The 2026 BSides Vancouver theme perfectly captures the current state of enterprise security. As organizations rapidly adopt AI capabilities, the attack surface has expanded far beyond simple chat interfaces and into the core of how businesses operate. Security operations teams are now tasked with defending a complex, multi-layered AI ecosystem, often without the necessary visibility, standardized tooling, or established playbooks.
This presentation moves past the hype to break down the practical realities of Incident Response (IR) across the complete AI architecture. We will explore the specific threats, telemetry blind spots, and triage strategies associated with four distinct pillars of enterprise AI adoption:
- The AI Pipeline & MLOps: Defending the supply chain.
- Locally Hosted AI Applications: The unique IR challenges of managing self-hosted open-source models.
- Agentic Workflows: Triaging incidents when autonomous systems go off the rails.
- Widespread LLM Usage: Managing the daily operational risks of enterprise LLM adoption, from analysts without Pandas familiarity using LLMs to generate Python code for Jupyter notebooks, to standard prompt injection and data leakage in corporate applications.
Attendees will leave with a pragmatic framework for adapting their current IR capabilities to this new reality. We will outline actionable steps to update response playbooks for AI systems and build the necessary cross-functional workflows between security, data science, and engineering.
