Home Insights PodcastsEpisode 185: AI Prompt Injection from a Risk Perspective

Episode 185: AI Prompt Injection from a Risk Perspective

In episode 185 of Cybersecurity Where You Are, Sean Atkinson sits down with Brian Calkin, Chief Technology and Innovation Officer at the Center for Internet Security^® (CIS^®); Theodore "TJ" Sayers, Senior Director of Threat Intelligence at CIS; and Kyle Leonard, Cyber Threat Intelligence Analyst at CIS. Together, they use a risk perspective to discuss artificial intelligence (AI) prompt injection and how to defend against it.

Here are some highlights from our episode:

00:49. A definition of AI prompt injection for businesses and executives
02:16. Brian on his role of guiding AI implementation at CIS
03:12. Understanding the urgency surrounding AI prompt injection as a security risk
05:32. Signals and trends indicative of threat actors attempting to weaponize prompt injection
07:10. How AI prompt injection differs from traditional input validation vulnerabilities
11:13. Early indicators that cyber threat intelligence (CTI) teams can monitor
15:00. The need to treat AI as a new identity in any enterprise implementation strategy
17:10. Understanding the difference: AI safety vs. AI security
20:36. Foundational, practical AI security that extends across all sectors
24:55. How CIS manages risk and supports the opportunity around the use of AI
28:25. The long-term promise of AI-driven vulnerability discovery grounded in fundamentals
34:48. Recommendations for piercing through the marketing hype surrounding AI

Resources

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

Subscribe to Our Podcast

As of June 23, 2025, the MS-ISAC has introduced a fee-based membership. Any potential reference to no-cost MS-ISAC services no longer applies.