In this episode of The CTO Show with Mehmet, Mehmet sits down with Tim Freestone, Chief Strategy Officer at Kiteworks. AI is already inside the enterprise, but control is not keeping pace.

The conversation reframes AI security as a data control problem rather than a tooling problem. Tim argues that agents are not just another interface. They act, call tools, move data, and introduce a new identity layer that most enterprise security architectures were not designed to govern.

If you are leading, securing, building, or investing in enterprise AI systems, this conversation clarifies where the real risk sits: data access, agent identity, sovereignty, and governance.

About the Guest

Tim Freestone is the Chief Strategy Officer at Kiteworks, a company focused on secure content communication and data protection. His background includes roles at Contrast, Fortinet, NetApp, and over 10 years running his own business supporting technology and cybersecurity companies.

Tim brings more than 22 years of experience across cybersecurity, strategy, go-to-market, and enterprise security. His perspective is grounded in how enterprises are actually deploying AI, where governance is lagging, and why data layer control is becoming central to AI security.

LinkedIn: https://www.linkedin.com/in/freestone/
Website: https://www.kiteworks.com

Key Takeaways

• AI adoption is no longer waiting for enterprise readiness or formal governance.
• Employees are already creating shadow AI risk through uncontrolled tool usage.
• AI agents introduce a new identity layer that security teams must govern.
• Data protection becomes harder when agents can access information at machine speed.
• Sovereignty is no longer just about where data is stored.
• Frontier AI models force enterprises to choose between control and capability.
• Security architectures built around infrastructure need stronger data layer controls.
• AI-powered vulnerability discovery changes the speed and scale of cyber risk.

What You Will Learn

• The difference between chatbots, copilots, and agents in enterprise environments.
• How uncontrolled AI usage creates hidden exposure inside organizations.
• Why agent identity needs to be governed like human identity.
• The reason data security becomes the starting point for AI governance.
• How sovereignty changes when enterprise data moves through external models.
• What CTOs and CISOs should prioritize when AI enters production.
• Why AI-specific security roles are becoming necessary inside enterprises.

Episode Highlights

00:00 - Why AI security starts with enterprise readiness
02:30 - AI is being deployed before governance catches up
04:30 - Agents act differently from chatbots and copilots
07:00 - Shadow AI creates a new enterprise exposure layer
10:30 - AI agents become new actors inside security architecture
13:30 - Data layer control becomes the security priority
15:00 - Sovereignty becomes harder when AI moves data
18:30 - On-prem interest returns as control concerns rise
24:00 - AI models change the vulnerability discovery equation
29:30 - Agent native security starts with controlled data

Listen Now

Available on all major podcast platforms and YouTube.

Connect with the Show

Follow The CTO Show with Mehmet for more conversations at the intersection of technology, startups, and venture capital.