“The biggest mistake companies make,” says Amir Vashkover, “is thinking cybersecurity is just about stopping hackers. It’s not. It’s about enabling trust in an age where machines can deceive as well as humans.”
As the 2025 Most Dynamic Cybersecurity Expert & Business Leader of the Year, Vashkover has spent the past decade anticipating digital threats before they emerge. But today, his focus is on a far more complex challenge: securing enterprises in the era of generative AI.
The cybersecurity landscape has undergone a seismic shift. Where once firewalls and endpoint protection sufficed, now deepfake fraud, AI-powered phishing, and autonomous malware demand a radical rethink of defense strategies. Vashkover, who leads data security strategy at Philips, is successfully navigating this transition—balancing innovation with ironclad security.
His approach? “Get things started, and then completed.”
The New Age of Cyber Threats
Vashkover notes, “Traditionally, enterprises have contended with well-known cyber risks: ransomware, phishing, insider threats, misconfigurations, and supply chain vulnerabilities. However, the landscape has fundamentally shifted with the arrival of GenAI and LLMs.” These advancements have democratized cyberattacks, enabling even those with limited technical expertise to launch sophisticated assaults.
At Philips, the response is multifaceted. Vashkover emphasizes the importance of a proactive approach: “Mitigation in this new environment starts with a proactive mindset. We can’t rely on legacy playbooks. Our defenses must evolve just as quickly as the attack vectors.” This philosophy is embedded in Philips’ strategy, which integrates AI-powered threat detection, behavior analytics, and automated response systems to counteract emerging threats.
Balancing Innovation with Protection
The integration of AI into healthcare presents both unprecedented opportunities and significant risks. Vashkover acknowledges the transformative potential of AI but cautions against unchecked adoption. “The real challenge is balance. On one hand, restricting access to LLMs stifles innovation and slows down productivity. On the other, unrestricted use opens the door to data leaks, model inversion attacks, and regulatory non-compliance.”
To navigate this delicate balance, Philips has developed a purpose-built LLM risk management framework. This holistic approach encompasses tool vetting, contextual data usage governance, user behavior monitoring, and education. Recognizing the challenges posed by Shadow AI—the unsanctioned use of generative AI tools by employees – Philips focuses on categorizing AI tools by risk tier, monitoring for anomalies, and training users to distinguish responsible from irresponsible use.
A Cultural Shift in Cybersecurity
Vashkover envisions a future where cybersecurity transcends tools and becomes ingrained in organizational culture. Drawing an analogy to drowsy driving, he states, “Drowsy driving is a known hazard, yet it’s not one of the top 12 causes of fatal accidents in the U.S. Why? Because people understand the risk, take ownership, and act accordingly.” He believes that as digital natives enter the workforce, cybersecurity literacy will become as fundamental as financial literacy, with common sense serving as a primary line of defense.
However, he also warns of the potential pitfalls of overreliance on AI. “We must be prepared for the intersection where machine capabilities exceed human judgment – and ensure safeguards are in place long before that moment arrives.”
Strategic Initiatives every enterprise must kick off
Vashkover’s 3-layer strategy to fortify enterprise’s cybersecurity posture:
- Secure AI Enablement: Developing frameworks and infrastructure to enable secure, large-scale use of GenAI across the organization, ensuring innovation is achieved safely.
- Zero Trust Evolution: Moving beyond traditional perimeter defenses, Philips is implementing adaptive access controls, micro-segmentation, and continual risk-based authentication to safeguard its hybrid, cloud-first environment.
- Data Governance for a Federated Ecosystem: Building scalable data governance architectures that ensure security, privacy, and compliance without sacrificing agility, particularly in highly regulated environments like healthcare and other critical industries.
According to Vashkover the key for the business success is aligning business innovation with cyber strategy, ensuring executive buy-in, and operationalizing security in a way that accelerates, rather than hinders, business progress.
Ethical Leadership in Cybersecurity
In the realm of cybersecurity, ethical dilemmas are inevitable. Vashkover emphasizes the importance of intent, transparency, and boundaries. “Ethical leadership means making hard decisions in gray areas – and being willing to say ‘no’ when something crosses a line, even if it’s technically permissible.” He advocates for a transparent approach, educating stakeholders on the rationale behind security measures and fostering a culture of trust.
This ethical framework extends to the responsible use of AI. Philips’ AI principles—well-being, oversight, robustness, fairness, and transparency—guide the development and deployment of AI solutions, ensuring they benefit individuals and society while mitigating potential harms.
Preparing for the Future
Looking ahead, Vashkover offers strategic advice for cybersecurity leaders:
- Individual Level: Cultivate curiosity and build internal AI fluency. Understanding how LLMs work and experimenting with tools can lead by example and foster a culture of safe innovation.
- Department Level: Create a safe innovation sandbox, enabling teams to build proofs-of-concept and explore efficiencies within structured boundaries and defined risk tiers.
- Organizational Level: Elevate AI governance to the board level, establishing AI Risk and Ethics Committees, cross-functional ownership, and AI-specific incident response plans. Recognize that AI is not just a tool but a new category of enterprise risk.
Vashkover adds, “Your role as a cybersecurity leader is not to resist AI—but to enable it responsibly.”
The Architect of Tomorrow’s Cyber Defenses
Amir Vashkover doesn’t just defend against threats—he redefines what defense means. In a world where AI blurs the line between attacker and protector, his leadership offers a blueprint for resilience.
As he stands to wrap it up, he offers one last insight: “The next big cyber threat hasn’t been invented yet. And as always – it’s going to be either winning or coming up with excuses.”
