Episode Player

Manage AI Like Employees

Full Tech Ahead

Full Tech Ahead
Manage AI Like Employees
May 07, 2026 Season 2 Episode 6
Amanda Razani

In this episode of "Full Tech Ahead," host Amanda Razani interviews Leslie Nielsen, CISO at Mimecast. They discuss Mimecast's recently released "2026 State of Human Risk Report." 

Nielsen explains that human-centric cyberattacks are escalating annually, driven by economic uncertainty and employee fears that AI might replace their jobs, making them more susceptible to malicious recruitment or carelessness. 

A major highlight of the report is the severe risk of data exfiltration; dumping sensitive corporate data (like board presentations or financial disclosures) into unsanctioned generative AI models leaks intellectual property outside the company. 

Furthermore, Nielsen warns against the uncontrolled rise of "agentic" software that bypasses change control, creates non-human identities, and lacks proper management, effectively creating rogue employees on the network. He advises leaders to use AI to fight AI, create explicit AI acceptable use policies, and treat agents with the same accountability and management as human employees, including processes for "firing" an agent.


Key Quotes

  • "We have to be using AI because it's going to take AI to fight AI."
  • "Traditionally, when we thought about leaks, we thought about it being posted on a web page, but now it's kind of... death by 10,000 cuts; just kind of those slow leaks that are building up."
  • "Treat [agents] just like you think about who's managing employees... somebody needs to be responsible... and also be accountable if things go wrong."
  • "Bad news is good news early... The faster that it can be contained, the faster we can all work better to have a safer environment."


Takeaways

  • HR and Management for Agents: Organizations must treat AI agents like human employees or contractors. Someone must be officially responsible for managing, auditing, logging, and granting specific, limited permissions to every agent. They also need defined processes for onboarded and, crucially, "firing" or disconnecting an agent if things go wrong.
  • New Era of Data Leaks: "Leaks" are no longer just public website postings. Employees dumping sensitive data (board decks, financials) into unsanctioned Gen AI tools to speed up their work is a dangerous new form of intellectual property exfiltration into third-party models.
  • Fighting AI with AI Speed: Business leaders must equip their security teams with AI tools to handle the rapid decision-making and alert volume required in modern defense. An AI speeds up development and increases threat vectors; human SoC analysts cannot keep up alone.
  • Vigilance for Everyday Users: AI has made phishing and scam attempts extremely convincing. AI-written emails rose from 3% to 17% in late 2024/early 2025. Everyday users must pause, verify identity via an alternate known channel (like a direct phone call), and remember that if something seems too good to be true, it is.

Find Amanda Razani on LinkedIn.  https://www.linkedin.com/in/amanda-razani-990a7233/

Follow the FTA LinkedIn Page: https://www.linkedin.com/company/full-tech-ahead/

Visit the FTA website: https://fulltechahead.com/

Check out the Substack Channel: https://fulltechahead.substack.com/