As an Advisory Board member for the upcoming event, The AI Summit at Black Hat USA, Nathan brings nearly 25 years of cybersecurity experience to the table, offering valuable insights on the current state and future of AI in security. 

The AI Summit Series: What drew you to join The AI Summit at Black Hat USA as an Advisory Board member?

NH: My interest comes from trying to help shape the content for attendees. Black Hat events are very applied and practical. Providing high-quality content for attendees is a critical component, and I was hoping I could provide some help and perspective to shape that content.

The AI Summit Series: What are you hoping attendees will take away from the event?

NH: A better understanding of where things actually are. Most people in the space are just trying to figure out the realities on the ground. By seeing content and having discussions with fellow attendees and presenters, you get a better understanding than you would from social media posts or marketing claims. It's always best to talk with people who are struggling with the same things you are.

The AI Summit Series: Why should cybersecurity professionals attend The AI Summit at Black Hat?

NH: There's a lot of hype and confusion around where certain tools work and where they don't. At Black Hat events, you're talking to people who have struggled with the same things and can provide unique perspectives. The networking aspect is almost as important as the content - being able to connect with attendees and presenters, ask additional questions, and foster new conversations.

The AI Summit Series: You've been in cybersecurity for nearly 25 years. What's the most fascinating shift you've seen in how AI is changing the security landscape?

NH: When I first started in cybersecurity, there was no AI per se. As years progressed, we got more traditional machine learning and then deep learning, applied to things like malware detection or looking for anomalies in logs. These tools have always been focused on defense for the most part.

What's interesting in the past year is there have been experiments applying AI to more offensive use cases, like looking for vulnerabilities in source code or running applications. But the biggest shift isn't in the usage of AI- it's in the vulnerabilities and exposures these systems create when you adopt them. We're not used to having systems that can be talked into taking actions the developers didn't intend. We're willing to trade away a lot of security and we're not really quite sure what the benefits are yet.

The AI Summit Series: What AI cybersecurity risks are you seeing that most organizations might be completely unprepared for?

NH: One big issue is that the hype around generative AI has driven many product vendors to incorporate it into their products without mitigating the risks. This means products that organizations adopt may expose them in unexpected ways. Generative AI functionality might be exploited to provide unauthorized access to data or manipulate business decisions.

There are also data aspects to consider. You have to count on third parties to properly store your data, and there's a tendency to log transactions to improve systems, which may put sensitive data in unexpected locations. The vendor might also use your data to train their AI models, which opens your organization to different risks.

The AI Summit Series: You've created something called the SPAR framework. Could you tell us about that?

NH: I created SPAR, which stands for Security, Privacy, Alignment and Reliability. These are the core safety attributes that must be present for any of these systems to be considered safe to use. If the product isn't secure, it's not safe to use. If it doesn't respect your privacy, it's not safe to use. If it isn't aligned to your best interests, it's not safe to use. And if it's not reliable, it's not safe to use either. Combining these four attributes gives you a better understanding of how to think about these tools in context.

The AI Summit Series: What practical steps should security teams take today to prepare for AI challenges?

NH: It's really about going back to basics. First, you need to have an application inventory—you can't protect what you don't know about. Second, you need to have an application or product security program in place. The adoption of AI-powered software can amplify and expose vulnerabilities, even ones you didn't have before. Most of AI security is just application and product security. An AI model does nothing on its own; it needs to be integrated into an application, and that's where the risks emerge.

The AI Summit Series: Can you tell us about your upcoming session at The AI Summit at Black Hat USA?

NH: Our presentation is about the vulnerability research we did on AI-powered developer productivity tools. We cover how there's been a cultural shift where people are willing to accept a monumental amount of risk to implement AI tools. When you have a non-deterministic system combined with deep access and extended permissions, vulnerabilities become far worse.

The subtitle of our talk is "Owning AI-powered Tools with Old School Vulnerabilities." Pretty much all of our use cases didn't use prompt injection - we were exploiting the systems through different methods. All these old vulnerabilities are back with a vengeance. It's fascinating to see people applaud organizations like CISA who are pushing for memory-safe languages to prevent remote code execution, and then applaud products that are basically remote code execution as a service.

The AI Summit Series: Besides your own session, what are you most looking forward to at the event?

NH: Ali Miller's session on AI and fraud is a topic I don't spend a lot of time on but am very interested in. Beyond that, I'm looking forward to networking with people and hearing about their experiences. The best way to keep up to date is to learn from others—when you get all these different opinions and experiences together, it really informs your perspective on the topic.

The AI Summit Series: What advice would you give to someone just starting their career at the intersection of AI and cybersecurity?

NH: The best thing somebody who's just starting out can do is to use the tools. Go out and put your hands on the keyboard and actually use the tools people are talking about. When you actually use them instead of just talking about them, it gives you a unique perspective. You learn what the tool is good at and what it's not good at. From a security perspective, learning what things are not good at is a doorway to finding security issues with them.

The AI Summit Series: Which AI and cybersecurity skills do you think will be most valuable over the next three to five years?

NH: This is hard to say because the interfaces we have today may very well change in this time frame. The chatbot-style interface common today may transform as things start getting backgrounded. As an offensive security researcher, my bias leans toward attacking AI implementations, and it's unlikely in the next few years that all these vulnerabilities will be mitigated. So people will always need the ability to understand these systems and test them for security issues. If I had to bet on one skill area, I would bet on the offensive side today.

The AI Summit at Black Hat USA is your gateway to mastering the dual edged sword of AI and cybersecurity. Taking place on August 5 2025, this groundbreaking event brings together two pivotal forces shaping today’s technology landscape – artificial intelligence and cybersecurity – for an unmissable day of insights, innovation, and strategy. 

Explore your pass options here