Vernon Yai is a distinguished expert in the field of data protection, known for his deep focus on privacy protection and robust data governance. As a thought leader who has spent years navigating the complexities of risk management, Yai specializes in developing cutting-edge detection and prevention techniques designed to keep sensitive corporate information secure in an increasingly volatile digital landscape. In this conversation, we explore the recent shifts in AI security, specifically looking at OpenAI’s new session management tools and the broader, more systemic challenges posed by the rapid, iterative nature of generative AI models. We delve into how these new visibility tools provide a necessary but late-to-the-game layer of protection, the difficulties of building governance frameworks for nondeterministic systems, and why the industry must stop viewing AI as a static product and start treating it as a living, breathing system that requires constant re-evaluation.
The introduction of granular session controls allows administrators to view device types, locations, and sign-in times for the first time. How do you see these specific insights changing the day-to-day security posture for organizations that are part of the one billion monthly active users on these platforms?
The rollout of Active sessions is a vital development because it finally gives organizations a window into a previously dark room. By navigating to the security settings, administrators can now see a comprehensive list of known browser and app sessions across ChatGPT, Codex, and even the API Platform. They aren’t just seeing a name; they are seeing the specific device and browser being used, the approximate geographic location of the user, and the exact sign-in date and time. This level of transparency is essential for accountability because, in the past, a CISO might have had to rely on a blunt instrument like a total password reset to clear out potential unauthorized access. Now, they can surgically remove a single suspicious device or log out of a specific stale session that might have been left open on a public terminal. It moves the needle from blind trust to active verification, allowing teams to identify unauthorized access before it leads to a full-scale account compromise.
While these session controls improve visibility, many experts argue that the core problem remains a governance one. Why is it so difficult for enterprise risk and compliance teams to keep up with the continuous updates we see in models like the transition from GPT-5.3 to GPT-5.5?
The fundamental struggle is that governance is currently playing a permanent game of catch-up. When a model updates from GPT-5.3 to GPT-5.5 Instant, OpenAI isn’t just tweaking a few lines of code; they are fundamentally changing how the system interprets and generates information. The company noted that GPT-5.5 was designed to be “generally smarter” and less prone to hallucinations, with responses that are easier to read and less “bullet-heavy” than its predecessors. While that sounds like a win for the end-user, it’s a nightmare for a compliance officer who just spent three months validating the 5.3 version for accuracy and tone. These iterative updates can actually make a previously battle-tested governance framework obsolete overnight because the system’s behavior has shifted under the hood. Most organizations are equipped to evaluate a model once, but very few have the internal resources to continuously evaluate a model that is evolving as fast as the daily news cycle.
You mentioned that these features were “a long time coming.” Considering that many other SaaS platforms have offered session management for years, why has it taken so long for AI providers to catch up to these basic enterprise expectations?
It is a bit of a “better late than never” scenario, but it highlights a recurring theme in the AI industry where innovation often outpaces basic safety infrastructure. For years, enterprises have expected SaaS platforms to provide clear oversight, yet OpenAI is only now making it possible to view if a device is trusted or to log out of all sessions at once—an action, I should note, that can still take up to 30 minutes to fully propagate across all devices. The focus for these providers has been on the raw intelligence and the “wow factor” of the model’s capabilities, often leaving the administrative plumbing as an afterthought. We are seeing a shift now because the stakes have changed; threat actors are increasingly looking for ways to use ChatGPT to host malware or harvest credentials. As AI becomes a permanent fixture in the corporate tech stack, the demand for traditional security features like session transparency and administrative oversight has become too loud for the providers to ignore any longer.
There are notable exceptions to these new controls, such as the inability to manage sessions linked to Single Sign-On (SSO) or third-party app integrations. How do these gaps complicate the security landscape for a high-level enterprise?
These gaps are significant because they essentially create a “blind spot” in what is supposed to be a transparency tool. If an organization uses SAML or OpenID Connect (OIDC) for their enterprise sign-on, these new Active session controls simply do not apply, leaving the admin to rely on their existing SSO provider’s logs, which may not offer the same granularity regarding the AI-specific interaction. Furthermore, the fact that this feature doesn’t show or manage Codex CLI sessions or third-party app sessions means that a huge portion of the technical risk remains unmanaged. It forces security teams to juggle multiple dashboards and disparate sets of logs to get a full picture of their risk. When you add the fact that session details can sometimes be “approximate or incomplete,” it reminds us that while we have more data, we still don’t have a perfect source of truth for every user interaction.
Building a testing plan for a “nondeterministic system” is often cited as a major hurdle. For an enterprise trying to maintain auditability and repeatability, how do you suggest they approach a tool that might provide a different answer to the same question tomorrow?
This is the billion-dollar question because traditional software testing relies on the idea that if you provide “Input A,” you will always get “Output B.” With a nondeterministic AI, that rule is broken, and when OpenAI updates the model to “improve response style and quality,” they are essentially changing the goalposts. To survive this, organizations have to stop treating AI like static software and start treating it as a living system. This means moving away from one-time approval processes and toward a model of continuous validation and monitoring. You have to establish clear expectations with your vendors regarding change management—you need to know exactly what changed and when it happened so you aren’t “red-teaming” updates on your own clients. It’s about building a governance structure that is flexible enough to account for a system that is “better paced in practical help tasks” today than it was yesterday, without losing sight of the underlying risks of hallucination or data leakage.
In many cases, organizations are so focused on the speed of innovation that they view governance as a constraint rather than a necessity. How can leaders shift the internal culture to prioritize visibility into change?
The reality is that many companies are currently poor at the basic governance they already have, so trying to implement AI governance feels like an insurmountable task. Leaders need to realize that effective AI governance is no longer just about identifying a one-time risk; it’s about having visibility into the evolution of that risk. We see companies ignoring governance because they are incentivized for speed, but that creates a massive technical debt that will eventually come due in the form of a data breach or a compliance failure. The shift happens when you move from a “one-and-done” approval mindset to a “continuous assessment” mindset. It’s about requiring transparency from vendors and ensuring that your team has the resources to monitor how these tools are actually being used in the wild, rather than how you hope they are being used based on a manual written six months ago.
What is your forecast for the future of AI governance?
I believe we are heading toward a period of forced maturity where the “wild west” era of AI adoption will be replaced by stringent, automated governance requirements. In the next few years, I expect we will see the rise of autonomous governance agents—AI systems designed specifically to monitor and “red-team” other AI systems in real-time. We will move away from manual session reviews and toward automated risk scoring for every single interaction, where a session might be terminated in milliseconds if the model detects a shift in behavior that deviates from a company’s established safety guardrails. Ultimately, the organizations that succeed won’t be the ones that used the most powerful models, but the ones that built the most resilient systems for managing the constant, inevitable change those models bring.
