In this episode of the TPRM Podcast, Threats, Pitfalls & Risk Myths, Nate Lee sits down with Jacob DePriest, Chief Information Security Officer at 1Password.
As AI adoption accelerates across enterprises, security leaders are facing a new tension. Move too fast, and you increase exposure. Move too slow and teams find their own tools, bypassing controls entirely.
Jacob shares how security teams should think about enabling innovation without sacrificing visibility. The conversation explores agent security, auditability challenges, identity and authorization concerns, and why traditional controls like least privilege still matter in an AI-driven world.
They also discuss the operational reality of agents acting on behalf of users, how security teams can maintain traceability, and why the business risk of under-adoption may be just as serious as the technical risk of over-adoption.
This episode is essential listening for CISOs, security leaders, and practitioners navigating AI adoption, enterprise risk, and modern identity security.
Listen and Subscribe
Spotify → https://open.spotify.com/show/7JvPsyMJPgVLOKuJhkKfxA?si=ef91ded2b8ac4eef
Apple Podcasts → https://podcasts.apple.com/us/podcast/the-tprm-podcast/id1848217699
YouTube → https://www.youtube.com/@TPRMPodcast
Episode Sponsor
This episode features a message from TrustMind, a security questionnaire automation platform designed to help teams respond more quickly and consistently to vendor security reviews.
Learn more at → https://trustmind.com
About the Guest
Jacob DePriest is the Chief Information Security Officer at 1Password. He leads security strategy and operations, focusing on balancing innovation, usability, and strong enterprise-grade controls in a rapidly evolving AI landscape.
About the Host
Nate Lee is a B2B Scaleup CISO and Founder of Cloudsec.ai & TrustMind, helping SaaS companies build business-aligned security programs that increase developer velocity, strengthen trust, and support rapid growth.
About the Show
The TPRM Podcast features real-world conversations with security leaders reshaping how we think about risk, uncovering the threats, pitfalls, and myths behind modern cybersecurity programs.