Live at #RSAC 26 with James Stanger

James Stanger of CompTIA addressed the RSAC 2026 audience, outlining a three‑part framework he calls the cyber security AI trifecta. He emphasized that the first priority is safeguarding the AI models and data pipelines themselves, a step often overlooked as organizations rush to adopt generative tools. The second pillar focuses on operational efficiency, where AI augments traditional activities such as penetration testing and threat‑intelligence analytics, delivering faster, more accurate results. The final component is governance—establishing policies, audit trails, and compliance checks that can keep pace with rapid AI deployment. Stanger highlighted CompTIA’s SEC AI Plus program as a practical guide for implementing this trifecta, and announced a follow‑up session with Patrick Johnson on avoiding back‑tracking during AI integration. Notable remarks included, “2026 is the year good organizations are going to clean up and figure out their processes,” and “protecting AI itself is the first flag to raise.” He underscored that without solid process hygiene, AI initiatives risk amplifying existing security gaps. The implications are clear: firms must first harden their AI assets, embed automation into core security workflows, and codify governance before scaling AI. Those that master this sequence will gain a competitive edge, while laggards risk regulatory penalties and heightened breach exposure.