Exclusive: Netskope’s Tony Burnside on why AI guardrails are vital for security shift

Cyberattacks are escalating at a pace that has never been seen before.

That was the warning from Tony Burnside, Senior Vice President and Head of APAC at Netskope, during a recent interview with TechDay.

He said the explosion of breaches and AI misuse is "forcing companies to rethink security from the ground up."

Burnside pointed to figures showing that the Australian Signals Directorate responded to more than 1,100 breaches.

He said the challenge for businesses was that Australia, despite representing just a small share of the global user population, had become an attractive target.

"A major threat for local workers is credentials theft," he explained. "These business applications that employees implicitly trust are often impersonated by attackers, and when they receive a link to confirm or reset their credentials, they might not question it. That's where the risk lies."

One of the most pressing topics, Burnside said, was how enterprises handle the rapid adoption of AI tools.

"A very large majority of Australian businesses are detecting generative AI usage among their workforce," he noted. But while blocking tools until they are secure might sound like the safe option, he argued it was not the best approach.

"I think blocking AI tools until you've properly evaluated them is the right thing to do. But if those tools end up serving a legitimate business purpose, the end goal is to enable them as quickly as possible with the right security guardrails. Otherwise, employees might find potentially risky ways around the block policy, like using personal devices and accounts that security teams can't monitor or secure."

The problem, he added, was that employees often used such tools with good intentions, whether to boost efficiency or enhance a report.

"Risks emerge with non-sanctioned applications. You don't have those guardrails, you're just exposed anywhere and everywhere," Burnside said. For that reason, organisations are now moving to provide corporate-sanctioned AI tools.

"That doesn't mean they're not still using others, but this is the first time we've seen ChatGPT usage drop a little as genAI tools like Gemini or Copilot, which are integrated into larger productivity suites, are prioritised by organisations as sanctioned tools," he explained. 

Burnside stressed that Netskope is working to keep productivity high without exposing businesses to risk.

"If a user protected by Netskope was trying to use a non-sanctioned platform to make a PowerPoint look better, our system would block them if corporate information is in the document." 

"It would say 'You're trying to send sensitive information into ChatGPT. You can use Gemini instead as this is our corporate-approved genAI tool.' That way employees can work smarter without compromising security." 

The company also employs coaching prompts that encourage staff to think before taking risky steps. 

Netskope has invested heavily in infrastructure across Australia and New Zealand, with eight local data planes already in place.

Burnside said the move reflected both demand and the need for performance. "We invested very early in this region," he said. "About nine years ago it felt like Australia was behind the US in adoption of modern security. I think we've caught up, and now it doesn't feel that different anymore." The company's strategy is to add capacity as soon as any data plane reaches 30% utilisation. That has already driven new deployments in cities such as Brisbane and Perth. 

Globally, Netskope has built 120 data centres across 75 regions, which Burnside said gave the company a real edge. "It means we can steer around issues on the internet," he explained. "We control our destiny in terms of interconnects. I believe our NewEdge infrastructure is a huge advantage."

He pointed to fibre cuts and poor telco interconnections in certain regions as examples where Netskope's network makes a critical difference.

"An example is China, where employees need high performance too, but it's a very different environment that you need to know to build an infrastructure that delivers," he said. 

"Asked how Netskope stands apart from rivals who also promise 'security and performance without compromise', Burnside said that "For us, the differentiator is the NewEdge infrastructure. You can't deliver both without an infrastructure like ours." 

"For us, the differentiator is the NewEdge infrastructure. We couldn't have delivered what we have without it."

He recalled the decision nearly a decade ago to recruit a senior AWS leader to spearhead the buildout.

"His first message to me was, Tony, the internet's broken and I want to help fix it. I thought that's a big statement. But anytime we can eliminate a hop on the internet, that's what we do."

And for Netskope's customers, the feedback is clear. "The number one thing we hear from them is that they need a platform that can adapt to an ever-changing threat and risk landscape, without hindering innovation and performance," Burnside said. 

"The velocity of AI adoption is like nothing we've seen before, and other trends and technologies like quantum will follow suit, and you need a security platform that adjusts to these shifts."