Episode Details

In this episode of the Mark Vos, Founder and CEO of Cyber Impact, about the evolving landscape of artificial intelligence, cybersecurity and AI governance. Mark brings decades of experience across technology, consulting and enterprise risk leadership, including senior roles in Big Four consulting and as Chief Risk Officer and Chief Information Security Officer at Iress, a platform that supports the majority of Australian stock market trades. Drawing on this background, Mark shares insights into how organisations can safely adopt AI while managing emerging risks across security, governance and business transformation.

Mark reflects on his journey as a lifelong technologist who entered the workforce during the early days of the internet boom in the mid-1990s. His career progressed from cybersecurity consulting into executive leadership roles that expanded his focus from technical security to enterprise-wide risk management covering operational, financial and reputational threats. This broader perspective eventually led him to found Cyber Impact, where he delivers fractional CISO services and strategic security guidance to organisations that require high-level expertise without a full-time executive commitment.

The conversation then turns to the rapid rise of artificial intelligence and AI-driven business transformation. Mark describes AI as the next major technological shift following the industrial revolution, electricity and the internet. He believes the pace of change will surpass previous technology waves and deliver profound impact across industries within the next decade. At the same time, he stresses that organisations must combine innovation with responsible governance, particularly as businesses face pressure from shareholders to deploy AI quickly to improve efficiency and competitiveness.

Anthony and Mark explore the technical realities behind AI systems, including how large language models operate as complex neural networks with billions of parameters. These systems are inherently non-deterministic, which introduces challenges for security and oversight. Mark explains that prompt manipulation and language-based interactions can create new cyber attack surfaces similar to social engineering. The discussion also highlights risks associated with AI agents that can execute tasks autonomously, access systems or interact with financial services without sufficient safeguards in place.

Another major theme is the growing sophistication of AI-generated content such as deepfakes, synthetic media and automated decision systems. Mark notes that AI-generated images and videos have reached a level where even experts can struggle to detect them. Anthony adds that algorithm-driven social media platforms can reinforce misinformation by repeatedly exposing users to similar content. Both emphasise the importance of verifying information through trusted sources and maintaining human oversight when deploying AI in critical environments.

The episode also examines the architecture behind modern AI systems, including context windows and memory management. Anthony explains how AI models rely on contextual information to understand conversations, which can degrade when the context grows too large. Mark describes techniques such as using sub-agents to handle specific tasks, allowing the main system to maintain stability and efficiency. Strong governance practices such as external guardrails, least privilege access and independent oversight remain essential to ensure AI systems operate within defined boundaries.

Finally, Mark highlights the urgent need for AI governance frameworks at both organisational and societal levels. He believes the world currently has a narrow window to shape responsible AI policies before systems become too deeply embedded across industries. While rapid A