Balancing the paradox of protecting one of the world’s leading travel, software and services businesses against the accelerating threats of AI illustrates why CISOs need to be steps ahead of the latest adversarial AI tradecraft and attack strategies.    

As a leading global B2B travel platform, American Express Global Business Travel (Amex GBT) and its security team are doing just that, proactively confronting this challenge with a dual focus on cybersecurity innovation and governance. With deep roots in a bank holding company, Amex GBT upholds the highest data privacy standards, security compliance and risk management. This makes secure, scalable AI adoption a mission-critical priority.

Amex GBT Chief Information Security Officer David Levin is leading this effort. He is building a cross-functional AI governance framework, embedding security into every phase of AI deployment and managing the rise of shadow AI without stifling innovation. His approach offers a blueprint for organizations navigating the high-stakes intersection of AI advancement and cyber defense.

The following are excerpts from Levin’s interview with VentureBeat:

VentureBeat: How is Amex GBT using AI to modernize threat detection and SOC operations?

David Levin: We’re integrating AI across our threat detection and response workflows. On the detection side, we use machine learning (ML) models in our SIEM and EDR tools to spot malicious behavior faster and with fewer false positives. That alone accelerates how we investigate alerts. In the SOC, AI-powered automation enriches alerts with contextual data the moment they appear. Analysts open a ticket and already see critical details; there’s no longer a need to pivot between multiple ...