As CTOs endeavor to take a breath after a breakneck year of keeping up with continual upheaval in engineering patterns due to AI, the flipping of calendar pages is a perfect time to evaluate what's working and what's not from a security perspective.
Dark Reading recently caught up with a panel of software engineering, product security, and cybersecurity experts to discuss the top resolutions that security-minded CTOs should make in the coming year. Here are their top five picks.
Operationalize AI Governance
Security-minded CTOs have been scrambling to keep up with AI-first directives from the boardroom while also helping manage the exposure that AI deployments introduce. For many, 2026 will be a year in which engineering and product leaders resolve to operationalize the security over AI "as a system, not a series of one-off mitigations," says Sam Dhar, staff software engineer at Galileo.
Even if an organization has already put pen to paper regarding how it wants to govern the use of AI in its software and digital ecosystems, these policies mean very little if they haven't taken steps to enforce them with repeatable controls.
"CTOs play the decisive role because they own the engineering systems where governance must live. In practice, that means defining what 'secure to ship' looks like for AI features, investing in a paved-road architecture [like] model gateways, policy enforcement, standardized telemetry, and making compliance the easiest path for teams," says Dhar, who has also done stints leading development efforts at Adobe and Amazon.
Related:Industry Continues to Push Back on HIPAA Security Rule Overhaul
CTOs can make good on this resolution by starting with inventory they trust, such as models, data flows, and third-party dependencies, and enforcing standardized deployment paths. The goal is to consistently apply policy, observability and access controls, Dhar says.
"If teams can route around your controls, you don't have governance—you have suggestions," he says.
Start Building Out MCP Security Controls
... continue reading