ClearTech Loop: In the Know, On the Move

Mustapha Kebbeh: The CISO’s Role in AI Is to Lead the Risk Conversation

January 13, 2026

The CISO’s Role in AI Risk Leadership | Mustapha Kebbeh image

Episode Summary: The CISO’s Role in AI Is to Lead the Risk Conversation

AI adoption is accelerating across the enterprise, often faster than governance and risk models were designed to support. Boards want innovation. Business leaders want speed. Security teams are expected to manage risk in environments where the technology itself is still evolving.

In this ClearTech Loop episode, Jo Peterson sits down with Mustapha Kebbeh, Chief Security Officer at UKG, to discuss why the CISO’s role in AI is not to block innovation or own governance outright, but to lead the enterprise risk conversation that enables informed decision making.

🎧 Listen to the full episode https://www.buzzsprout.com/2248577/episodes/18497498

📬 Stay in the Loop subscribe for new episodes https://www.linkedin.com/newsletters/7346174860760416256/

Market Perspective

“Every cyber program is going to have risk.”

— Mustapha Kebbeh

This edition is framed through risk leadership, an operating mindset where CISOs help the business understand what is being protected, why it matters, and what level of risk is being intentionally accepted as AI adoption accelerates.

Rather than treating AI governance as a policy exercise, this lens positions security leaders as partners in innovation, embedded early to ensure resilience and continuity.

Three Market Signals

Risk leadership replaces control ownership

“But the most important piece in my mind is what is it that you are protecting.”
— Mustapha Kebbeh

AI does not introduce entirely new categories of risk. It accelerates existing ones. Data exposure, privacy, operational dependency, and business disruption all scale faster as AI is introduced. The CISO’s role is to help leaders understand those risks in business terms, not to attempt to eliminate uncertainty.

Governance fails without early participation

“The reason that’s really important is everything that touches data creates a risk management program.”
— Mustapha Kebbeh

When security teams stay on the sidelines of AI experimentation, governance becomes reactive. Effective AI governance requires early involvement, clear guardrails, and shared ownership across security, legal, product, engineering, and executive leadership.

Informed decisions matter more than perfect controls

“Am I investing in the right risk.”
— Mustapha Kebbeh

Governance works when it enables informed decision making. When policies are written after deployment, organizations are left documenting failure instead of guiding outcomes. Clear risk conversations early allow innovation to move forward within understood boundaries.

What You Will Learn

Why AI governance is fundamentally a risk leadership issue

How the CISO role is evolving as AI accelerates enterprise risk

Why early security involvement supports innovation rather than slowing it

How shared ownership improves governance outcomes

Why understanding risk matters more than attempting to eliminate it

My Take: AI Governance Through the Lens of Risk Leadership

This conversation highlights a quiet but important shift in the CISO role.

AI governance is not about controlling technology. It is about helping the business make informed choices it can support, defend, and recover from. Risk leadership shows up early, before decisions are locked in and before exposure becomes unavoidable.

As AI adoption accelerates, the organizations that succeed will be the ones where CISOs are embedded in innovation conversations, not brought in after the fact to manage the consequences.

About the Guest: Mustapha Kebbeh

Mustapha Kebbeh is Chief Security Officer at UKG, where he leads global cybersecurity strategy, enterprise risk management, and architecture supporting more than 75,000 employees worldwide.

He has held senior security leadership roles at Brink’s, IBM, Vodafone, and CompuCom, and is known for building large scale security programs that balance governance, resilience, and business growth. He also serves as a CISO Executive Governing Body Member and Co Chair with Evanta, a Gartner company.

Additional Resources

Webinar Replay: Building Trust Through Enhanced Security Measures: https://www.ukg.com/learn/resources/webinar-replay/building-trust-through-enhanced-security-measures

Gartner: CISO FAQs on AI Governance and Cybersecurity Strategy https://www.gartner.com/en/cybersecurity/cybersecurity-faqs
ClearTech Loop with Dan DeBacker, Chief Product Officer, Extreme Networks: https://www.buzzsprout.com/2248577/episodes/18455780