This week, AWS announced to its staff that there would be a new vice president in town: Chet Kapoor was joining the tech giant’s cloud arm to oversee security services and observability in direct response to AWS’s concern that “AI is completely changing what is possible and what is needed in this area.”
On the face of it, the appointment seems routine, especially considering the scale of AWS’s operations and its reported base of approximately 143,000 employees. But, notably, the new role comes with an elevated degree of seniority, reporting directly to the CEO and working alongside CISO Amy Herzog, as opposed to under her. While many enterprises have been exploring a more horizontal hierarchical structure in what’s been termed The Great Flattening, this new job has prompted a new question: What does it look like to be responsible for AI security? And who within the organization is ultimately accountable?
“AI expands the attack surface and the CISO/CIO mandate,” said Diana Kelley, CISO at Noma Security. “Right now, the scope of AI security is so specialized that expecting CISOs to absorb it entirely under existing structures is a big leap.”
Fixing a Problem vs. Getting Ahead of Threats
The general reaction from IT leaders to the AWS hire is positive, with several CISOs describing it as a sign that the company is taking AI threats seriously and is committed to building operations that work within established guardrails. Rather than being a move to fix a specific flaw in security, executives said it is part of an ongoing investment in healthy cybersecurity practice — one that must now grapple with an entirely new threat in the form of AI-supported attacks.
Dan Lohrmann, field CISO for public sector at Presidio, noted that AWS has taken “many positive steps” to secure its systems, data, and networks, adding that the explosion of AI use demands new vigilance.
“As we move forward into 2026, the breadth and depth of AI opportunities, products, and threats globally present a paradigm shift in cyber defense,” Lohrmann said. He added that he was encouraged by AWS’s recognition of the need for additional focus and attention (and staffing) on these cyberthreats.
Edward Liebig, CEO of Yoink Industries and founder of OT SOC Options, agreed. He described the move as not just “smart and overdue,” but also an inevitable evolution in cybersecurity management now that AI has entered the field.
“AWS isn’t just filling a position; they’re formalizing a new layer of accountability,” Liebig said. “It’s the clearest sign yet that AI security is no longer an experimental discipline but a core operational requirement.”
Overwheming Pressure on CISOs
Indeed, the AWS hire reflects a broader ripple in the market: Enterprises across industries are acknowledging that AI — and particularly agentic AI — isn’t solely being used for positive ends. It is also being wielded maliciously and relentlessly by threat actors.
“Agentic AI attackers can now operate with a ‘reflection loop’ so they are effectively self-learning from failed attacks and modifying their attack approach automatically,” said Simon Ratcliffe, fractional CIO at Freeman Clarke. “This means the attacks are faster and there are more of them … putting overwhelming pressure on CISOs to respond.”
Lohrmann said he believes current cybersecurity models simply aren’t adequate to meet this new species of threat, especially now that they are coming at unprecedented speed. He recommended an entire system update, one that will continue to pose challenges over the next few years. Kelley, on the other hand, said she believes that while traditional measures remain “foundational,” they also need to be supplemented with AI-specific approaches.
“Zero trust, least privilege, and defense in depth — they were built for deterministic systems. AI breaks that paradigm,” she said. Models make probabilistic decisions; they learn from data that may be opaque, and their “attack surface” isn’t limited to code or APIs, she explained.
“What we need now is AI-aware security governance: a fusion of traditional controls with discovery, inventory, and continuous monitoring of AI assets,” Kelley said.
It may only be a few years down the road before IT leaders uncover the most effective approach to combat AI attacks. What is clear is that whichever strategy an organization pursues, there is a lot of work to be done. So who takes that responsibility on?
The Accountability Question
Prior to AI entering the field at scale, CIOs and CISOs were the established owners of enterprise technology and security. Executives in these roles are often the first to acknowledge that cybersecurity now requires entirely new approaches — and potentially new skill sets.
Before the AWS announcement, there were already some high-profile new roles being created around AI management, such as chief AI officer. But this specific vice president role at AWS — and its position within the broader structure — reflects a shifting perspective on who should be owning the AI element of cybersecurity. Can — and should — the CIO or CISO be expected to take this on themselves?
Kelley said she is confident the CISO has the crucial role to play, as long as it is reshaped with key understandings in mind.
“I think the CISO’s role will evolve to meet the broader governance ecosystem, bringing together AI security specialists, data scientists, compliance officers, and ethics leads,” she said, adding cybersecurity’s mantra that AI security is everyone’s business.
“But it demands dedicated expertise,” she said. “Going forward, I hope that organizations treat AI governance and assurance as integral parts of cybersecurity, not siloed add-ons.”
Lohrmann said he sees a future that shares cybersecurity responsibility across both CISO and AI-specific roles. Some enterprises may divide the responsibilities among multiple leaders, splitting the security of products and services from the security of their networks and staff.
In Liebig’s opinion, the future of cybersecurity leadership looks less hierarchical than it does now.
“As for who owns that risk, I believe the CISO remains accountable, but new roles are emerging to operationalize AI integrity — model risk officers, AI security architects, and governance engineers,” he explained. “The CISO’s role should expand horizontally, ensuring AI aligns to enterprise trust frameworks, not stand apart from them.”
It’s Ratcliffe who remains the most convinced of the CISO’s role and responsibility, within the context of the AI threat. To him, creating new roles is the wrong track to take altogether, he explained. Instead, it’s about fighting AI with AI.
“Adding a person against the machines that are attacking is not really going to make much difference,” he said. “It means the CISOs need to adopt AI themselves to fight back. The only thing that will stop AI is AI on the other side.”
