On the 32nd episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton talk with Yaron Levi, Chief Information Security Officer at Dolby, a pioneer in media and audio technology whose products reach creators and consumers around the world. Levi’s background spans healthcare, fintech, and global marketplaces, experience that informs how he protects Dolby’s innovation engine. In a landscape saturated with new tools and bold claims, his focus is plain: apply operational discipline to the basics, pair it with agentic AI where it meaningfully reduces toil, and translate both into outcomes the business values.
Levi’s motivation is grounded in mission and community. Early in his cyber journey, he says he “found my calling or found my home, if you will.” He describes cybersecurity as “a mission that is worth fighting for,” strengthened by a community where “there’s always somebody who’s gonna have your back.” That mindset shows up in how he leads. The goal is not shiny controls for their own sake. It is protecting how the company serves its customers and creators, with a team that learns together and supports each other when the pressure spikes.
From there he works backward from outcomes. As he puts it, “First of all, what’s the business mission? What’s important for the business?” That question anchors a threat modeling exercise that asks what can go wrong and how it can go wrong, then maps to concrete countermeasures. The punch line is prioritization. After translating controls into capabilities across people, process, and technology, Levi is comfortable acknowledging constraints. Sometimes the analysis yields “a list of like 700 things.” The job is to partner with the business on budgets and risk appetite, do the top items that matter now, and explicitly manage the remaining gaps.
Levi points out that the biggest losses still come from stubborn fundamentals. Zoom out across industry data and you see the same root causes: “Unpatched systems, misconfigurations, compromised credentials.” He frames these failures as “a form of technical debt” driven by “a lack of operational discipline” across IT and engineering. The prescription is rigorous but not exotic. Know your inventory and keep it current, which now includes AI agents as first class assets. “Do you know what your inventory is? … And now it’s like agents.” Pair that visibility with strong configuration management, access control, and network segmentation. Do those consistently well and the risk surface shrinks dramatically.
So where does AI change the game. Levi avoids both panic and pixie dust. Attackers do not need advanced models to exploit weak basics. As he explains, “More than likely, I don’t need a cruise missile… If I just kind of walk in with a lockpick set and just going to open the door.” The more promising story is on defense. Teams can use automation to attack the mountain of toil that has outpaced humans for years. In Levi’s words, “Maybe with some AI, agentic AI, maybe we have some chances to deal with it better.” He sees clear opportunities to discover forgotten systems, reconcile identity sprawl, and enforce configurations continuously, while also treating agent inventories and data exposure risks as part of the core control stack from day one.
His leadership advice focuses on people. For first-time CISOs, success starts with trust and relationships. “It’s focused on building relationships and it’s focused on the people.” Staying current is also a team sport. Levi encourages leaders to learn with the community and to use AI as a study partner. “I leverage some tools to help me synthesize information and read information.” The operating principle is simple and demanding. Execute the fundamentals with discipline. Automate where it truly helps. Keep the business mission in view.
Listen to Yaron’s episode here and read the transcript here.
