CIO Influence Interview with Kyle Wickert, Field CTO at AlgoSec

Kyle Wickert, Field CTO at AlgoSec chats about the evolving leadership priorities and modern risks in cybersecurity in this interview by CIO Influence:

_______

Hi Kyle, take us through a day at work at AlgoSec.

No two days look the same, and the challenges have evolved significantly since I joined AlgoSec, which is honestly what I love about the role. As Field CTO, I sit at the intersection of customer reality and product direction, working on practical, real-world solutions for customers looking to maximize our technology. Mornings might start with a call helping a strategic account work through a complex automation challenge, and afternoons could be spent in internal sessions with product and engineering teams, translating those field learnings into roadmap priorities.

What are some of the main thoughts/challenges influencing modern CTOs and CIOs today?

The biggest theme I keep seeing is the pressure of convergence. Cloud and traditional security teams that once operated in separate lanes are increasingly unifying into one team, but the tools, workflows, and policies haven’t kept pace. Nearly every organization I speak with is at some stage of this journey.

How will future IT teams shape up in terms of hierarchy and structure in an AI-driven environment?

AI absorbs the routine. Day-to-day operational work that currently consumes IT teams, such as change requests, compliance checks, policy reviews, and connectivity troubleshooting, gets handled autonomously. AI processes it, validates it, and executes it without a human in the loop for every step. That unlock is something really important: humans stop being ticket processors and start being decision-makers.

The role of the IT professional becomes intervening at the moments that actually matter, specifically high-risk changes where the operational or business impact warrants human judgment. That could mean a change affecting a revenue-critical application, one that crosses a compliance boundary, or one where the blast radius of getting it wrong is significant. Those are the moments where human expertise has a meaningful impact, and that is exactly where it should be focused.

Also Read: CIO Influence Interview With Jake Mosey, Chief Product Officer at Recast

Can you comment more on how AI-driven application-centric visibility can help in securing entire hybrid networks and ease workloads for CISOs and IT teams?

The approach to network security has always been infrastructure-first. You started with the firewall, the device, the rule. The problem is that in a hybrid environment spanning on-premises data centers, multiple cloud providers, and everything in between, that approach breaks down quickly. There are simply too many devices, too many policies, and too many interdependencies to manage manually at that level.

Flip the script. Instead of asking, “What does this firewall rule do?”, the better question is, “What does this application need to communicate? What are we enabling with this rule, and is that connectivity secure and compliant?” When AI enables that visibility continuously and accurately, mapping application flows, detecting anomalies, flagging policy violations, and recommending changes, organizations move from reactive firefighting to true control over connectivity permitted across every enforcement point in the network.

What should IT teams do to deal with issues around shadow cloud?

Shadow clouds are a symptom, not the root problem. When teams spin up unauthorized cloud resources, it’s usually because the approved path is too slow and cumbersome. The solution to this cannot be simpler. It’s removing the friction that makes the shadow cloud appealing in the first place.

For example, when you front-end the process with a more user-friendly business owner view, asking the submitter what application needs what connectivity, rather than asking them to reverse-engineer technical network requirements, you dramatically reduce the friction at the point of entry. And what happens naturally is this: submitters who provide high-quality, well-contextualized requests get faster outcomes. Security and networking teams have what they need to assess and act on the change without the friction.

Five thoughts you’d leave every CIO/CTO/CISO with before we wrap up?

This will not come as a surprise to any security professional, but visibility is not optional. You cannot secure, govern, or optimize what you cannot see. If you don’t have continuous, accurate visibility across your hybrid environment, everything else is guesswork.

Stop managing infrastructure and start managing applications. Your business runs on applications. Security and connectivity strategy should be built around them, not around individual devices and rules. As security stacks evolve and shift, it’s critical not to be bound to policies as the authoritative source of connectivity requirements.

Automation is a force multiplier, not a job eliminator. The organizations making meaningful progress today are using automation to make their people more effective at each step along the way, gradually reducing operator involvement while meeting achievable goals.

Cloud, SDN, and network security are not separate disciplines. If your organization still has rigid silos between any teams managing enforcement technologies, the gap between them is a risk.

Don’t let perfection be the enemy of progress. A security posture or automation strategy that is 80% there and continuously improving will outperform a strategy that’s waiting to be perfect before it’s implemented.

Catch more CIO Insights: Why CIOs are becoming chief risk orchestrators?

[To share your insights with us, please write to psen@itechseries.com ]