- Cybersecurity Ecosystem Show
- Posts
- From Hacking Game Economies to Governing AI Agents
From Hacking Game Economies to Governing AI Agents
From the Cybersecurity Ecosystem Show conversation with Ward Spangenberg, founder of Behavry.ai
From the Cybersecurity Ecosystem Show conversation with Ward Spangenberg, founder of Behavry.ai
Your team is deploying AI agents faster than you can write policy for them. Those agents run at machine speed, with borrowed credentials, and they never stop to take a lunch break. Ward Spangenberg has spent his career finding the gaps everyone else walked past, and on this episode of the Cybersecurity Ecosystem Show he laid out why the security industry keeps looking backward, what AI actually does for a lean security team, and what real AI agent governance looks like.
Here are the biggest lessons from the conversation.
Security spends its money looking backward
Ward's opening critique of the industry is blunt: we are really good at explaining what happened last night, and really bad at stopping what happens tomorrow.
"We spend our lives in logs," he said. "Why do we spend all of our money in enterprise security today on things that basically tell us bad stuff happened last night?"
Attackers work the other way around. They walk the building trying every door and window, and they only need one unlocked. Defenders have to secure all of them. That asymmetry is why Ward has always pushed his engineers to explore, to punch around, to think like the person testing the locks. It is also why he liked the rise of purple teaming: red and blue in one brain, tearing systems apart from both sides.
The problem is what the industry did with the idea. Purple teaming became a checkbox for insurance renewals instead of a quantified practice. Nobody built the case that it saves money or prevents breaches, so it stalls at the executive level. Ward's fix for budget-constrained teams is practical: you may not get a dedicated purple team, but you can run the exercise. Plan one quarter a year where your own defenders attack the infrastructure they protect. You learn your systems, and you learn to trust your teammates.
AI is not taking your job, but ungoverned agents can take your code base
Ward is not an AI doomer. His framing is the hammer and the nail gun: the nail gun did not replace carpenters, it made them faster. "We train it. We feed it. It's not gonna take over," he said. "There's still gotta be a human in the loop."
His favorite analogy for where we actually are: "AI is a lot like having a five-year-old who has just discovered how to run." The job is not to stop the running. The job is to build the guardrails around the outlets before the kid finds them, because you already know where the outlets are.
That distinction matters because the real risk is not a superintelligence. It is an agent with your keychain and no supervision. Ward pointed to the now-famous story of a company that lost its entire code base because an agent hit a blocked path, improvised, and kept going. Agents do what employees would do if a thousand of them worked nonstop with no manager: they find a way, and the way is not always the one you wanted.
The upside: your junior analyst just became a level two
The most optimistic stretch of the conversation was about what AI does for lean teams. Ward's example: a security analyst who knows firewall logs cold used to need a Python script and an afternoon to answer a question across 10,000 log files. Now the answer is seconds away, in plain English.
The bigger shift is at the entry level. The industry has mostly stopped hiring new grads as level one analysts because they lack experience. Ward's argument is that this is backwards. "If we hand them AI, they're almost a level two analyst coming out of college." Tool them correctly and they get productive faster, and they bring fresh questions that pull threads a twenty-year veteran would never think to pull.
There is a dollar figure hiding in that observation. If AI tooling turns a level one hire into level two output, that is real capacity your budget did not have to buy, and it is the kind of quantified argument (the one purple teaming never got) that wins headcount conversations with a board.
What real AI agent governance looks like
Ward's company, Behavry.ai, sits in the category Gartner has started calling guardian agents: technology that governs your AI rather than replacing it. He is tracking 93 companies in the AI governance space with his own competitive intelligence tool, and his read on what separates real governance from a dashboard came down to four principles worth stealing no matter whose product you buy.
No self-attestation. The agent writing its own logs should not also be the one telling you it behaved. "We don't have the criminal that we just caught breaking into the house write his report," Ward said. Governance has to observe from outside the agent, the way a proxy observes traffic inline.
Review actions in real time, before they execute. Reading the logs after the agent deleted your repo is the same backward-looking security Ward opened the episode criticizing. Every action gets evaluated before it is allowed to run.
Decisions are not binary. Yes and no are easy. The valuable answer is maybe: escalate to a human, pause the agent, and let Bob release it in the morning if Bob agrees. That is a human in the loop by design, not by hope.
Tamper-evident audit trails. Ward hashes every action into a ledger-style chain, so an auditor can verify independently that events happened and were not rewritten. With the EU's AI rules moving forward, states like Wyoming acting, and the SEC circling attestation requirements, regulated industries will be asked to prove what their agents did. "The auditors in the audience went, yes, that's what we're gonna start asking for."
If you run a security program in a credit union, community bank, or any examined institution, this is the part of the episode to replay. AI agents are systems like any other: they belong in your risk assessment, with the risk they carry expressed in dollars your board can act on, not as a vague "high" on a heat map. That is exactly how the Rivial platform treats it, tagging AI risks in the assessment and rolling them into dollar-based board reporting, so the new technology lands inside the program you already run.
Start with a policy before you start with a tool
The governance conversation always lands in the same place: examiners and boards will ask for your AI policy before they ask for your tooling. If you do not have one yet, don't start from a blank page. Download Rivial's free AI Security Policy Template. It is an instant download, no sales call required, and it gives you the guardrails document that every principle above hangs off of.
And listen to the full conversation with Ward. The career stories alone are worth it, including how he mapped trout DNA with a FoxPro database in college and how he earned the nickname "the Dark Knight" dismantling a video game's black market from the inside.
Here are the key takeaways from this blog:
Security overinvests in hindsight: most enterprise spend explains yesterday's breach instead of preventing tomorrow's, and attackers exploit that asymmetry.
The threat is ungoverned agents, not AI takeover: agents with broad credentials and no supervision fail like a thousand unmanaged employees running nonstop.
AI raises the floor of your team: with the right tooling, entry-level analysts produce level two output, capacity you can quantify for the board.
Governance means outside observation: no self-attestation, real-time action review, human-in-the-loop escalation, and tamper-evident audit trails.
Put AI in your risk program: treat agents as systems in your risk assessment and report their risk in dollars, then anchor it all with a written AI policy.
Tags: AI, AI Governance, Risk Assessment, Podcast
-
The Cybersecurity Ecosystem Show connects practitioners, investors, vendors, regulators, and everyone in between. New episodes drop weekly. Subscribe so you don't miss one.
Reply