All articles
    GTM Hot Takes

    What a CISO Actually Does in 2026 (In Practice, Not in Theory)

    Sorina Weber
    Sorina Weber·GTM Builder · Mother of Agents·April 15, 2026
    What a CISO Actually Does in 2026 (In Practice, Not in Theory)

    TL;DR

    • The CISO used to protect the perimeter. Now they govern autonomous decision-makers operating inside it.
    • Agents have credentials, session tokens, and production access. They aren't users. There's no HR file, no onboarding, no offboarding.
    • Blast radius mapping, reasoning-trace audit logs, and vendor risk for MCP servers are all new jobs with no standard questionnaires yet.
    • Classic incident response assumes a human did something. An agent executing 4,000 actions per minute before anyone notices is a different category.
    • The CISOs who figure out Human-In-The-Loop architecture as a security primitive become strategic. The ones who don't become the blocker everyone works around.

    I don't envy CISOs right now. Their job in 2026 isn't on any job description I've seen. Here's what it actually looks like in practice.

    Identity & Access for Non-Human Agents

    Agents aren't users. They don't have HR files. But they have credentials, session tokens, and access to production data. The CISO has to build an identity layer for things that have never had one.

    I've personally done research on this trying to manage my own agent swarm and all their logins. It's frankly the part I hate most about running agents. If I could have a Login Central product that solved that, it would make everything faster. I'm constantly sure there are better ways to solve central logins. If you know one, please advise.

    Blast Radius Mapping

    Every agent that can execute code, call an API, or write to a database is a potential incident. The CISO has to map it: if this agent goes wrong, what does it touch?

    Permissions scoped to the task, not the user, is the policy answer. Enforcing it at the infrastructure level is the CISO's job.

    Audit Trails That Actually Work

    Transparent reasoning the operator can audit requires logs that are legible to humans after the fact. Not just API call logs. Reasoning traces. Decision chains.

    SOC2 and ISO27001 reviewers are already asking for these. Nobody has a clean template yet.

    Vendor Risk for Every MCP Server

    When your product integrates 12 MCP servers, each one is a third-party risk vector. The CISO now has to run vendor assessments on tools that didn't exist 18 months ago, with no standardized security questionnaire.

    I don't envy them. They get all the negativity from colleagues who want to deploy agents fast. But trust needs a CISO. Fair enough.

    Data Governance for Agent Memory

    Agents that remember context across sessions are storing data somewhere. Where? For how long? Under what retention policy? GDPR doesn't care that it's an agent. The CISO does. Or should.

    Incident Response Redesign

    Classic IR assumes a human did something. An agent executing 4,000 actions per minute before someone notices is a different category of incident. Playbooks need rewriting from scratch.

    Board-Level Communication

    The CISO in an agent-era transition has to translate agent risk into language a board understands. Without catastrophizing it into 'we can't ship' or minimizing it into 'we've got it handled.' That's harder than the technical work.

    The bottom line

    The CISO used to protect the perimeter. Now they have to govern autonomous decision-makers operating inside it.

    The ones who figure out Human-In-The-Loop architecture as a security primitive, not a UX feature, are the ones who become strategic. The ones who don't become the blocker everyone works around. Ouch.

    Related articles

    A top Deel AE just got 750 accounts. Here's the 6-agent stack I'd build him.
    AI Agents for Sales

    A top Deel AE just got 750 accounts. Here's the 6-agent stack I'd build him.

    Every AI company is selling a way to make the AE disappear. The best AEs want the opposite — the research to disappear, so they can live on the phone. Here's the 6-step territory plan and the 6 agents that would run it for roughly $200 a month.

    Sorina WeberSorina Weber·Apr 24, 2026
    An AI analyst for Google Analytics, SEO, and AEO — in my inbox every Monday
    GTM Hot Takes

    An AI analyst for Google Analytics, SEO, and AEO — in my inbox every Monday

    Most GA4 dashboards are graveyards. So I built an agent that reads Google Analytics, Search Console, and HubSpot every week, filters through my ICP and my own site, and emails me a one-page take. Here's what it sends, and what changes when you plug this into your marketing + GTM team's Monday.

    Sorina WeberSorina Weber·Apr 16, 2026
    EU-Compliant AI Automation: AWS Bedrock, Google Vertex AI, and Why the Objection Is Gone
    AI Automation Builds

    EU-Compliant AI Automation: AWS Bedrock, Google Vertex AI, and Why the Objection Is Gone

    How to run Claude or Gemini on EU infrastructure, stay GDPR-compliant, and automate your entire prospecting motion for less than a coffee per day.

    Sorina WeberSorina Weber·Mar 23, 2026