Block's CISO James Nettesheim on How 40% of Their Detections Are Now Written with AI

What if the real risk isn't adopting AI agents, but refusing to? James Nettesheim, CISO & Head of Enterprise Technology at Block, argues that principled risk-taking beats playing it safe. James shares Block's journey co-designing the Model Context Protocol with Anthropic and building Goose, their open-source general-purpose agent that enables anyone in the company to write security detections using natural language.

James also explores Block's Binary Intelligent Triage system achieving 99.9% accuracy, their data safety levels framework, and practical strategies for balancing autonomous AI capabilities with human oversight. James offers candid insights about implementing AI security principles, the evolution from tool experts to domain experts, and why open source remains fundamental to Block's mission of economic empowerment and technological innovation.

Topics discussed:

• Co-designing of MCP with Anthropic and developing of Goose as an open-source general-purpose AI agent

• Implementing prompt injection defenses and adversarial AI concepts to harden Goose against malicious instructions and attacks

• Rolling out AI responsibly through data safety levels modeled after CDC bio-contamination protocols for sensitive data handling

• Democratizing detection engineering by enabling anyone at Block to write detections using natural language

• Achieving 40% of new detections created with AI assistance through recipes, playbooks, and automated tuning capabilities

• Building Binary Intelligent Triage system that analyzes historical alerts and investigations to achieve 99.9% automated triage accuracy

• Balancing autonomous AI capabilities with human oversight, requiring PR reviews and maintaining accountability for agent-generated code

• Transitioning from tool expertise to domain expertise as the future skill set needed for detection and response professionals

• Block's commitment to open source development driven by economic empowerment mission and desire to build accessible financial tools