Most security playbooks weren’t built for an era where AI moves faster than policy. Rob T. Lee says the default answer of “no” is creating a far bigger problem: shadow AI — widespread, unsanctioned usage that quietly exposes organizations to risk.

Rob T. Lee — Chief of Research & Chief AI Officer at the SANS Institute — joins Wade to unpack pragmatic ways leaders can move forward without breaking things. From the “tinker/hacker” mindset that helps teams learn, to treating security like a lifeguard (not a chokehold), Rob lays out the short, repeatable moves that actually get enterprises experimenting safely: enable small experiments, create accountability partners (not mythical “AI champions”), red-team your integrations, and make governance part of the daily routine.

In this episode you’ll hear:

• Why a blanket “no” to AI creates shadow AI and greater risk.
• How to flip policy toward a cautious “yes” and act like a lifeguard, not a jailer.
• Practical training tactics: 30 minutes a day, micro-projects, and hackathons.
• What good AI governance looks like — rules of acceptable use, vendor checks, red teams, and regulatory thinking.
• Why executives and boards need to be hands-on learners, not just hire an “expert.”
• The origins and purpose of the SANS Secure AI Blueprint and how to use it to align strategy, governance, and operations.

Guest: Rob T. Lee — Chief of Research & Chief AI Officer, SANS Institute