HomeInsightsWebinarsFrom Prompts to Protocols: The Security Blueprint for Enterprise AI

From Prompts to Protocols: The Security Blueprint for Enterprise AI

Wednesday, May 13, 2026 | 1:00 P.M. ET

Artificial intelligence (AI) is reshaping the enterprise, and security teams are being asked to keep pace with models, agents, and tool‑integrated workflows that evolve faster than traditional controls can respond. As organizations adopt AI across critical systems, the need for clear, actionable, and standards-aligned guidance has never been greater.

"From Prompts to Protocols: The Security Blueprint for Enterprise AI" introduces a practical, evaluable framework for securing AI systems across the full stack. Developed by the Center for Internet Security® (CIS®) in partnership with Astrix Security and Cequence Security, this guidance extends CIS Critical Security Controls® (CIS Controls®) v8.1 into three focused companion guides covering Large Language Models (LLMs), AI Agents, and the Model Context Protocol (MCP). Together, they give enterprises a structured way to understand, assess, and secure AI as it becomes embedded in everyday operations.

By attending this webinar, you’ll learn:

  • How to secure each layer of the AI stack, including model behavior, agent reasoning and autonomy, and the protocol boundaries where tools, resources, and prompts are exposed
  • How to apply least privilege, guardrails, and configuration governance to reduce risks like data leakage, retrieval poisoning, tool misuse, and unsafe autonomy
  • How to evaluate and operationalize the three CIS AI Companion Guides, giving your team a clear roadmap for securing everything from simple chatbots to complex, tool‑driven autonomous workflows

Whether you’re deploying internal copilots, experimenting with local models, building agentic automation, or assessing third‑party MCP servers, this session will help you turn AI security from an open question into a repeatable practice.

 

Register

About Our Presenters

Jonathan Sander
Field CTO of Astrix Security

Sander_Jonathan_headshotJonathan Sander has been working in IT since 1996 and focusing on Identity and Security since 2004. Whether it’s clarifying compliance and regulations for engineers or technical architectures for executives, his focus has been simplifying the translating complex ideas with analogies. Sander joined Astrix as their first Field CTO in 2025. He also currently serves as an Executive Board Member at ALTR and an Executive Advisor at Myota. Recently, Sander served as the Lead Sales Engineer at Talon (now part of Palo Alto) and was the founding member of the Security Field CTO team at Snowflake.

Shreyans Mehta
Chief Technology Officer and Co-Founder at Cequence Security

Meta_Shreyans_headshotShreyans Mehta is an innovator in network security and holds several patents in the field. Before co-founding Cequence Security, he was Architect and Technical Director at Symantec, where he led the development of advanced network security platforms and intrusion prevention technologies based on real-time packet inspection and cloud-based big data analytics. It’s now responsible for detecting more than half of the billions of threats that Symantec identifies every year. Prior to Symantec, Shreyans held senior software engineering roles at VPN Dynamics, Microsoft, and Wipro Limited. Shreyans has a master’s in computer science from the University of Southern California.

Valecia Stocchetti
Senior Cybersecurity Engineer of the CIS Controls at CIS

Headshot of Valecia StocchettiValecia Stocchetti is a Senior Cybersecurity Engineer at the Center for Internet Security® (CIS®). As a member of the CIS Critical Security Controls® team, she has led multiple projects, including the CIS Community Defense Model (CDM) v2.0, the CIS Risk Assessment Method (CIS RAM) v2.1, as well as multiple Living off the Land (LotL) guides. Most recently, Stocchetti was one of the principal authors of the Blueprint for Ransomware Defense.

Prior to joining the CIS Controls team, she led the Computer Incident Response Team (CIRT) at the Multi-State Infrastructure Information Sharing and Analysis Center® (MS-ISAC®). While managing CIRT, Stocchetti spearheaded multiple forensic investigations and incident response engagements for the MS-ISAC’s U.S. State, Local, Tribal, and Territorial (SLTT) community.

Stocchetti came to CIS from the eCommerce field, where she worked complex financial fraud cases. She holds multiple certifications, including GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), and GIAC Security Essentials Certification (GSEC). Stocchetti earned her Bachelor of Science degree in Digital Forensics from the University at Albany, State University of New York. She is currently pursuing a master’s degree in Information Security at Champlain College.

Andrew Dannenberger
Product Support Specialist II at CIS

Andrew Dannenberger headshotAndrew Dannenberger is a Technical Product Support Specialist and AI Standards professional at the Center for Internet Security (CIS), where he focuses on AI standards and guidance for the CIS Benchmarks and CIS Controls. In this role, he tracks emerging AI technologies and threat trends, coordinates with internal subject matter experts to ensure consistency across CIS publications, and supports AI enablement efforts through training development and working sessions. Andrew has led cross-functional AI initiatives at CIS, developed AI-powered tools, and served as a consultant on AI topics to CIS leadership. Prior to CIS, he served as a Senior Training and Development Specialist with Raytheon in Afghanistan, where he developed and led English language training programs in support of NATO and U.S. Department of Defense missions. Andrew holds a Bachelor of Applied Science in Cybersecurity and Forensics from Highline College as well as a Bachelor of Arts in International Studies and Political Science from Virginia Military Institute.

Charity Otwell
Director of CIS Critical Security Controls at CIS

Charity Otwell headshotCharity has nearly 20 years of experience in the financial services industry and has built and led various programs such as Business Continuity, Disaster Recovery, Technology Governance, and Enterprise Architecture in a highly Regulated environment. Before coming to CIS, Charity was a GRC champion and practitioner with a focus on risk assessment, process optimization, process engineering, and best practice adoption for a top 50 bank within the United States. She also helped manage the relationship with federal regulators and the management of federal regulatory exams. She completed undergraduate and graduate studies in Birmingham, AL, and holds multiple industry certifications.

 

  
Register
Register