The cyber security industry is going through a necessary reality check. For years, organisations have invested in more tools, more controls, and more people, yet threat volume continues to rise, complexity continues to increase, and security teams remain stretched. Now, with the rapid emergence of AI agents, we are facing a new inflection point. This is not just about technology; it is about how we fundamentally design cyber security as a function.

The question is no longer simply how we defend better. The more important question is how we scale decision-making, judgement, and resilience without proportionally increasing cost and headcount. This is where the role of the Chief Information Security Officer (CISO) fundamentally changes.

What is an AI agent, really?

Before we embed AI into our operating model, we need to be clear about what it actually is.

An AI agent is not a deterministic system. It does not “know” in the way humans assume. It is, at its core, a probability-driven system operating in a complex and often chaotic way, generating outputs based on patterns in data rather than certainty or truth.  Critically, these systems are optimised to produce an answer, and often a useful or positive answer, even when the underlying data is incomplete, ambiguous, or absent. This creates a subtle but important risk. The output can appear coherent, confident, and actionable, even when it is partially or wholly incorrect. This is where many organisations will struggle. The fluency of AI creates an illusion of accuracy. The speed of AI creates an illusion of certainty.

For the CISO, this changes the challenge entirely. It is no longer just about protecting systems and data. It is about governing machine-generated judgement. The question becomes not just what the system did, but how confident we are that it should have done it.

This reinforces a critical principle for the future operating model. AI agents should augment human capability, not replace human accountability. Every organisation must define where human oversight is required, where automation is acceptable, and where decisions must remain firmly in human hands.

From Control Owner to Decision Architect

The CISO of the past was often measured by the strength of controls, the maturity of frameworks, and the robustness of tooling. Success was largely defined by how well security could implement and maintain defensive measures.

Over the next five years, that definition of success will shift. The CISO will instead be measured by their ability to design and operate a cyber security system where humans and machines make better decisions together. This is not about replacing people with AI, but about orchestrating human judgement, machine speed, data intelligence, and operational discipline into a cohesive and effective operating model.

The future CISO becomes an architect of cyber decision-making at scale, responsible for ensuring that every part of the organisation contributes to stronger, faster, and more reliable security outcomes.

A new operating model across the security function

This transformation reshapes every core capability within the security organisation.

In operational security, including the Security Operations Service (SOC), Security Incident Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Endpoint Defence & Response (EDR), and vulnerability management, the model moves away from manual triage toward machine-assisted pipelines. AI agents enrich alerts, prioritise signals, and execute defined playbooks, while human analysts focus on validation, escalation, and strategic tuning. The emphasis shifts from activity to confidence, where the key question becomes how much trust the organisation can place in the decisions being made.

In information security and governance, risk and compliance (GRC), AI accelerates the mapping of policies to controls, supports evidence gathering, and helps maintain alignment with regulatory frameworks and intelligence reporting. However, this introduces a new risk in the form of the illusion of assurance. Well-written outputs and complete documentation can create a false sense of security if the underlying controls are not truly effective. As a result, governance must evolve into a model of continuous, evidence-based assurance grounded in operational reality.

Audit and compliance functions will also evolve from periodic inspection to continuous monitoring. AI can assemble evidence quickly and consistently, but human judgement remains essential to determine whether that evidence is meaningful and aligned to real risk. The role of audit becomes less about collection and more about interpretation and challenge.

Offensive security will become more integrated into the overall operating model. AI enhances reconnaissance, attack simulation, and reporting, but its real value lies in feeding insights back into defensive design. Red teaming and penetration testing will increasingly inform architecture, detection engineering, and control prioritisation, creating a more dynamic and responsive security posture.

In training and awareness, the opportunity for transformation is significant, but so is the risk of continuing ineffective approaches. AI can personalise training and simulate attacks at scale, but without addressing underlying human behaviour, its impact will be limited.

Data security becomes central rather than peripheral. As AI systems consume, generate, and expose data in new ways, the importance of classification, lineage, access control, and governance increases significantly. Protecting data is no longer just about compliance; it is fundamental to maintaining trust and control in an AI-enabled environment.

Threat intelligence will become more operationalised, with AI accelerating the collection and analysis of information. However, the true value lies in context: understanding what is relevant to the organisation, its sector, and its geopolitical environment. Intelligence must drive decisions, not just inform them.

Incident response will remain inherently human at its core. While AI can assist with investigation, correlation, communication and containment, leadership during a crisis cannot be automated. We may even be able to create Real Time Defence Agents to combat an attack by predicting where in the kill chain a piece of malware is heading and contain it by pre-empting it or even deleting it. This could push towards Adaptive Immune Agentic Systems across the IT estate for self-healing. Decision-making under pressure, coordination across the business, and clear communication remain critical human responsibilities.

Data security: Beyond protection to business survival

As organisations become more data-driven and AI-enabled, the scope of data security must evolve. Traditionally, data protection has focused heavily on personal data, driven by regulatory requirements such as GDPR. While this remains critically important, it represents only part of the overall risk landscape. Data protection should be viewed as a subset of a broader discipline: data security. The convergence of these two areas is inevitable. Organisations must recognise that while personal data carries regulatory and reputational risk, business data and operational data are often far more critical to the day-to-day functioning and survival of the organisation. This includes intellectual property, financial models, operational processes, system configurations, supply chain data, and decision-making datasets. Loss, manipulation, or exposure of this data can disrupt operations, impact revenue, and undermine strategic advantage.

In an AI-driven world, this becomes even more significant. AI systems rely on large volumes of data to function effectively. If that data is incomplete, biased, manipulated, or exposed, the outputs and decisions derived from it will also be compromised.

A further emerging risk is data poisoning and the integrity of the data feeding AI and large language model (LLM)-driven systems. Adversaries can deliberately manipulate training data, input streams, or contextual datasets to influence outputs, degrade model performance, or introduce subtle but harmful biases. As organisations increasingly rely on AI for decision-making, the CISO role must expand to include monitoring and assurance of these models. This includes validating data sources, detecting anomalies, ensuring data lineage is trusted, and implementing controls to monitor how LLMs behave in production environments. The future CISO will therefore have a direct role in governing not just data at rest or in transit, but data as it is interpreted and used by intelligent systems.

The future CISO must take a holistic view of data, ensuring that protection, governance, quality, and accessibility are managed together. Data security is no longer just about preventing breaches; it is about ensuring the integrity and reliability of the organisation’s decision-making foundation.

People, skills and mindset: The real transformation

Across all of these areas, the transformation is ultimately driven by people, skills, and mindset.

The future is not defined by significantly larger teams, but by smarter teams augmented by AI. Routine and repetitive tasks will increasingly be handled by machines, allowing humans to focus on higher-value activities such as prioritisation, exception handling, and strategic decision-making. The responsibility of the CISO is to redesign how work is done, rather than simply increasing capacity.

The required skill set will expand beyond traditional cyber security expertise. Professionals will need to understand how to work effectively with AI agents, how to structure prompts and workflows, and how to interpret and challenge data-driven outputs. Data literacy becomes as important as technical knowledge, and the ability to translate information into intelligence becomes a defining capability.

Mindset is perhaps the most critical factor. Security teams must develop a culture of curiosity, scepticism, and evidence-based thinking. AI systems are probability engines, not sources of truth. Outputs must be questioned, validated, and understood within context. Blind trust in automation represents a significant risk, and the discipline to challenge machine-generated conclusions becomes essential.

The hard truth about human behaviour

There is, however, one area where technology, including AI, may not provide the answer.

Despite years of investment in awareness programmes, phishing simulations, and communication campaigns, organisations continue to face the same issue. People still click on malicious links. This is not simply a failure of training or awareness. It reflects a deeper issue that has not been fully addressed. Most programmes focus on instructing individuals on what to do, but they do not sufficiently address why people behave the way they do.

Individuals operate under pressure, deal with high volumes of information, and rely on patterns and trust to make rapid decisions. They are influenced by authority, urgency, and familiarity, often acting quickly rather than reflectively. These are natural human behaviours, not weaknesses that can be eliminated through instruction alone.

The introduction of AI may exacerbate this challenge. Attackers can now create highly convincing, personalised, and context-aware messages that exploit human behaviour more effectively than ever before. As a result, traditional awareness approaches risk becoming less effective over time.

Rethinking awareness: From compliance to behavioural security

Training and awareness must therefore evolve beyond compliance-driven models.  It is necessary to shift towards an approach that considers behavioural science and organisational design. This means understanding the conditions under which people make decisions, reducing cognitive overload, and designing systems where secure behaviour is the natural and easiest choice. Rather than relying solely on individuals to detect and prevent threats, organisations should focus on removing unnecessary decision points and embedding security into workflows. This requires collaboration across disciplines, including cyber security, psychology, and business operations.

The goal is not just to educate users, but to create an environment in which secure behaviour is consistently reinforced and supported.

The CISO of the future

The role of the CISO is not diminishing; it is expanding in scope and importance. The future CISO will act as an architect of human and machine collaboration, a translator of technical risk into business impact, and a designer of operating models that enable resilience at scale. The role will increasingly involve shaping organisational culture and influencing behaviour, rather than focusing solely on technology.

Success will be measured not by the number of tools deployed or alerts processed, but by the quality of decisions made, the resilience of the organisation under pressure, and the ability to scale security effectively without increasing complexity.

Final thought

AI will transform cyber security, but it will not solve it. If anything, it raises expectations and increases the importance of strong leadership and sound judgement. In a world where machines can act and analyse at speed, the true differentiator becomes the human ability to think critically, challenge assumptions, and make informed decisions.

That is the future of the CISO.