Why do most AI security strategies fail in the midmarket? In this episode of The ITSM Practice Podcast, we explore why successful AI security is not about buying more AI tools but about building the right foundation first. Learn how identity management, telemetry quality, governance, and operational maturity determine AI security success. We discuss AI readiness, MSSP evolution, cybersecurity automation, SOC transformation, and practical AI security roadmaps for midmarket organizations. Discover why AI augments security teams rather than replacing them and how organizations can achieve sustainable cyber resilience through proper sequencing.

In this Episode, We Answer:

Why do most AI security initiatives fail in midmarket organizations despite significant investments in AI-powered cybersecurity tools?

How do identity management, telemetry quality, and governance impact AI security readiness and operational resilience?

What should MSPs and MSSPs prioritize over the next 2–3 years to build effective AI security strategies and support midmarket clients?

Resources Mentioned in this Episode:

SailPoint website, ebook "Identity as the foundation: The modern zero trust blueprint for 2026", link https://www.sailpoint.com/identity-library/identity-security-essential-to-zero-trust-strategy

Xage Security website, article "Zero Trust: A Proven Solution for the New AI Security Challenge", link https://xage.com/blog/zero-trust-proven-solution-for-the-new-ai-security-challenge/

Checkpoint website, article "How AI Phishing Attacks Became A Threat in 2025", link https://www.checkpoint.com/cyber-hub/threat-prevention/what-is-phishing/ai-phishing-attacks/

EC-Council website, article "The Rising Threat of AI-Powered Phishing: What it is, How to Detect it, and How to Prevent it", link https://www.eccu.edu/blog/ai-powered-phishing-detection-prevention/

Your Alaska Link TV YouTube Channel, video "Hackers use AI to boost cyber scams and attacks", link https://www.youtube.com/watch?v=hRJqRFj0kRQ

Microsoft Mechanics YouTube Channel, video "AI with Zero Trust Security", link https://www.youtube.com/watch?v=OnlN-2Q5QsE

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

Are modern enterprises losing control of their architecture? In this episode, Luigi Ferri explores why cloud adoption, outsourcing, SaaS expansion, and fragmented governance are creating hidden dependencies and increasing operational risk. Discover how the Department of Defense Architecture Framework (DoDAF) offers valuable lessons for improving architectural visibility, governance, resilience, and enterprise-wide coordination in today's complex digital ecosystems.

In this episode, we answer to:

Why are modern enterprises losing architectural ownership and visibility across complex digital ecosystems?

How can the Department of Defense Architecture Framework (DoDAF) help organizations manage complexity, interoperability, and governance?

Why do modern outages and operational failures increasingly result from undocumented dependencies and architectural blind spots rather than individual system failures?

Resources Mentioned in this Episode:

US DoDAF Official Documentation, Department of Defense Architecture Framework (DoDAF) Version 2.02, link https://dodcio.defense.gov/Library/DoD-Architecture-Framework/

TOGAF® Enterprise Architecture Framework, TOGAF® Standard, link https://www.opengroup.org/togaf

NIST Cybersecurity Framework (CSF) 2.0, link https://www.nist.gov/cyberframework

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

AI is changing cybersecurity faster than most organizations can govern it.

In this episode of The ITSM Practice Podcast, Luigi Ferri explores why identity has become the true enterprise perimeter. As organizations race to deploy Agentic AI, autonomous agents, cloud platforms, and APIs, many are building on identity governance models that were never designed for machine-scale decision-making.

From Zero Trust Architecture and Identity & Access Management (IAM) to the lessons behind major breaches at MGM, Snowflake, and Uber, this episode examines a critical question:

If enterprises struggled to govern human identities, how will they govern autonomous AI identities?

Discover why AI governance without identity governance is impossible, why identity is evolving into the operational control plane of digital business, and what CIOs and CISOs must do before AI adoption outpaces organizational control.

In this episode, we answer:

Why is identity becoming the new perimeter in the age of AI?

What risks emerge when autonomous agents operate without strong identity governance?

How can organizations redesign trust before AI scales faster than governance?

Resources Mentioned in this Episode:

NIST website, Zero Trust Architecture (SP 800-207), link https://csrc.nist.gov/pubs/sp/800/207/final?

NIST website, AI Risk Management Framework, link https://www.nist.gov/itl/ai-risk-management-framework

European Commission website, EU AI Act, link https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai

Dark Reading website, article "Okta Agent Involved in MGM Resorts Breach, Attackers Claim", link https://www.darkreading.com/application-security/okta-flaw-involved-mgm-resorts-breach-attackers-claim

Cyberark website, article "The MGM Resorts Attack: Initial Analysis", link https://www.cyberark.com/resources/blog/the-mgm-resorts-attack-initial-analysis

Blackfog website, article "Showflake Data Breach Explained", link https://www.blackfog.com/snowflake-data-breach-explained-key-lessons/

Cloud Security Alliance website, article "Unpacking the 2024 Snowflake Data Breach", link https://cloudsecurityalliance.org/blog/2025/05/07/unpacking-the-2024-snowflake-data-breach

USA CISA website, article "Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester", link https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-320a?

USA CISA website, advisory on MFA fatigue and modern identity attacks, link https://www.cisa.gov/news-events/alerts/2022/10/31/cisa-releases-guidance-phishing-resistant-and-numbers-matching-multifactor-authentication

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya