Insights from Jay Choi, Head of Cyber Strategy for SK shieldus, on managing cyber risk in AI-driven enterprises
Artificial intelligence (AI), cloud computing, and digital transformation are reshaping the way organizations operate. Enterprises are deploying AI to accelerate software development, automate processes, and unlock new sources of value. Yet as innovation accelerates, so does complexity—and with it, cyber risk.
In Frost & Sullivan’s ongoing AI Transformation series, we have explored the strategic drivers behind AI adoption, the technical foundations required to deploy these technologies, and the governance frameworks needed to scale them responsibly. What is becoming increasingly clear is that cybersecurity is no longer just a protective layer around digital transformation—it is a fundamental enabler of it.
To explore this evolving landscape, I spoke with Jay Choi, Head of Cyber Strategy for SK shieldus, a South Korea-headquartered cybersecurity and physical security provider with a growing global presence. Our discussion focused on how cyber risk is evolving as organizations expand their digital footprints across AI, cloud platforms, and globally interconnected supply chains.
Why cyber risk is now a business interruption risk, and needs to be owned at the top
One of the most significant changes in the cybersecurity landscape is the increasing connection between cyber incidents and real-world operational disruption.
Choi points out that organizations today operate in highly interconnected ecosystems. Industries such as semiconductors, financial services, and manufacturing rely on complex global supply chains where disruptions in one organization can have ripple effects across entire industries.
In this context, cybersecurity risks are no longer limited to protecting corporate data. They are closely tied to operational resilience and business continuity. A successful cyberattack can halt production lines, disrupt financial transactions, or impact critical infrastructure.
These dynamics are particularly visible in economies that play a central role in global supply chains. From Choi’s perspective, organizations are becoming more aware that cybersecurity must be embedded into broader enterprise risk management strategies including in its supply chain.
This shift is also changing who participates in cybersecurity conversations. Increasingly, board members and senior executives are directly involved in evaluating cyber risks, recognizing that digital resilience has become a key component of overall business stability. Raising the awareness for cyber security among the top executives / board members will be critical in order to understand and respond to cyber risks, especially in the back drop of ever evolving technological landscape.
AI is transforming both the threat landscape and cyber defense
Artificial intelligence is another powerful force reshaping cybersecurity.
Across industries, organizations are adopting AI to improve productivity, accelerate development cycles, and enhance decision-making. However, Choi notes that this rapid adoption introduces several new security challenges.
One emerging concern is the growing reliance on AI-generated code and open-source software components. While these tools enable developers to produce software more quickly, current control against the potential introduction of vulnerabilities are not aligned.
Another issue relates to dependency. As AI becomes embedded in critical business processes, organizations must consider how reliant they are on automated systems. Over-dependence on AI could introduce new operational risks if systems malfunction or become targets of adversarial attacks. AI adoption can be seen, in essence, as an introduction of major application(s) into the environment so having relevant resilience objectives are critical.
Yet AI also represents a powerful tool for defenders.
Security operations teams today must process vast volumes of telemetry and alerts generated by increasingly complex IT environments. AI-driven analytics can help identify patterns and anomalies more efficiently, allowing analysts to prioritize the most critical threats. The same applies in ways AI can be utilized to collect vast amount of threat intelligence that can be automated.
Choi emphasizes that AI should be viewed as an augmentation tool for security professionals’ productivity rather than a replacement for them. In an industry where skilled cybersecurity talent remains scarce, AI can help teams operate more effectively while ensuring that human expertise remains at the center of decision-making.
Why cloud strategy is shifting, and what it means for monitoring and risk
Cloud computing has been one of the most important drivers of digital transformation over the past decade. However, the way organizations approach cloud strategies is evolving.
According to Choi, many enterprises are now reassessing their cloud deployments after several years of rapid migration. Factors such as cost management, compliance requirements, and operational control are leading some organizations to adopt hybrid and multi-cloud strategies rather than relying on a single cloud platform.
While these architectures provide flexibility, they also introduce new security challenges.
Security teams must now monitor environments that span on-premises infrastructure, multiple public cloud platforms, and increasingly distributed applications. The volume of security data generated in these environments can be overwhelming, and many organizations struggle to maintain consistent visibility across their entire digital ecosystem.
Choi notes that improving monitoring capabilities—particularly the ability to ingest and analyze cloud-centric telemetry—has become a major priority for enterprises. At the same time, organizations must work to reduce false positives and alert fatigue, which can overwhelm security analysts and slow incident response.
How SK shieldus is innovating to support customers
As cybersecurity challenges grow more complex, service providers are also evolving their capabilities to help organizations navigate this landscape.
At SK shieldus, Choi explains that the company’s approach focuses on helping customers simplify security operations while improving visibility across increasingly diverse environments.
One aspect of this strategy involves developing integrated security platforms capable of consolidating telemetry from multiple sources. By correlating data across endpoints, networks, and cloud environments, security teams can detect threats earlier and respond more effectively.
The organization’s operational scale also contributes to its security insights. With thousands of enterprise customers and a large network of monitoring sensors, SK shieldus collects substantial volumes of threat intelligence data that is near real time. These insights support ongoing research into attack trends and emerging vulnerabilities.
To support customers facing increasingly sophisticated threats, the company has also expanded capabilities in several areas, including:
- Managed Detection and Response (MDR) services to improve incident detection and response speed
- Threat research laboratories focused on vulnerability discovery and cyber threat analysis
- Penetration testing and ethical hacking teams that help organizations identify weaknesses before adversaries exploit them
- AI-driven analytics initiatives aimed at improving security automation and operational efficiency
Choi notes that these investments are designed not simply to introduce new technologies, but to help organizations manage cybersecurity operations more effectively as digital ecosystems become more complex.
Secure AI at scale requires more than tools, it requires governance and human ownership
While technology is advancing rapidly, governance remains a critical factor in determining whether organizations can safely adopt AI at scale.
Choi observes that AI adoption is increasingly driven by executive leadership, with CEOs and boards recognizing the technology’s potential to reshape productivity and innovation. However, this also raises important questions around risk management.
Organizations must ensure that AI-generated code is properly validated, that AI-enabled systems are monitored for anomalies, and that security controls are integrated into development pipelines through practices such as DevSecOps.
Regulatory requirements are also evolving quickly as governments introduce new guidelines for AI governance and cybersecurity oversight.
From Choi’s perspective, organizations must approach AI adoption with a balanced mindset—embracing innovation while maintaining strong oversight and accountability.
“AI can significantly enhance cybersecurity operations,” he explains. “But organizations cannot outsource responsibility to technology alone. Human expertise and governance remain essential.”
Conclusion: innovation and risk are now closely linked
The rapid expansion of AI, cloud computing, and globally interconnected digital ecosystems is reshaping the cybersecurity landscape.
As organizations adopt new technologies to drive innovation and growth, they inevitably expand their digital attack surface. Managing this complexity requires more than deploying additional security tools. It demands a strategic approach that combines technology, governance, and operational expertise.
Insights from Jay Choi highlight the importance of viewing cybersecurity not as a constraint on innovation, but as a foundation that enables it. Enterprises that strengthen their visibility across complex environments, leverage AI responsibly, and invest in resilient security architectures will be better positioned to navigate the next phase of digital transformation.
In the end, the organizations that succeed will be those that recognize a fundamental reality of the digital era: innovation and cyber risk now evolve together—and managing both is essential for long-term resilience.
