New Delhi, March 2 -- As artificial intelligence reshapes enterprise IT, it is also redrawing the cybersecurity battlefield. Attack cycles are shrinking from days to seconds, non-human identities are proliferating, and software supply chains remain a prime target. In a conversation with TechCircle, Mandy Andress, Global Chief Information Security Officer (CISO) at Elastic, a search analytics firm, discusses how the company is recalibrating its security strategy for an AI-first era, the board-level focus on third-party risks, and why India's skills gap and data sovereignty debates are central to its growth story. Edited excerpts.

Elastic operates at the intersection of rapid innovation and open source. How do you balance speed, scale and security across products and teams globally?

Speed, scale and relevance have been core to Elastic since its early open-source days. The community model inherently drives faster innovation, but it also requires disciplined engineering practices and embedded security controls. At scale, it's no longer about adding people. It's about leveraging automation, analytics and AI to maintain velocity without compromising governance. The speed of search, analytics and response built into our platform helps customers-and our own teams-meet modern security demands where reaction times are measured in seconds.

What are the top security threats Elastic is prioritising in 2026, and how is your strategy evolving?

Over the past few years, we've invested heavily in securing non-human identities, anticipating the surge in automation and AI agents. Now, with AI embedded in daily operations, the biggest shift is attack velocity. Threat actors are using AI to move faster. What once unfolded over days now happens in minutes-or seconds. That changes everything. We are re-evaluating detections, response models and controls to ensure they function effectively in high-speed environments. Agility and automation are central to our security posture in the coming days.

Supply-chain and third-party risks have become board-level concerns. How is Elastic mitigating these risks?

There are two dimensions for us. First, traditional third-party vendors that support our business operations. Second, the software supply chain-open-source components and third-party libraries used in development. Malicious packages in repositories have become a major attack vector. We've strengthened controls, monitoring and validation processes across our development pipelines. On the vendor side, we conduct rigorous risk analysis before onboarding and structure integrations to limit blast radius in case of compromise. It's about visibility, segmentation and continuous assessment.

How is Elastic using AI and machine learning to improve threat detection and SOC efficiency?

Elastic has embedded machine learning in its platform for nearly a decade. What generative AI and large language models add is contextual intelligence. By connecting enterprise data with LLM capabilities, we can enrich analysis with broader knowledge and deliver more actionable insights. This significantly improves decision-making speed for security teams. It doesn't replace analysts-but it augments them, narrowing the effectiveness gap caused by talent shortages.

How does your roadmap align with frameworks such as Zero Trust, XDR and SASE? What should customers expect next?

Frameworks like Zero Trust guide our internal and product strategy. In an AI-driven world, least privilege and strong identity guardrails become even more critical-especially as non-deterministic agents perform tasks autonomously. You'll see continued focus on automation and agent-driven workflows. Capabilities like Agent Builder allow organisations to combine Elasticsearch data with LLMs, execute contextual workflows, and scale processes continuously. We also play a foundational role in AI infrastructure as a vector database supporting retrieval-augmented generation, helping reduce hallucinations in AI systems.

India is a fast-growing market for Elastic. What security challenges are enterprises here facing?

Two themes stand out: skills and sovereignty. The cybersecurity skills gap is acute, and enterprises are looking at AI to augment existing teams rather than simply hiring more talent. The second is data sovereignty-understanding where data resides and how workloads are managed as cloud adoption accelerates. AI adoption itself is also high on the agenda, both from a security and business value perspective.

How is Elastic adapting its strategy for Indian enterprises across sectors such as BFSI and IT services?

Indian enterprises, particularly in regulated sectors, need scalable analytics, strong identity controls and clarity around data governance. Our focus is on enabling faster insights from large volumes of data while maintaining compliance guardrails. AI-led automation, contextual search and secure cloud-native architectures are central to that value proposition. The goal is to help organisations modernise without increasing risk exposure.

India is also a major talent hub. How is Elastic leveraging the country for cybersecurity and R&D?

We have a growing presence in India, including security professionals who support global operations. India plays an important role in our follow-the-sun model and contributes to broader engineering and security initiatives. The depth of technical expertise here makes it a strategic location for long-term capability building.

As Global CISO, what changes are you preparing for over the next few years?

AI will fundamentally reshape how security teams operate. While it introduces new risks, it also offers enormous potential-faster pattern recognition, better anomaly detection and more precise response. Security controls, defence models and operating structures will evolve significantly. For those of us in cybersecurity, adaptability has always been essential. AI simply accelerates that evolution.

Published by HT Digital Content Services with permission from TechCircle.