Episode 72

full
Published on:

28th May 2025

How Do You Safeguard AI When Development Outpaces Security? With Ante Gojsalić - SplxAI

Can we secure generative AI before it outpaces our ability to defend it?

Welcome back to Razorwire, where we have our finger on the pulse of cybersecurity’s most urgent dilemmas and future threats. I’m your host, Jim and in this episode, I sit down with Ante Gojsalić, CTO and co-founder of SplxAI, to unpick the tangled challenges of securing the next wave of generative AI before it becomes too integrated, too complex and too risky to control.

Generative AI is reshaping everything from business operations to personal lives, but the race to capitalise on its potential leaves us with difficult questions. Are we allowing technological progress to sprint ahead of security? Is anyone putting robust protections at the heart of these new AI systems? Ante shares stories from the frontlines - explaining why both East and West are taking wildly different approaches, why securing AI isn’t as simple as plugging in a new tool and how the real vulnerabilities lie hidden in the everyday systems we’re already beginning to trust.

Three key talking points to listen out for:

  1. Why securing AI is fundamentally different - and harder - than traditional IT - Ante shares real scenarios where the unpredictable, fast-evolving nature of large language models means old school security techniques simply can’t keep pace. Find out why continuous testing, automation and security-by-design are more critical than ever.
  2. Hidden risks as AI agents take on human-like roles in business - We explore where the most pressing security gaps lie as AI agents begin to make decisions, handle confidential data and even manipulate users. Learn how attackers are already exploiting these systems - and what steps organisations can take to avoid catastrophic mistakes.
  3. The battle between business priorities and security fundamentals -
  4. Hear our thoughts on why commercial pressure and the quest for innovation often override basic security and discover hands on, pragmatic advice for leaders aiming to bake security into AI projects from day one - before it’s too late.

Whether you’re a CISO, an AI developer or a cyber strategist, this episode of Razorwire will arm you with practical insights and hard-won lessons on defending against the unknowns of AI.



Why Continuous Security Testing Is Essential: 

"So imagine you do the security evaluation [of AI] on day one, then they change it a hundred times and you don't do another pen test. It's not relevant anymore. So, yeah, the continuous thing is important. Automation is important. And with AI, which is non-deterministic and which is still very changeable day by day, it's different than web security or API security… It's just unstable."

- Ante Gojsalić, on why traditional security approaches fail with AI systems



Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen


In this episode, we covered the following topics:

  • Rise of Generative AI - Understand what generative AI actually is and how to assess its rapidly expanding applications within your organisation's threat landscape. 
  • Global AI Arms Race - Learn how different regional approaches to AI development affect your security strategy and vendor selection decisions. 
  • Security vs Speed in AI Development - Discover practical ways to balance innovation pressure with security requirements without stifling business growth. 
  • Emerging Threats to AI Systems - Identify specific vulnerabilities you need to watch for, including agentic decision-making risks, data leaks and adversarial attacks targeting your AI implementations. 
  • Challenges of Securing AI from the Start - Get actionable guidance on integrating security into AI system design rather than retrofitting protection after deployment. 
  • Continuous Security Testing for AI - Learn why traditional annual pen testing fails for AI systems and how to implement ongoing security assessment that keeps pace with model updates. 
  • AI-Powered Social Engineering - Recognise the sophisticated phishing and manipulation tactics enabled by generative AI and how to prepare your users for these evolved threats. 
  • Changing User Behaviours and Trust - Understand how widespread AI adoption, particularly among younger users, changes your security awareness and training requirements. 
  • Regulation and Governance Gaps - Assess whether current compliance frameworks adequately address AI risks and how to fill gaps in your governance approach. 
  • Future-Proofing AI Security - Prepare for emerging security challenges as AI systems increasingly blur human-machine decision boundaries and adapt your security strategy accordingly.


Resources Mentioned


Connect with your host James Rees


Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.


Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.

With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.

For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.

If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.


Linkedin: Razorthorn Security

Youtube: Razorthorn Security

Twitter:   @RazorThornLTD

Website: www.razorthorn.com


All rights reserved. © Razorthorn Security LTD 2025

Show artwork for Razorwire Cyber Security

About the Podcast

Razorwire Cyber Security
Real conversations helping cybersecurity professionals sharpen their insights, strategy & leadership skills.
🔒 Cybersecurity is evolving — and so should you. Razorwire brings the open conversations that give you the edge.

Welcome to the Razorwire podcast — your resource for practical advice, expert insights, and real-world conversations on cybersecurity, information security (InfoSec), risk management, governance, security leadership, human factors, and industry trends.

Our mission is to help you build a stronger cybersecurity career while supporting a dynamic, agile community of professionals committed to continuous improvement.

Each episode brings you actionable advice and real experiences from your host, James Rees — an information security specialist with over 25 years of experience — and from a range of respected guests across the cybersecurity industry. Together, we explore everything from technical strategies and compliance challenges to security culture, communication skills, and leadership development.

James Rees is the founder of Razorthorn Security, providing expert consultancy and testing services to a wide range of organisations, including many Fortune 500 companies. His practical, no-nonsense approach helps organisations manage cyber risks effectively while strengthening resilience.

The Razorwire podcast is designed for cybersecurity professionals who want to stay ahead, sharpen their skills, and confidently respond to the challenges of today's evolving threat landscape. We believe collaboration is key to stronger security — and Razorwire gives you the conversations that help you achieve it.

For more information about us, or if you have questions you'd like discussed on the show, email podcast@razorthorn.com or visit www.razorthorn.com.