlines and the headline risk like confidentiality,

[30:47] privacy, while other areas exist like data integrity. And so I write a lot on this subject.

[30:54] And so think about data integrity, the supply chain weaknesses,

[30:58] the model drifts, right? So we're thinking about where we are today without getting technical here, but silent model drift, right. So those aren't getting the attention. Data integrity is not getting the attention that it deserves to me.

[31:13] While at the other side of the equation,

[31:16] areas like confidentiality,

[31:19] privacy are getting the attention. Not enough, but they are getting the attention.

[31:23] And so data integrity involves managing the chain of custody of information,

[31:30] keeping it clear.

[31:31] And I'm getting to cyber, right?

[31:33] Keeping a clear record that can't be tampered with, that's uneditable, where data comes from,

[31:41] who has access to it, and if there are changes,

[31:44] what are those changes along the way?

[31:48] So data integrity is an area that I write about a lot and I think about it from a medical records perspective. From a financial statements work, right. If I go back and look at my bank records, I don't want it to have been tampered with.

[32:03] So we're talking AI and cybersecurity and keeping relevant and keeping up. Well, these are areas where if we're looking at how we mature,

[32:14] how can we grow, how can we cultivate our skills. I see an area right there in the area of data integrity.

[32:22] So I wanted to kind of get your perspective on that. What do you think?

[32:26] Tony Carrato: Sure. There's a couple aspects.

[32:29] One is the one you've talked a lot about, which is understanding what you have and how it's modified and making sure it can't be inappropriately modified.

[32:38] I would argue there's another piece that's closely related,

[32:42] which is resilience.

[32:44] So when you hear about organizations getting attacked either deliberately or in some cases, people just stuff up, they mess things up and it messes up a database.

[32:55] Have you taken steps to ensure you're protected there? And a simple basic is,

[33:01] do you do backups?

[33:03] I go to entrepreneur meetings quite a bit where people are running companies and when they find out you know something about technology and including cyber, they always want to talk to you.

[33:13] And I ask them basic questions like,

[33:16] did you do backups?

[33:18] Have you ever attempted to restore anything from A backup,

[33:22] because let's be real, nobody actually cares about backups. The only thing you care about is being able to restore.

[33:28] And in terms of data integrity, this is one of these classical problems businesses get into,

[33:35] is that they have multiple sources of truth that they don't keep consistent.

[33:43] Now, there are technical design strategies like eventual consistence people go through, but they should be explicit but disconnected systems. When the customer,

[33:55] whether it's a government agency or me trying to buy a pair of shoes from Zappos, is trying to talk to you that data integrity needs to be there and it represents your business.

[34:07] So all of the sexy AI, which we all talk about a lot,

[34:13] if it's not underpinned by good data stewardship that is thoughtful and technically effective,

[34:21] your house of cards is going to come.

[34:23] Pamela Isom: Down at some point and that's what we don't want. So I think that with that context in mind and the conversation on the blind spots, because remember, I see data integrity as one of those blind spots that we just really need to focus on dealing with as well as the things that you talked about here.

[34:40] If there was one thing that you would want the listeners to do this week, this upcoming week,

[34:47] to sharpen their readiness,

[34:48] to sharpen their ability to deal with and not become overwhelmed in this AI and cyber world,

[34:58] what would you encourage them to do?

[35:00] Tony Carrato: I would encourage them to think about priorities.

[35:05] What are the most important things that need your attention?

[35:10] And do you know which ones those are?

[35:14] And once you understand which ones those are,

[35:17] then ask yourself,

[35:19] do I feel like we're adequately secure? Are we resilient?

[35:24] And can I resist the temptation to add just one more body to work on this as opposed to using the smart folks you've already got and getting them encouraged to using tooling instead?

[35:39] Pamela Isom: Well, I want to thank you for joining me today.

[35:43] I do have the document that you sent to me that I will make available to the listeners.

[35:50] But thank you for joining me today.

[35:52] I believe this is an important conversation we're in when this airs will be in 2026.

[35:59] And we want to start the year off giving people thought lessons on how to keep themselves sharp, how to survive in this rapid pace that we're living in. And in particular, there are two common factors that we must all know how to deal with and that's working in the era of AI and working in the era of cybersecurity.

[36:24] We intentionally had this session and had this topic as the theme today.

[36:29] And I know that it will help leaders navigate the pace of change with more confidence.

[36:36] So to my listeners. May today's conversation guide your success as you navigate AI, cybersecurity, and digital transformation.

[36:47] Stay informed, stay resilient,

[36:49] and I'll see you the next time.

[36:51] Tony, thank you very much for being here. I don't know if you have anything else you want to say, but thank.

[36:56] Tony Carrato: You very much for the opportunity.

[36:58] Pamela Isom: All right. It was great. Thank you so much. And I'll be sure and take the material that you share with me and make it available. If you think of anything else, just let me know.

[37:08] But I do hope that this will kind of set us on the right course as we head into this 2026 journey.

[37:15] Tony Carrato: Take care.

[37:16] Pamela Isom: All right. Bye. Bye.