July 22nd, 2025
2 min read

Den Jones has extensive experience as a former Chief Security Officer at Banyan Security and SonicWall, as well as leadership roles at Adobe and Cisco. Today he is the Founder and CEO of 909Cyber, a cybersecurity firm delivering executive-level business consulting.
Jones believes Chief Information Security Officers can add significant value by both protecting the business and enabling its growth.
Bridges and Barriers
For the past five years, every vendor in the cybersecurity industry identified as a “zero trust” provider, Jones says. Now, in a rapid shift, they’ve all become “AI vendors.” This transformation may seem sudden, but Jones thinks seasoned Chief Security Officers (CSOs) and Chief Information Security Officers (CISOs) should see through the noise and recognize that the underlying objective remains the same: delivering trusted services and safeguarding companies in an evolving threat landscape.
AI offers significant advantages in cybersecurity, aiding defenders by identifying vulnerabilities, analyzing configurations, and closing entry points into sensitive environments. Yet, the same technology poses a threat in the wrong hands, empowering cybercriminals to improve the sophistication of attacks, such as deep fakes and phishing campaigns.

“AI will help the good guys keep the bad people out, find vulnerabilities, look at configurations, and close open doors into the environment,” says Jones. “And AI will help the bad guys who are also using AI. Deep fakes and phishing campaigns are getting better. So we need to educate ourselves about the power of this technology – and it’s moving fast.”
Technology should always advance, he adds, but it must do so with security as the cornerstone. “The CISO, with both the business and the security hat on, should enable the business to embrace this emerging technology. As technologists, we should do that anyway but do it in a secure way without saying that the sky is falling.”
“There is a lot of hype out there, like with any technology trend, in cybersecurity, much as we saw with zero trust. That said, AI should be able to help us accelerate, should help us prevent bad people from getting in, help us look at configurations, catch vulnerabilities, and close those doors. This technology is moving very fast and we need to educate ourselves about the power for both good and bad actors. AI is out there and powerful – employees will use it so blocking is not an option – and we need to understand it’s not a matter of whether there will be a breach, it’s a matter of when. So education is key. Integrating AI into cybersecurity training programs for employees is critical.”
Den Jones, Founder and CEO, 909Cyber
AI in Society
AI’s rapid evolution, particularly through GenAI and agentic workflows, is removing humans from critical processes, pushing organizations to rethink outdated policies that were designed for a different, more manual environment. The challenge now, Jones notes, is to design new guardrails that reflect each company’s business risks and its tolerance for the residual risks associated with integrating AI into operations.
“AI requires a fine balance between innovation and risk management,” Jones explains.
CISOs must focus on understanding the broader business strategy, listening carefully to what matters most to the organization. They need to think about how to protect the company while embracing the efficiencies and competitive advantages AI can provide. In this way, security can remain a critical enabler of business growth even as AI continues to evolve.