Ship AI without shipping risk.
C1

Audit-Proofing Your AI Implementation

The directive has come from the top: adopt AI. But for security teams, that raises a harder question: how do you govern it? AI agents are moving faster than humans, they connect to more systems, and they need access that doesn't fit neatly into the identity models you already have. As agents start talking to other agents, the true scope of access multiplies in ways that are hard to see and harder to control.

In this candid conversation, BARR Advisory CEO Brad Thies and C1 CISO Will Bengtson discuss what's the right framework for governing AI agent access — reviewing it, tying it to owners, and putting guardrails in place without blocking the adoption the business is counting on.

What's covered:

  • How to design AI systems with governance built in — not bolted on
  • Where to apply controls to autonomous agents without slowing adoption
  • What auditors are actually looking for when evaluating AI-driven environments
  • How to enforce least privilege when agents need to cross multiple systems to do their job

 

 

About the speakers:

Brad Thies, CEO at BARR Advisory

Brad Thies is the founder and CEO of BARR Advisory, where he leads the organization's global security assessment services including SOC, ISO, PCI, NIST, HITRUST, and HIPAA examinations. Under Brad's leadership, BARR has become one of the most sought-after third-party assessors in the cybersecurity and compliance space, serving companies in the most regulated industries. Brad specializes in helping cloud service providers assess, design, and implement processes and controls to meet customer, regulatory, and compliance requirements.

Will Bengtson, CISO at C1

Will Bengtson is the Chief Information Security Officer at C1, leading the company's security strategy as identity becomes the control plane for the agentic enterprise. He brings over two decades of experience securing cloud platforms, identity systems, and developer infrastructure at global scale. Prior to C1, Will was VP of Platform and Security Engineering at HashiCorp and held senior security and engineering roles at Netflix, Capital One, and Nuna.