Welcome to "AI or Not," the podcast where we explore the intersection of digital transformation and real-world wisdom, hosted by the accomplished Pamela Isom. With over 25 years of experience guiding leaders in corporate, public, and private sectors, Pamela, the CEO and Founder of IsAdvice & Consulting LLC, is a veteran in successfully navigating the complex realms of artificial intelligence, innovation, cyber issues, governance, data management, and ethical decision-making.

The intersection of artificial intelligence and cybersecurity represents one of today's most critical technological frontiers. In this compelling conversation, Pamela Isom speaks with Steve Wilson, Chief Product Officer at Exabeam and founder of the OWASP Large Language Model security research group, about the urgent security challenges facing organizations adopting AI technologies.
Wilson brings decades of experience to the discussion, having founded an AI company in 1992 before working on the Java programming language and eventually returning to AI following the ChatGPT revolution. His work establishing the OWASP LLM security project has helped countless organizations understand and mitigate the unique risks these powerful new tools present.
The conversation offers practical guidance on combating prompt injection attacks—identified as the number one security threat to LLMs—through implementing a zero-trust architecture specifically designed for AI applications. Wilson explains that LLMs must be treated as "something between a confused deputy and an enemy sleeper agent," requiring rigorous security controls and thoughtful implementation.
Particularly illuminating is Wilson's explanation of hallucinations, comparing LLMs taking "closed book tests" after being asked to memorize the entire internet. His recommended solution, Retrieval Augmented Generation (RAG), transforms these into "open book tests" by providing models with relevant, trusted information before they generate responses—dramatically improving output accuracy.
Despite the legitimate concerns, Wilson remains optimistic about LLMs' transformative potential when deployed thoughtfully. At Exabeam, their AI copilot helps cybersecurity analysts work 2-3 times faster by translating complex technical information into clear, actionable English—demonstrating how organizations can leverage AI's strengths while mitigating risks.
Don't miss this essential conversation for anyone building or implementing AI systems in their organization. The technological transformation happening with generative AI may be the most significant since the World Wide Web—and as Wilson warns, waiting on the sidelines isn't an option for companies that want to remain competitive.