eWeek Exclusive: Splunk’s CISO Says Security Teams Must ‘Trust but Verify’ AI

How much should security teams trust AI to make the right call? 

Michael Fanning, chief information security officer at Splunk, believes every organization should ask that question as they integrate automation into critical defense operations.

Over his career, Fanning has guided high-performing organizations of up to 300 people and now leads Splunk’s globally distributed teams, which span security engineering, identity and access management (IAM), product security, detection and response, governance risk and compliance (GRC), and security training and awareness.

In this exclusive eWeek interview, Fanning addresses the challenges of handling AI risks, from hallucinations that can distort alerts to the governance policies that keep models accountable. 

Q: What’s the most dangerous type of AI hallucination for enterprise security teams today, and why is it so hard to detect early?

A: The most dangerous AI hallucination for security teams is when AI makes a determination about an alert that is not true and wrongly dismisses a real threat as a false alarm.

Imagine your home alarm system ignores a break-in because the intruder is dressed as a FedEx driver. Security teams might miss the real threat because it looks like normal activity. It’s tough to spot early because these hallucinations often blend in with real alerts.

Since AI can “fill in the blanks” when it doesn’t have all the facts, it sometimes creates scenarios that look real, making it harder for people to tell what’s true and what’s not. That’s why it’s so important for teams to keep a critical eye and double-check AI-generated alerts instead of taking them at face value.

Q: How can organizations trace hallucinated or inaccurate AI outputs back to their source, whether it’s a bad prompt, outdated data, or flawed model logic?

A: Tracing the source of a hallucinated or inaccurate AI output is a bit like figuring out why a recipe didn’t turn out right. Was it the instructions, old ingredients, or a misunderstanding of the steps?

In AI, companies need to look at three things: the prompt (what was asked), the data (the information the AI learned from), and the logic (how the AI makes decisions). A critical component here is “garbage in, garbage out.” The quality of the output depends heavily on the quality of the inputs throughout the entire process. This means training data must be high quality, prompts must be carefully crafted, and the model’s logic must be sound.

By maintaining good “audit trails,” teams can work backward to see where things went off track. This helps catch not just simple mistakes, but also patterns that might lead to future issues.

Q: How can companies balance the need for transparency in AI systems with the protection of proprietary data and models?

A: Balancing transparency and protection is a bit like sharing grandma’s famous cookie recipe without giving away the secret ingredient. Companies want to show how their AI makes decisions, so people trust the results, but they also need to protect their unique methods and data from competitors.

One approach is to be open about how AI reaches conclusions, like explaining the baking steps, without revealing every detail. Companies can also provide summaries or “explainers” for decisions, rather than exposing raw data or code. The goal is to give enough information for people to understand and trust the process, while still keeping what makes the company special under wraps.

It’s a careful dance, but it’s possible with the right policies and a focus on responsible sharing.

Q: As CISOs bring AI into their security operations, what’s the right mindset for “trust but verify” to avoid overreliance on automation?

A: CISOs should approach AI integration with a mindset that values collaboration between machines and people.

While AI can process large volumes of security data and highlight potential threats faster than humans alone, it’s crucial to remember that algorithms can make mistakes or miss nuanced context. The right attitude is to leverage AI as a powerful tool that augments, not replaces, human judgment. This means establishing regular checks, setting up alerts for unusual AI behavior, and promoting a culture where team members routinely audit automated outputs. By combining AI’s speed with human critical thinking, security leaders can harness the benefits of automation while maintaining vigilance against errors or emerging risks.

In short, AI should complement human expertise, with verification and accountability built into every step of the process.

Q: What legal or compliance frameworks need to evolve most urgently to keep up with generative AI’s unpredictability and risk of misinformation?

A: While laws and regulations are still catching up to the rapid development of generative AI, organizations shouldn’t wait for external mandates before acting. Even in the absence of clear regulation, security teams have an opportunity and a responsibility to implement strong internal governance and guardrails now. The most urgent need is clearer rules around accountability – for example, who’s responsible when AI gets something wrong or spreads false information. 

We also need updated standards for data privacy and security, since AI models often use huge amounts of information. Frameworks that guide how organizations document, audit, and explain their AI decisions will help build trust and ensure everyone plays by the same rules. However, companies can lead the way by developing and adapting their own policies and controls in-house, then refining them as official regulations emerge.

Proactive governance not only prepares organizations for future legal changes but also helps build trust and reduce risk today.

Q: What does a truly trusted AI ecosystem look like, and which practices or technologies could help rebuild confidence in AI-driven decisions?

A: A truly trusted AI ecosystem is one where users can see not just the AI’s conclusions, but the data, steps, and reasoning behind them – much like a math teacher asking students to “show their work” rather than just write the final answer.

Trust is built when organizations provide transparency into what data was used, what processes and logic the AI followed, and how key decisions were made. When organizations are open about both the strengths and the limits of their AI, people regain confidence, and AI becomes a tool you can count on.

Q: Is there anything else you’d like to add on this subject?

A: I’d add that while AI is a powerful tool, we must be careful not to let our own foundational understanding of systems and technology erode as we depend on it more — just as many of us might struggle to do long division without a calculator today.

It’s essential to maintain core skills and be prepared to act when technology fails, as overreliance is a real risk. The best results come from combining human expertise with AI’s strengths, staying vigilant for errors, and focusing on transparency and responsibility. As we move forward, this will help unlock AI’s potential while safeguarding our organizations and keeping trust at the center. 

As AI continues to evolve, CISOs like Michael Fanning are emphasizing that trust isn’t a byproduct of technology but an outcome of effective governance. 

Organizations that partner innovation with transparency, maintain auditability, and preserve human oversight will find themselves best equipped to harness AI’s potential while minimizing risks. 

For Splunk and other organizations, the mission is clear: build AI systems that act intelligently and preserve trust in an increasingly automated world.