Phil Venables, a partner at Ballistic Ventures, highlights the significant impact that artificial intelligence (AI) is exerting on organizational operations and the cybersecurity landscape. He warns that the repercussions of this technological evolution are only starting to unfold. The insights shared by Venables during a recent video interview with Information Security Media Group at the RSAC Conference 2026 shed light on the pressing challenges and opportunities posed by AI.

One of the most pressing concerns raised by Venables is the effectiveness of foundation models in identifying software vulnerabilities. As cybersecurity professionals increasingly rely on these models, they face a daunting reality: attackers are outpacing traditional defenses. He characterizes the emerging threat landscape as a “tidal wave” of vulnerabilities, fueled by the relentless advance of AI-generated code. As software becomes denser and more complex, conventional security practices struggle to keep pace.

Venables notably emphasized the ambiguity surrounding terms such as “AI security” and “agentic security,” arguing that such phrases lack substantive meaning. He challenged listeners to delve deeper into what it truly means to assign identity to AI agents. The discussion signifies a growing concern among cybersecurity experts regarding the need for clarity and precision when discussing AI within security contexts.

In his dialogue, Venables also addressed a range of critical topics affecting the cybersecurity field. He asserted that defenders possess an inherent structural advantage over attackers in deriving value from AI technologies. However, realizing this potential hinges on a few essential factors, such as collaboration, innovation, and a proactive approach to evolving threats.

Furthermore, he pointed out the complications introduced by the proliferation of non-human identities. Organizations, he noted, are grappling with an access management issue that has persisted without resolution. The rapid integration of AI agents into organizational structures exacerbates this challenge, necessitating a more refined approach to identity and access management.

As Venables outlined his primary focus for 2026, he spotlighted the importance of establishing an enterprise agentic control plane. This framework is intended to govern the actions and behaviors of AI agents within organizations, ensuring a structured approach to their integration. By developing robust controls, organizations can better manage the complexities introduced by AI and minimize potential risks.

Phil Venables is a well-respected figure in the cybersecurity domain, known for his role as the first Chief Information Security Officer (CISO) of Google Cloud and for his extensive tenure at Goldman Sachs as their inaugural CISO. His insight is further bolstered by his involvement with various tech boards and advisory roles within national security and standards bodies, making him a pivotal voice in discussions about the intersection of technology and security.

As the dialogue surrounding AI and cybersecurity continues to evolve, Venables’ insights serve as a sobering reminder of both the promise and the peril that lies ahead. As professionals in the field grapple with these advancements, the call for strategic foresight, collaborative innovation, and a reassessment of security paradigms has never been more urgent.