Presented by Commvault & Carahsoft

Richard Breakiron, Director of Strategic Initiatives at Commvault, discussed how organizations can successfully integrate AI while managing cybersecurity risks and operational change.

Breakiron emphasized that AI should be viewed as a tool rather than a completely separate category of technology. Organizations should apply many of the same governance, risk management, and operational frameworks used for other emerging technologies.

However, AI differs because of its scale, speed, and broad operational reach. Unlike traditional tools, AI systems can impact entire enterprises simultaneously. This creates greater organizational risk if governance and oversight are not properly implemented.

Breakiron encouraged agencies to adopt a phased “crawl, walk, run” approach to AI implementation. Organizations should begin with controlled deployments, monitor outcomes carefully, adjust based on lessons learned, and gradually expand capabilities over time. He warned against deploying AI broadly without fully understanding operational impacts and associated risks.

The discussion also explored how existing cybersecurity frameworks such as NIST, FedRAMP, and CMMC remain highly relevant in the AI era. Strong identity management, access controls, governance processes, and auditing remain foundational requirements even as organizations adopt advanced AI technologies.

Breakiron also addressed the challenge of hallucinations and autonomous AI behavior, emphasizing the need for clear boundaries, auditability, and human oversight when deploying agentic AI systems capable of making operational decisions.

Key Takeaways

• Organizations should approach AI adoption incrementally using phased deployment strategies.
• Existing cybersecurity frameworks remain highly valuable in managing AI risks.
• AI systems require strong governance, auditing, and oversight to prevent unintended outcomes.