This is the Trace Id: 097992be51d90b097838020bc7ea1c6a
Skip to main content Security Insider Cyber Pulse Microsoft Digital Defense Report Threat landscape Emerging trends Risk management Leadership perspectives Operations Sign up for CISO Digest Microsoft Security Azure Dynamics 365 Microsoft 365 Microsoft Teams Windows 365 Microsoft AI Azure Space Mixed reality Microsoft HoloLens Microsoft Viva Quantum computing Sustainability Education Automotive Financial services Government Healthcare Manufacturing Retail Find a partner Become a partner Partner Network Microsoft Marketplace Software companies Blog Microsoft Advertising Developer Center Documentation Events Licensing Microsoft Learn Microsoft Research View Sitemap

Your AI Security Strategy Is Already Broken If Identity and Data Governance Are Weak

Watch the video Share
Security Insider Conversations banner with abstract colorful waves and two speaker portraits on a dark background.

Episode highlights

Organizations rushing into AI adoption often focus on copilots, agents, and productivity gains before fixing the fundamentals underneath them. But weak identity controls and poor data governance do not disappear in the AI era. They scale.

In this conversation Microsoft Security's Maryann Okonkwo sits down with Eugenio Cesar Semprebone, Cyber Security Manager at Caixa Econômica Federal, to unpack the realities of enterprise AI adoption, why data governance became the starting point for deployment, and how organizations are approaching the shift from basic AI assistants to autonomous agents.

The core message is clear: AI security is not separate from security fundamentals. It amplifies them.

  • The discussion opens with a grounded reality check: many organizations are still early in their AI journey. Some are experimenting with copilots and chat interfaces, while others are beginning to explore autonomous agents.

    The organizations moving carefully are often doing so intentionally because foundational security gaps become significantly more dangerous once AI enters the environment.

    Scroll to timestamp ~00:01:00 for more on this topic.
  • One of the strongest distinctions in the conversation is between AI assistants and autonomous agents.

    Copilot-style tools primarily create data governance concerns. Autonomous agents introduce identity, authorization, and access management challenges because they interact with systems, APIs, and other agents independently.

    Scroll to timestamp ~00:03:00 for more on this topic.
  • One of the most practical concerns discussed is oversharing. AI systems inherit the permissions and visibility already present inside collaboration platforms.

    Poor sharing hygiene can unintentionally expose sensitive information broadly across an organization and to every connected AI assistant. Simple configuration changes around file sharing and expiration policies have become important risk reduction measures.

    Scroll to timestamp ~00:11:00 for more on this topic.
  • The closing message reinforces a recurring theme throughout the discussion: AI does not replace security fundamentals. It magnifies them.

    Weak identity controls, inconsistent governance, excessive permissions, and poor data hygiene become significantly more dangerous once AI systems are layered into enterprise workflows.

    Scroll to timestamp ~00:19:00 for more on this topic.
Watch the video

Featured speakers

Caixa Econômica Federal

Eugênio Cesar Semprebone

Cyber Security Manager Headshot of person in a grey blazer and black shirt on a plain background Eugênio Cesar Semprebone Microsoft

Maryann Okonkwo

Product Marketing Manager Headshot of person smiling, wearing earrings on a plain background Maryann Okonkwo

More like this

A cartoon map of a treasure island with various markings and symbols.

Hot Cybercrime Summer: Understanding the Modern Cybercrime Operating Model

Hear from Microsoft leaders on the real structure behind modern attacks, the role AI is playing, and the practical takeaways for security leaders.
Learn more
A group of workers wearing hard hats looking at a tablet.

The threat to critical infrastructure has changed. Has your readiness?

Five facts critical infrastructure (CI) leaders need to act on in 2026, grounded in what Microsoft Threat Intelligence is observing across sectors right now.
Read more
A white line drawing of a paper inside an envelope with the word New displayed.

Get the CISO Digest

Stay ahead with expert insights, industry trends, and security research in this bimonthly email series.
Sign up

Follow Microsoft Security

Surface Pro Surface Laptop Surface Laptop Ultra Surface RTX Spark Dev Box Copilot for organizations Copilot for personal use Explore Microsoft products Windows 11 apps Account profile Download Center Microsoft Store support Returns Order tracking Certified Refurbished Microsoft Store Promise Flexible Payments Microsoft in education Devices for education Microsoft Teams for Education Microsoft 365 Education How to buy for your school Educator training and development Deals for students and parents AI for education
Microsoft AI Microsoft Security Dynamics 365 Microsoft 365 Microsoft Power Platform Microsoft Teams Microsoft 365 Copilot Small Business Azure Microsoft Developer Microsoft Learn Support for AI marketplace apps Microsoft Tech Community Microsoft Marketplace Software companies Visual Studio Careers About Microsoft Company news Privacy at Microsoft Investors Diversity and inclusion Accessibility Sustainability
English (United States) Consumer Health Privacy Sitemap Contact Microsoft Privacy Manage cookies Terms of use Trademarks Safety & eco Recycling About our ads