{"version":1,"type":"rich","provider_name":"Libsyn","provider_url":"https:\/\/www.libsyn.com","height":90,"width":600,"title":"Special Episode - From the Server Room to the Boardroom: AI, Identity and the Cyber Risks Directors Can\u2019t Ignore","description":"Presented by Okta   Cyber security has become a core governance issue, not just an IT problem. In this episode, Mathew Graham, Chief Security Officer for Asia\u2013Pac at Okta, explains why identity is now the front line of security \u2014 and what that means for directors. He outlines how cyber risk has shifted from firewalls to cloud systems, remote work and interconnected supply chains, where most breaches now begin with compromised credentials.   Mathew clarifies the board\u2019s role in setting risk appetite, shaping a culture of security, and holding management accountable through clear, risk\u2011focused reporting. He challenges common misconceptions (\u201ccompliant = secure\u201d) and highlights the danger of relying on a single tech provider.   He also explores AI\u2019s dual edge \u2014 accelerating attacks and strengthening defence \u2014 and why non\u2011human identities like bots and AI agents must be secured. Finally, Mathew shares practical steps: stronger MFA, regular simulations and one big question every board should ask \u2014 who has access to our most critical data?   Key Takeaways:   \u00b7       From tech issue to business risk \u2014 why cyber has moved from the server room to the boardroom, with identity now the critical perimeter. \u00b7       Board vs management roles \u2014 the board sets the \u201cwhat\u201d and \u201cwhy\u201d (risk appetite, culture of security); management owns the \u201chow\u201d. \u00b7       Good cyber reporting \u2014 concise, risk-focused dashboards over jargon-heavy reports; red flags when leaders can\u2019t answer \u201cwho has access to what?\u201d. \u00b7       SMEs and NFPs \u2014 how resource-constrained organisations can use ACSC guidance, baseline controls and targeted investment to lift their posture. \u00b7       AI as accelerator \u2014 attackers using AI for better phishing, faster vulnerability discovery and malware, while defenders use AI for anomaly detection. \u00b7       Non-human identities & supply chain risk \u2014 bots and AI agents as new identities to secure, and why many major breaches now start with a third party. ","author_name":"Boardroom Confidential","author_url":"https:\/\/www.aicd.com.au\/news-media\/podcast\/boardroom-conversations","html":"