ClearTech Loop: In the Know, On the Move

Ryan Lutz: From Tool-Driven Cyber to Adaptive AI Defense

February 5, 2026

Episode Summary: From Reactive to Predictive in AI Security

Cybersecurity has become a tool driven industry. Organizations buy platforms, stack controls, generate alerts, and ask humans to stitch it all together under pressure.

In this episode of ClearTech Loop, Jo Peterson sits down with Ryan Lutz to explore what changes when AI becomes part of the security workflow. Not as another console, but as an adaptive capability that helps teams interpret signals faster, prioritize more intelligently, and respond with more consistency when the volume is too high for humans to manage alone.

The conversation focuses on three real-world themes: why the SOC is the best initial use case for AI augmentation, how leaders should think about the inherent exposure that comes with more AI and more code, and why Ryan’s research on AI malware matters for building adaptive defensive responses.

“Cyber is a very tool driven industry… with the implementation of AI being generative, I think that we’re going to see AI being used more in a way that’s adaptive.”

— Ryan Lutz

Three Big Questions for Security Leaders

1. What does “adaptive” look like where it matters most: the SOC?

AI is valuable not because it is new, but because security work is overwhelmed by inputs. In a SOC, teams face huge volumes of information and an endless menu of possible attack paths. Ryan explains why AI can help by ranking what matters, accelerating analysis, and generating a response path quickly and efficiently.

2. How do you adopt more AI without increasing exposure?

More AI and more code creates more exposure. That is inherent. The leadership job becomes balance: govern the use, guide the adoption, and avoid becoming the “Department of No” while still protecting the business.

3. Why does AI malware research matter for defense?

Ryan describes exploring AI malware in a controlled academic environment so defenders can understand what is coming and design adaptive defensive responses such as IDS and IPS.

“In a setting like a SOC analyst… you have a ton of information coming in… millions of possible attack vectors… it’s very applicable to use AI… to generate a response very quickly and more efficiently.”

— Ryan Lutz

What You’ll Learn

Why cybersecurity has become tool-driven and why AI shifts the posture toward adaptive decision-making

Why the SOC is a natural first use case for AI augmentation

How AI can help prioritize signals, accelerate analysis, and suggest response paths

How leaders should approach governance so adoption continues without accidental exposure

Why researching AI malware in a controlled setting improves defensive readiness

“How should the CISO be thinking about AI adoption… from an organizational governance perspective, because you don’t want to be the Department of no.”

— Jo Peterson

About the Guest | Ryan Lutz

Ryan Lutz is a Software Engineer at Modus21 and a Researcher at The Citadel, where he works at the intersection of machine learning and cybersecurity with an emphasis on secure systems and emerging risk environments. He previously served as a Data Engineer at AgFirst Farm Credit Bank, where he built a locally hosted AI solution for 750 plus employees and authored an AI governance framework with controls to regulate AI efforts.