3rd Party Risk Management,
Agentic AI,
Artificial Intelligence & Machine Learning
Keyrock CISO David Cass on Managing Agentic AI Risk in Financial Services
The landscape of financial services is undergoing a seismic transformation as financial institutions adhere to the principles of safety and soundness. However, the introduction of agentic artificial intelligence in operational environments has prompted unprecedented challenges, leaving regulators and security teams grappling with scenarios for which they were unprepared. In this evolving climate, the insights of David Cass, Chief Information Security Officer (CISO) at Keyrock and an adjunct faculty member at Harvard Extension School, have become increasingly vital.
Cass emphasized a critical takeaway for organizations: “You can outsource anything as a business decision, but at the end of the day, you own the risk.” This statement encapsulates a fundamental truth in modern business operations—regardless of where services are sourced or where AI solutions are deployed, the onus of managing risk ultimately rests with the organization itself. As financial entities lean on third-party vendors for various technological solutions, including those powered by AI, the mitigation of potential risks has never been more essential.
One of Cass’s key assertions is that AI governance must be treated as a dynamic and ongoing responsibility rather than a periodic task conducted by a committee that convenes annually. “You can’t blame the AI from a regulatory point of view,” he emphasized. This highlights the reality that businesses must take proactive steps to continuously monitor and manage the integration of AI into their systems. This ongoing vigilance is crucial because the unauthorized access or malfunction of AI systems can have far-reaching implications, impacting customer trust and regulatory compliance.
Cass highlighted the complexities associated with tracking AI’s integration across multiple systems and vendors, suggesting that organizations are transitioning toward an attribute-based access control model. This model aims to mitigate the “blast radius” in case of a compromise, thereby limiting the extent of data breaches or system failures. By compartmentalizing access and ensuring that only the necessary parties have access to sensitive data, organizations can safeguard themselves against potential threats much more effectively.
During a video interview with Information Security Media Group at the RSAC Conference 2026, Cass delved into several pivotal topics. He stressed the need for asset inventories to evolve to include third-party AI systems and the libraries those systems utilize. This is crucial for comprehensive risk management, as understanding the interconnectedness of AI applications can help organizations identify vulnerabilities and strengthen their defenses.
- Trust and transparency are essential components that CISOs should prioritize when evaluating offerings from AI security startups. The ability to demand accountability and clarity in how these startups operate is fundamental in establishing a secure framework for AI deployment.
- Regulatory frameworks often lag behind technological advancements, and as such, safety and soundness principles must bridge this gap. Organizations cannot wait for regulations to catch up; instead, they need to be proactive in establishing robust internal standards that ensure safety.
With over two decades of experience in risk management, incident response, information security, and disaster recovery, Cass is well aware of the complexities involved. He previously held CISO positions at notable companies like IBM, Elsevier, and GSR. He also presides over CISOs Connect, directing peer engagement initiatives, and contributes to the education of future cybersecurity experts as a faculty member in a master’s degree program at Harvard Extension School.
In summary, as agentic AI continues to permeate the financial services sector, the lessons articulated by David Cass serve as essential guidance for navigating the associated risks and challenges. The sophisticated interplay between AI and traditional financial principles necessitates that organizations adopt a proactive and comprehensive approach to risk management. By doing so, they can not only comply with regulatory demands but also maintain their integrity and trust in a rapidly evolving digital landscape.