The global threat landscape is shaped daily by efforts of attackers and defenders alike. With constant changes, CISOs are concerned about potential blind spots and deficiencies within their existing information security program. How do you build an Information Security team able to address today’s dynamic conditions? Using Elastic’s InfoSec team as a model, this session discusses how the team evolved, our operating philosophy & framework, and future focus areas of the team. I outline the fundamental use cases of Information Security – governance and compliance, risk management, and vulnerability & threat management – and include AI use cases that can bolster InfoSec’s defense system. The importance of embracing a resilience-centric process by prioritizing risk-based capabilities, i.e. the Copernican Shift. How a collaborative team framework built on data and behavior analytics can optimize capabilities and establish a proactive defense ecosystem. Our approach to controls, asset inventory, product security statements, vulnerability management, threat detection, and alerts. This includes AI applications for consideration (alert triage, threat intel drafts, and IOC extraction and distribution.)