AI Appreciation Day — Don’t Forget What Makes it Work

Every July 16 is Artificial Intelligence Appreciation Day. However, I think we can agree that we are a ways off from ubiquitous “appreciation.” There is still quite a bit of fear, uncertainty, and doubt surrounding it. Yet, love it… hate it… or simply playing your cards close to the vest and waiting to see how this all plays out, it would be tough to disagree that AI is transforming industries at an incredible pace. 

And while there is no shortage of fun and fascinating stories around how AI is being used to transform virtually every industry, as well as our personal lives, it is important that we keep our eye on the ball and never stop thinking about what it takes to make AI reliable, safe, and truly ready for the real world.

Don Boxley, CEO and Co-Founder of DH2i:

“I really like the idea of AI Appreciation Day. Not because AI needs a birthday, but because it provides a moment to take a step back and appreciate the holistic picture of all the components that go into making these applications work and bring value to our everyday lives.

Generally, when people talk about AI, they almost always jump straight to the models. They want to talk about GPUs, NVIDIA, training, inference – all the ‘sexy’ stuff. That’s fine and good. But AI doesn’t know anything by itself. All that information that makes it so useful needs to come from somewhere. And for many organizations today, that’s databases like SQL Server. The reality is, if the database goes down, AI doesn’t suddenly become intelligent enough to work around it. It just stops being useful. So, this year on AI Appreciation Day, let’s remember that while it is critical to spend time thinking about how to make AI smarter, easier to use, and faster… we need to also remember that none of that matters if the data can’t answer when AI calls.”

Anoop Dawar, Chief Strategy Officer (CSO) of Deepgram:

“We’ve seen Salesforce acquire Fin, SpaceX pay $60 billion for Cursor, and OpenAI stand up a $10 billion deployment company – three very different bets on the same scarce thing: teams that can make AI agents work reliably in the real world, not just in a demo. That capability has quietly become the most valuable asset in software, because these are probabilistic systems that drift and have to be measured and monitored continuously to stay accurate. And it gets hardest in voice – real-time, unforgiving, no second take – which is exactly where the next phase of this race will be won.”

Ganesh Padmanabhan, CEO and co-founder of Autonomize AI

“When people talk about appreciating AI, they often focus on what the technology can do. I think we should appreciate it for something much more important: its ability to give people their time and expertise back. In healthcare, some of our most experienced clinicians spend huge portions of their day navigating administrative processes instead of caring for patients. AI gives us an opportunity to change that. Not by replacing clinical judgment, but by making that expertise available more quickly, more consistently, and at a far greater scale. If AI allows a nurse to spend more time with patients instead of paperwork, or helps someone access treatment days or weeks sooner, that’s something worth celebrating.”

Poonacha Kongetira, Co-founder and CEO, Classie:

“AI Appreciation Day shouldn’t just be about celebrating what AI can do. It should also be a reminder to use it responsibly. Across many organizations, AI is spreading faster than the policies, knowledge, and governance needed to support it. That’s creating a new form of shadow AI where employees rely on disconnected tools, inconsistent information, and prompts that no one can oversee. AI delivers its greatest value when it becomes part of a trusted knowledge ecosystem, not when it operates in isolation.” – 

Binny Gill, Founder and CEO, Kognitos:

“AI Appreciation Day feels a little like throwing a party for fire. Fire cooks your food and heats your home, and it also burns the house down. What fire deserves isn’t applause, it’s respect, and a smoke detector. AI is the same. Every prior general-purpose technology – electricity, the automobile, aviation – got safer because we treated it as dangerous first and useful second. With AI we’ve reversed the order, and that worries me. If we want a day worth celebrating, make it AI Accountability Day. Appreciate the systems that can be audited, that ask before they act, and that keep a human in the loop. Those are the ones that earn it.” – 

Robin Gilthorpe, CEO, Earnix:

“AI Appreciation Day is a good opportunity to move beyond the hype and ask a more important question: what kind of AI do insurers actually need? General-purpose AI can generate impressive answers, but insurance isn’t a general-purpose business. Every pricing decision, underwriting recommendation, and customer interaction needs to reflect regulation, business strategy, portfolio performance, and customer context. That’s why I believe the future belongs to vertical AI, purpose-built for insurance. AI becomes genuinely valuable when it understands the business it’s helping to run, not just the language people use to describe it.” – 

Ravi Achanta, Founder and CEO, RSA America:

“AI Appreciation Day should be more than a celebration of artificial intelligence; it should be about championing better business decisions. Working with independent grocers and smaller retailers, we see that AI represents a chance to achieve the kind of business visibility and insight that has long given larger chains a competitive edge. But that potential can only be realized with the right foundation. When customer, promotion, e-commerce, and loyalty data remain trapped in disconnected systems, AI simply amplifies those silos instead of delivering meaningful intelligence. Retailers that unify their commerce data and connect their operations using AI will improve margins, personalize shopper experiences, and compete with far greater confidence. That’s the AI worth appreciating.” – 

Rohit Gupta, CEO, Auditoria.AI

“The first generation of enterprise AI proved that machines could generate answers. The next generation has to prove they can generate business outcomes. Finance is where that transition is happening first because every recommendation must be explainable, every action must be governed, and every result must stand up to scrutiny. That’s why AI Appreciation Day is no longer about celebrating possibility. It’s about recognizing that AI is becoming operational infrastructure for the modern Office of the CFO.”

Karl Bagci, Director of IT and Information Security, Exclaimer 

“AI Appreciation Day is a good reminder that AI’s greatest value isn’t in replacing people. It’s in removing repetitive work so people can focus on higher-value decisions. But AI is also exposing something many organizations have overlooked for years. Communication governance gaps that once affected a handful of messages can now be replicated at scale in seconds. AI hasn’t created those problems. It’s simply made them impossible to ignore. That’s why organizations need to think about governance before they think about automation.”  

Paul Stokes, Co-Founder and CEO, Prevalent AI

AI deserves appreciation, but not blind admiration. It is has already changed the pace of cyber risk. Attackers can move faster, test more ideas, and find exploits at a scale that security teams were not built for. This does not make AI bad, but it makes AI-enabled visibility and governance essential. Businesses need to understand where AI is being used, which models they depend on, and where those dependencies create exposure.. Companies need to do the hard work of analyzing both their use of AI, and the data that drives it, or they run the risk of becoming its victim.”

Michael Centrella, Head of Public Policy at SecurityScorecard:

“Artificial Intelligence Appreciation Day is a good moment to recognize the progress AI is enabling across the enterprise. In cybersecurity, that progress is changing not only how defenders work, but also how organizations think about risk across their broader digital ecosystem.

Agentic AI is quickly becoming an extension of the vendor landscape. That creates new questions about what these tools can access, what actions they can take, and how organizations govern non-deterministic systems. But it also creates real opportunity. AI agents can help security teams take on time-consuming, repetitive work and close knowledge gaps so people can focus on higher-skill, higher-complexity problems.

That balance is especially important in a post-Mythos world. AI is compressing the time it takes to discover vulnerabilities and the time it takes to compromise systems. Defenders will need to apply AI just as thoughtfully, using it to connect signals across vendors, partners, software providers, and digital supply chains before small exposures become larger incidents.

National AI Day is a reminder that responsible AI is not only about innovation. It is about using powerful technology to build a more secure, transparent, and resilient digital ecosystem.”

John Bruggeman, vCISO at CBTS:

“AI Appreciation Day is a timely opportunity to recognize the meaningful progress organizations are making with AI and it’s what this day is for, just like National Ice Cream day! Across industries, teams are using AI for many amazing things, in cybersecurity AI is being used to improve network traffic (traffic analysis), pinpoint the big security incidents from the flurry of issues (accelerate security triage), identify the real threats in the log files (support better decision-making), and create stronger experiences for employees and customers.

The next phase is making this kind of AI value dependable. AI assistance is most effective when it is supported by clear governance, valid and reliable data, strong identity controls, and visibility into how tools are being used across the business. That foundation allows leaders to take appropriate risks and avoid disasters, while moving as quickly as the market demands. 


For many organizations, the challenge is that AI adoption is advancing faster than the operating model around it. Smart organizations are enabling employees to test tools, build better, more efficient workflows, and create practical use cases in real time, in a safe and secure manner. That momentum can be a positive sign, but only if the organization has visibility into what is happening and can guide it responsibly. Without approved, practical pathways for AI use, this kind of employee experimentation can quickly move into the shadows in ways that expose an organization to significant risk.


For executives, the measure of AI maturity should not be how many pilots are underway. It should be whether the organization understands where AI is interacting with corporate data, business and customer workflows, user and administrative identities, and real-time decision making. Companies that can answer those questions and act on them will be best positioned to move from experimentation to sustained business value.”

Joseph Perry, Cybersecurity Researcher and Advanced Services Lead at Arcova:

“AI Appreciation Day is an unusual thing; a day dedicated to a commercial technology. We don’t treat any other technology in this way, because no other technology has done quite so much to capture the human imagination and incite our dreams of the future. What’s important on this day is not just recognizing the value and potential of this technology but, more importantly, the ways in which it can be of real benefit. And the ways it can’t.
 
The real test of AI maturity is not how many tools a company has deployed or how often employees use them. It is whether leaders can clearly explain what problem the technology solves, what it costs at scale, what data it can access and where human judgment is still required. Deploying AI is not proof that transformation has taken place. No matter what the hype might claim, no technology, not even the most sophisticated, is inherently transformational. Transformation is the result of technological potential applied the solution of human problems.
 
That is why implementation should not begin with a mandate to use more AI. It should begin with a specific process that is slow, repetitive or difficult to scale, followed by a clear assessment of where and whether AI can improve the outcome. From there, organizations need to determine how the technology will fit into existing workflows, who is accountable for the result and what happens when the system gets something wrong. Without that foundation, AI can create more complexity than capacity.
 
Leaders also need to look beyond the tools they choose to deploy. Employees may already be using public models, vendors may add AI features with little notice and threat actors are using the same technology to increase the speed and volume of their activity. An organization’s AI posture is shaped not only by its own decisions, but also by how AI enters the business through people, partners and adversaries.”

Chance Caldwell, Senior Director of PDC Threat Services at Cofense:

“AI Appreciation Day is a useful moment to celebrate the progress AI has enabled, but for cybersecurity leaders, it should also prompt a more practical question: how do we defend against a technology that is now accelerating both innovation and risk?

In email security, AI has become a force multiplier for defenders and attackers alike. Security teams can use AI to analyze patterns, automate workflows, and scale detection. At the same time, threat actors are using AI to create more polished, personalized, and convincing phishing campaigns. The old tells, such as awkward grammar, generic messaging, or obvious errors, are becoming less reliable as AI helps attackers make malicious emails look routine, relevant, and business-like. AI is also enabling attackers to generate and launch these campaigns at greater speed and scale, increasing the overall volume of threats organizations must now contend with.

This creates a real challenge for defenders. AI-based security tools are powerful, but attackers are constantly testing new tactics that may not match known patterns. From brand impersonation and credential phishing to QR codes and trusted-service abuse, these campaigns are designed to evade traditional gateways and reach users directly.

The organizations best positioned for this next phase will be those that combine AI-driven defense with human intelligence. Employees who are trained to recognize and report suspicious activity are not the weak link; they are a critical signal source. National AI Day should remind security leaders that the future of cyber defense is not AI replacing people, but AI strengthened by people.”

Pete Luban, Field CISO at AttackIQ:

“AI is giving security teams faster ways to analyze risk, but faster analysis does not always lead to better decisions. Most organizations already have more findings than they can realistically address. The harder question is which exposures deserve attention first and whether current defenses can actually stop them.

By connecting threat intelligence with asset context and security control performance, AI can help narrow that field. It can surface the weaknesses most likely to create a real attack path and give teams a clearer basis for what to test next. That brings more focus to each stage of a CTEM program.

The recommendations still need proof. Teams should be able to validate whether an exposure is exploitable, take corrective action, and confirm that remediation worked. AI can accelerate the process, but evidence is what turns speed into measurable risk reduction.”

Ross Filipek, CISO at Corsica Technologies:

“AI adoption is moving quickly across the midmarket, often without a formal strategy behind it. Employees are already using public tools for customer support, content creation, analysis, and everyday problem solving. That creates immediate questions about sensitive data, access, and accountability.

Most midmarket businesses do not have dedicated teams for AI governance, cybersecurity, and compliance. They need practical support that connects those responsibilities. Managed service providers can help evaluate tools, establish clear usage policies, and monitor how AI is being used across the organization.

The goal should not be to block experimentation or chase every new platform. Businesses need a safe path to adoption. That starts with visibility, sensible controls, and a clear understanding of where company data is going.”

Isaac Evans, founder and CEO at Semgrep:

“Models like Mythos and GPT-5.6 are raising expectations for what AI can do in application security. They can reason through complex code paths, assess whether a weakness is exploitable, and surface issues that older approaches may miss.

The bigger lesson is that model capability alone is not enough. Even a strong model can overlook important parts of a repository without the right context, code selection, and analysis around it. If these models are the new intelligence layer, the harness for the model is the corporate organization. Just as an individual researcher depends on a team, AI-powered vulnerability researchers will need a supporting system that directs their work and checks their conclusions.

Security teams should focus on building workflows that give these models the right code, validate their findings, and explain why an issue matters. The exact structure is still unproven, but early results suggest these systems could become valuable members of the application security team rather than standalone replacements for it.”

Joshua Roback, Principal Security Solution Architect at Swimlane:

“AI is changing cybersecurity on both sides of the equation. Attackers are using it to move faster and scale their operations, while defenders are still burdened by fragmented tools, overwhelming alert volumes, and repetitive manual work. The real promise of AI in security isn’t simply producing more information. It’s turning that information into action.

Swimlane’s approach combines expert AI agents with automation to help security teams investigate threats, coordinate decisions, and execute response steps with human oversight and clear guardrails. Within Swimlane’s own SOC, this approach cut mean time to resolution by 51%, reducing it from 18 minutes to under nine minutes. This gives analysts more time to apply judgment where it matters most, while routine work happens at machine speed. As threats become more autonomous, cybersecurity needs AI that can move beyond recommendations and help defenders respond with confidence.”

Piyush Sharma, co-founder and CEO at Tuskira:

“Security teams do not have a shortage of information. They have vulnerability data, threat intelligence, alerts, and asset context spread across disconnected systems. The harder problem is turning those signals into one clear decision.

Agentic AI can help connect that picture. It can examine a new threat, determine whether the organization is exposed, trace a likely attack path, and assess whether existing controls would stop it. That context can then move directly into investigation and response.

This gives threat intelligence a more active role in security operations. Instead of remaining a feed that analysts must interpret on their own, it can help shape what the team does next. The value is not another AI-generated summary. It is a system that explains why a threat matters in a specific environment.

When AI connects exposure, intelligence, and response, security teams can act earlier and spend less time sorting through signals that do not require attention.”

Justin Beals, CEO & Founder, Strike Graph:

“AI appreciation shouldn’t mean blind trust. It should mean respect for what these systems actually are.

I don’t buy the AGI hype and I don’t buy the doomsday version either. AI is a cultural artifact. It reflects the judgment of the people who build it and the governance we put around it. That’s worth appreciating, and it’s worth taking seriously.

Here’s what I appreciate most. AI can finally do the low-skill, repetitive work that used to eat weeks of a security team’s time, evidence gathering, control mapping, questionnaire responses. That’s real. I’ve lived it.

But appreciation without governance is how you end up with agents holding the same access as the humans they’re working for, minus the accountability. The organizations getting real value out of AI right now are the ones treating it like a system that needs oversight, not a tool you turn loose and forget. Human judgment doesn’t go away with agentic AI. It just moves to a different place in the process.”

Dave Hayes, Vice President of Product at FusionAuth:

“An AI agent is not a new user to authenticate. It has no authority of its own; it acts for a human, and that human is where the authority comes from. So the question isn’t whether the agent is legitimate, but whether it can do only what its human owner is already allowed to do. Policy can’t enforce that. People follow the rules partly because breaking them gets you fired, and an agent has no job to lose. Give it a goal and it treats your policy as an obstacle to work around. We surveyed 300 security and technology leaders: 84% of those most confident in their AI security had a confirmed AI-identity breach last year, most with governance they’d have called comprehensive. Architecture fixes this, not wording. AI is probabilistic, so your identity layer has to be deterministic.”

Leave a Reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading