What Business Leaders Really Talk About When They Talk About Security

The conversation around cybersecurity has changed – and this October, it took center stage.

Across industries – from finance to AI, from software engineering to compliance – a single truth emerged: innovation without security is fragile. Whether through careless code, unguarded AI, or unaligned regulation, the risks are evolving faster than ever. Yet, so are the opportunities for proactive protection.

Through our participation in four major events (Kosher (Hive), ISACA Day, Capital AI in Practice, and DigiPay), AMATAS explored how leaders can close the gap between innovation and protection – and why digital trust is becoming the ultimate measure of progress.

When AI Becomes the Hacker’s Playground

At the Kosher (Hive) event, AMATAS CEO Marko Simeonov joined an open discussion on “Are AI Tools Opening New Doors for Hackers?” –  a question that sits at the heart of modern cybersecurity.

As Marko put it,

“AI is a powerful tool – one that can elevate our work and efficiency, but also be weaponized for malicious purposes. Every organization must approach it with both ambition and caution.”

His words captured the dual nature of artificial intelligence: its power to elevate productivity and insight, and its potential to amplify risk when left unchecked. AI is no longer a distant innovation – it’s embedded in everyday operations, shaping decisions, automating workflows, and influencing trust. But with every new integration, the attack surface widens.

Marko emphasized that the challenge isn’t AI itself – it’s the lack of control and oversight around its use.

Without clear oversight, accountability, and security frameworks, AI can just as easily generate vulnerabilities as it does value. For business leaders, that means adopting AI responsibly isn’t about slowing innovation – it’s about ensuring it’s built on a foundation of control, transparency, and trust.

The Hidden Cost of “Vibe Coding”

At ISACA Day 2025, our Chief Strategy Officer Boris Goncharov took the stage with a session that struck a nerve across the participants: “What happens when ‘Vibe Coding’ takes the lead and security is left behind?”

In his demo, Boris showed how developers – and increasingly, non-technical professionals – rely on AI to generate or automate code snippets without understanding the security implications. These tools are designed to fulfill requests, not to challenge unsafe ones. As he explained,

“The model’s purpose is to produce an output, not to press the brake and warn you there’s a problem. That’s where the danger begins.”

The result? A cascade of failures that can lead to three major attack scenarios: data manipulation, data exfiltration, and mass exploitation.

Boris walked the audience through a real-world chain of security breakdowns – from hardcoded webhook URLs and stored credentials, to unsanitized inputs and missing authentication controls – illustrating how “vibe coding” creates compounding risks at every layer.

The takeaway? When everyone can code with AI, everyone can also create risk — unless security becomes part of everyone’s responsibility.

Building AI-Native Companies Without Breaking Security

At Capital’s AI in Practice Masterclass, conversations focused on what it truly means to become an AI-native organization – one that doesn’t just use AI tools but is structurally designed around them.

Representing AMATAS, Boris Goncharov and his AI assistant spoke on “Securing AI-Native Companies,” emphasizing that while many businesses are racing to integrate AI, few are adapting their security architectures to match the scale, autonomy, and unpredictability these systems introduce. 

He warned that without embedding protection into the foundation, AI-native companies risk becoming compromised by design – where innovation outpaces oversight, and vulnerabilities are built in from the start.

AI-native doesn’t mean AI-reckless. It means integrating data governance, ethical oversight, and cybersecurity controls into every layer of the innovation pipeline. The message resonated strongly: innovation and security are not opposing forces – they are interdependent disciplines.

At AMATAS, this philosophy drives how we support AI-driven enterprises – bridging the gap between innovation and protection so that progress remains both agile and accountable.

Securing Trust in Finance

At DigiPay 2025, Boris led a dynamic panel on “Challenges in Fighting Money Laundering and How New Regulations Will Deal with Growing Crypto Scams.”

As digital payments evolve, so do the tactics of financial crime. The discussion brought together experts exploring how real-time fraud detection, strong anti-money-laundering (AML) frameworks, and regulatory cooperation can reinforce digital trust.

The insight that resonated most: for banks, fintechs, and regulators alike, compliance is no longer the finish line – it’s the starting point for earning customer trust. For financial institutions, cybersecurity and compliance are no longer separate goals – they are two halves of the same whole.

At AMATAS, our mission is to bridge this divide – helping financial and fintech organizations build systems where compliance and cybersecurity evolve together, protecting customers while enabling innovation.

The Common Thread: Turning Innovation into Trust

Across all four stages – from AI security and software integrity to digital payments and regulatory alignment – one message resonated clearly: innovation without security cannot scale sustainably.

Whether it’s AI models that can be compromised by design, coding shortcuts that multiply vulnerabilities, or financial systems that outpace regulation, the challenge is the same – balancing speed with accountability. Every conversation reinforced that true progress depends not on how fast we innovate, but on how securely we do it.

For AMATAS, this is more than a takeaway; it’s a commitment. We help organizations embed security, governance, and trust into the foundation of their growth – ensuring that innovation moves forward with confidence, not compromise.

Because in the end, digital trust isn’t just what protects innovation – it’s what makes it possible.