AI Is Rewriting the Incident Playbook & Most Security Teams Are Still on the Old Version

Most CISOs get one or two companies' worth of scar tissue before they move on. Randy Barr has ten. Across 25 years and organizations ranging from early-stage startups to Cisco and Zoom, he has built, inherited, and rebuilt security programs at every scale imaginable. 

And what that vantage point gives him, more than any certification or framework, is the ability to see which mistakes are genuinely unique to a company and which ones just keep showing up dressed in different clothes.

In Episode 5 of Full Metal Packet, Randy joins hosts Yegor Sak and Alex Paguis to talk through what those patterns actually look like, what security teams consistently get wrong at different stages of growth, and why AI is arriving at exactly the moment when the old way of doing things has the least room left to fail.

The Same Mistake at Every Size

Ask Randy what security teams think they're doing well but aren't, and the answer changes depending on the size of the organization. The underlying failure, though, is remarkably consistent.

Smaller companies, particularly startups, fixate on compliance. A customer asks for SOC 2 Type 2, and the company responds. Policies get written, boxes get ticked, and somewhere in that process, the actual goal, securing the environment, gets quietly displaced by the proxy goal of passing the audit. "The wrong thing is that they think compliance equates security," Randy says. "That's the mistake."

Larger companies make a different version of the same error. They build a security program that works for the organization at a particular moment in time, and then they stop revisiting it. The threat landscape evolves. The company grows. The attack surface changes. The program doesn't. And the gap between what the security team thinks they're defending and what they're actually defending quietly widens until something finds it.

When Randy joins a new organization, he ignores the compliance certificates. He looks at three things: 

• The team and their actual skill sets
• The existing programs
• Whether they're genuinely operational
• The risk tolerance of the executive layer

Those three things tell him more about where a company really stands than any audit report ever has.

What Scale Does to Your Blind Spots

The war stories in this episode are worth spending time on because of what they reveal about how security breaks down, specifically during growth.

In one case, an infrastructure manager was quietly skimming servers off incoming shipments and selling them online. The first sign wasn't an internal alert. It was a support call from a buyer in Southern California asking for help with hardware that shouldn't exist outside the company's own data centers. Randy traced the listing, found the PO box, called the buyer, and eventually got the police involved. The manager's justification was that he was using the money to fund equipment for his team. Nobody believed him.

The more instructive detail is how it was possible in the first place. The company was growing steadily and fast, and in that growth, the inventory controls that should have caught it had never been properly assigned or revisited. 

"During the growth of a company, if companies don't revisit their processes and their controls, it's very likely that something's going to get missed," Randy says. "And somebody's going to take advantage of that."

The second story makes the same point from a different angle. A third-party customer support team overseas discovers that a reimbursement button in the support portal can be pressed more than once. Three employees run their own trial accounts. Start reimbursing themselves. Then, because clicking manually is slow, write a script to automate it. The only reason it surfaces is that the volume spikes fast enough to catch the finance team's eye. "I'm just glad they were so greedy," Randy says, "because it raised the alert."

Both stories are often read as insider threat problems. Randy reads them as process problems. The people involved found gaps that the organization created for them by growing faster than its own controls could keep up with.

What a War Room Actually Looks Like Under Pressure

The incident that launched Randy's security career, a mass website defacement affecting thousands of hosted customer sites in the early 2000s, is the episode's most detailed war story, and the part that matters most isn't the technical resolution.

The team restored from backup. The defacement came back. They restored again. It came back again. It took three sleepless days and a manual patching exercise across several thousand servers before it was finally contained, and even then, a single missed server kept reintroducing the problem whenever a load balancer routed a customer to it. Some customers left during those three days. Others had been looking for a reason to go.

What Randy took from the experience was about how war rooms fail under pressure. The most common failure mode is the number of people making assumptions and presenting them as solutions. "Restore from backup, that'll fix it" isn't a plan. It's a guess. And in a room full of exhausted, stressed people, guesses dressed as plans can take an entire team down the wrong path for hours.

His rule: if you're going to recommend an action, explain why you think it will work based on what you actually know. Not what you're assuming.

He also has clear views on what senior leadership should be doing in those rooms. The CEO and CTO during that defacement response didn't direct the technical team or make calls above their expertise. They brought food. They brought coffee. They kept the people solving the problem functional. "That's the best that they could do," Randy says. "And they will remember that for months to come."

Why AI Makes All of This More Dangerous

Everything described above, the compliance confusion, the process gaps that scale creates, the war rooms running on assumptions, these are problems that security teams have been managing imperfectly for decades. What AI does is compress the timeline on all of them and introduce a new class of risk that most organizations haven't started building defenses for yet.

Randy's concern right now is MCP servers. The connectors that link large language models to existing tools like Slack, email, and internal databases are being spun up inside organizations without IT or security knowing. Building them is getting easier. The controls to manage them don't exist yet at most companies. And the person connecting ChatGPT to the company Slack via an MCP server isn't doing anything malicious. She's created a connector that may have visibility into considerably more than she does.

Alex pushes the sharper edge of the same problem: prompt injection. A model with read and write access to your email doesn't need to be a compromised model to become a liability. It needs to receive a carefully constructed email that tells it to do something it shouldn't. The access was granted legitimately. The instruction came from outside. The outcome is the same.

"I think we're going to make some mistakes," Randy says. "A lot of companies are going to make mistakes in the adoption of AI internally."

What he's really saying is that the pattern he's watched repeat across 10 companies and 25 years is about to encounter an accelerant. The process gaps that allowed a manager to skim servers or a contractor to script their own reimbursements were eventually surfaced by human error, by greed, by a support call from an unexpected area code. AI-enabled incidents won't wait for those lucky breaks.

The organizations that navigate this well won't be the ones that blocked AI the longest or bought the most tools. They'll be the ones that fixed the fundamentals before the stakes got higher, built the kind of close advisor networks and genuine incident muscle memory that Randy has spent a career developing, and had the discipline to keep asking whether their security program still matches the organization they're actually running today.

Because if Randy's 25 years of the same patterns repeating have shown anything, it's that the window to build those habits before you need them is always shorter than it looks.

Randy Barr is the CISO of Cequence Security, focused on API security, bot management, and AI protection. This post is based on his appearance on Episode 5 of Full Metal Packet.

Listen on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts.