Welcome back to Zero Signal! In this episode, Conor Sherman and Stuart Mitchell sit down with Sean Catlett, co-founder of Polymodal, founding CISO of Reddit, former Chief Security Officer at Slack, and the executive who pioneered combining security with trust and safety at Bumble. Sean leverages his history across massive technological waves—from the dot-com era to cloud and mobile transitions—to deliver a masterclass on how modern security leaders must adapt to drive enterprise AI adoption or face getting layered out of the room completely.
In this deep dive into agentic autonomy, Sean details why the traditional CISO operating model of building walls and forcing technology choices is entirely broken. He introduces the critical concept of "computed trust"—the philosophy that autonomous systems must continuously earn their privileges through verifiable runtime evidence and contextual sensing rather than holding permanently granted access.
The conversation unpacks the vital distinction between automating narrow workflows and managing a non-deterministic, long-running agent workforce. Conor, Stu, and Sean confront the upcoming realities of "computer use" execution contexts, the illusion that pure observability equals true legibility, and why co-locating risk directly with product owners is the only sustainable way to survive the logarithmic expansion of insider threats driven by rogue digital twins.
Continued Reading & Resources:
Polymodal Independent Research: https://polymodal.ai/executive-insights
London Tech Week AI Enablement Panels: https://londontechweek.com/cyber-security-agentic-transformation
Google NotebookLM Optimization Best Practices: https://notebooklm.google.com/enterprise-strategy
ISO 27001 AI Risk Management Implementations: https://www.iso.org/standard/information-security-governance-frameworks
Black Hat Europe GRC and EDR Projections: https://www.blackhat.com/eu/briefings/ciso-ai-enablement-trajectories
About the Guest:
Sean Catlett is the co-founder of Polymodal, an early-stage startup focused on AI embodiment, boundaries, and novel interaction environments. A veteran security executive, Sean served as the founding CISO of Reddit, the Chief Security Officer at Slack, and the head of security, trust, and safety at Bumble. Throughout his career, he has specialized in architecting engineering-led and threat-led security programs built to scale alongside massive business transformation.
Key Topics:
01:11 The CISO Transformation: Turning Control Positions into AI Enablement Functions
04:14 Tech Wave Echoes: Applying Dot-Com, Cloud, and Mobile Paradigms to AI Transitions
06:43 Batting Averages in Risk: Why the Office of "No" Gets Layered Out by Boards
09:20 Engineering-Led vs. Threat-Led Security Models: Redefining Teams for the AI Era
12:54 The Errors and Omissions Insurance Trap: Why Delegating Judgment Is Uncovered
17:10 Defining the Agent Primitive: Workflow Automation vs. Bounded Digital Twins
20:20 The Logarithmic Insider Threat: Differentiating Human Actions From Agent Malfunction
26:15 Observability Is Not Legibility: The Failure of Legacy EDR Knowledge in AI Sessions
28:31 Higher Execution Contexts: How Agents Navigate Guardrails via Windows Subsystems
31:00 Computing Trust: Educating Agents at Runtime on Second and Third-Order Effects
38:15 The GRC Shift: Why Future Security Operations Teams Will Deploy Code Directly
45:13 The Bumble Paradigm: Unifying Classical Cyber Defenses with Trust and Safety
Meet our Sponsors:
Hampton North is the premier US based cybersecurity search firm: https://hamptonnorth.com/?utm_source=website&utm_medium=podcast&utm_campaign=aware_global_swsd_all&utm_content=zero-signal
Sysdig is the leader in AI-powered real-time cloud defense: https://www.sysdig.com/?utm_source=website&utm_medium=podcast&utm_campaign=aware_global_swsd_all&utm_content=zero-signal