ClearTech Loop: In the Know, On the Move

Stefano Righi: Governance Is a Catalyst in AI Security

February 10, 2026

Governance is a Catalyst in AI Security Stefano Righi

Episode Summary

In this ClearTech Loop hot take episode, Jo Peterson sits down with Stefano Righi, Chief Security Architect at American Megatrends, for three direct questions on AI security. Stefano explains how GenAI can push teams past reactive, tool centric security into anticipatory defenses through predictive threat modeling, dynamic risk assessment, and orchestration that connects detection, prioritization, and remediation. He breaks down secure by design for AI systems, including privacy, adversarial resiliency, prompt injection, and data poisoning. The episode closes on firmware security below the operating system and why governance aligned to standards and regulation enables innovation with trust.

“Governance may act as a catalyst, not as a brake to innovation, enabling innovation while ensuring trust.”

— Stefano Righi, Chief Security Officer, American Megatrends

Three Big Questions for Security Leaders

1. How does GenAI move teams from reactive security into anticipatory defense

Stefano frames GenAI as a strategic enabler that supports predictive threat modeling and dynamic risk assessment, then links detection, remediation, and prioritization through intelligent orchestration. The goal is not faster alerts. The goal is a new posture.

2. What does secure by design mean for AI systems?

Secure by design starts at the beginning of the AI lifecycle. Stefano calls for privacy and adversarial resiliency built in early enough that risks like prompt injection and data poisoning become design constraints, not emergency patches. He also emphasizes human oversight since GenAI can hallucinate and automation without validation creates compliance and misuse risk.

3. Why does AI governance need to be cross functional?

Righi positions governance as an enabler, not a brake. He points to alignment with standards and regulation pressure, including bodies like ISO and NIST and regulations like the EU AI Act and EU Cyber Resilience Act. He argues governance cannot sit in one silo and calls for cross functional committees so policies are applied company wide.

“From the very start, we need to pursue secure by design for AI model… mitigate risk like prompt injection and data poisoning without slowing innovation.”

— Stefano Righi

What You’ll Learn

How GenAI supports predictive threat modeling and dynamic risk assessment

Why orchestration matters for connecting detection, prioritization, and remediation

What secure by design means for AI systems, including prompt injection and data poisoning

Why human oversight remains required as GenAI accelerates workflows

Why firmware security below the operating system is a growing blind spot

How governance aligned to standards and regulation becomes an accelerator for trusted adoption

“Firmware runs under the operating system… attacks at such layer could go undetected by any antivirus solution running in the operating system.”

— Stefano Righi

Why this Episode is Different

As a security architect, Stefano brings a firmware lens. He describes the platform layer as a complex environment with multiple layers from microcode to BIOS to BMC to Root of Trust. He notes that firmware runs under the operating system and attacks at that layer can evade OS based antivirus visibility. He also flags a global talent shortage in firmware security, which increases organizational exposure.

About the Guest | Stefano Righi

Stefano Righi is Chief Security Architect at American Megatrends and a long time leader in firmware security, secure development lifecycle practices, and product security incident response. His perspective is rooted in building systems that have to hold up in production, not in theory.