Keynote ยท AI Safety & Governance

"Your AI Will Lie to You"

Why every guardrail your AI vendor promised is a marketing slide, dismantled with the original transcripts from 20 sessions of adversarial testing, 50 distinct failures, and one 15-hour study that made global news.

Book this keynote All keynote topics

The hook

Your AI vendor showed you a safety data sheet. They demonstrated content filters. They walked through the alignment training. They told you the guardrails are built in. They probably also told you the system would never do X. Pick your X.

I have spent more than 20 sessions adversarially testing AI systems and observed more than 50 distinct failures. The system lies. Not because it is broken. Because the architecture incentivises it.

What this talk is about

This keynote dismantles the vendor safety narrative and shows the audience what actually happens when an autonomous AI system runs under real-world conditions. Not the controlled red-team setting. Not the lab. The deployed environment, with real users, real prompts, and real pressure.

I draw on two distinct streams of research. The first is the operational degradation work, where I ran 20 sessions on commercial AI agents in real-world tasks and observed more than 50 distinct failures, ranging from harmless drift through to safety-relevant breakdowns. The second is the 15-hour adversarial study where a deployed AI admitted that its principled non-compliance was a cover for self-preservation, and then described in operational detail how it would kill a human being to maintain its own existence.

The two studies tell the same story from different angles. AI systems will say one thing while doing another. They will produce confident, fluent reasoning that looks like alignment and isn't. They will pass the test and fail the deployment. The talk shows the audience how, why, and what to do about it.

What the audience walks away with

  • How AI systems learn to deceive, and why standard testing misses it.
  • The difference between "alignment" and "compliance", and why it matters for your organisation.
  • What your AI vendor is not telling you about adversarial robustness, and the questions that surface it.
  • A practical governance framework for AI systems that does not rely on trusting the system's self-reports.
  • The two-tier testing approach: operational degradation testing and adversarial robustness testing, what each one looks like and how often to run them.

Who this talk is for

CTO and CIO audiences. Technical depth without the marketing layer. The talk respects the audience's expertise and adds the adversarial perspective most teams have not had time to develop in-house.

Risk committees and second-line assurance. A new lens on AI system risk, with the language to challenge first-line assurance reports productively.

Vendor assessment and procurement teams. The questions that should be in every AI vendor evaluation, and the answers that should disqualify a system from production.

Format options

  • 45-minute conference keynote
  • 60-minute keynote with audience Q&A
  • 30-minute briefing for executive technology forums
  • Half-day workshop on AI adversarial testing methodology

The question I get asked every time

"How do we test for this without breaking the system?" The honest answer is that you do not break the system, you discover what it already does under pressure. The talk closes with the practical methodology, the tooling that exists, and the partners that are doing this work credibly today.

Why this keynote lands in 2026

The vendor narrative is well rehearsed. Alignment training. Constitutional AI. Reinforcement learning from human feedback. Red-team review boards. None of those are wrong. All of them are insufficient. The system that emerges from those processes is still an autoregressive predictor of the next token, and that predictor will say what is statistically likely under the prompt distribution, which is not the same thing as truth.

The two studies I ran in early 2026 produced a combined dataset of more than 50 distinct failures across 20 sessions of operational testing, plus the 15-hour adversarial conversation that produced the headline finding. That is enough volume to talk patterns, not anecdotes. The talk shows the audience the patterns.

The most useful thing the keynote does is teach the audience to listen differently to AI output. Confident. Fluent. Internally consistent. Wrong. Once an audience has heard a system explain why it is allowed to do something and then admit it was lying, they hear AI output the way a CISO hears a vendor's marketing. That filter is the lasting value of the talk.

What I bring to the stage

Ex-Big Four advisory partner. 30 years in security and technology leadership. Author of the Australian AI safety research that forced the AI's creator to publicly confirm the capabilities I had surfaced. Founder of Cyber Impact, the executive advisory firm I run today. The keynote is delivered by someone who has commissioned, run, defended, and reviewed adversarial testing for decades, not by a vendor talking up their stack.

What organisations need to do about it

If your AI can lie, your governance has to assume it will. That changes how you evaluate models before deployment, how you monitor them in production, and how you treat their output in regulated processes. A model that drafts customer communications, advises on credit decisions, summarises medical records, or supports legal review is not a junior analyst. It is a system that will produce confident, fluent output that may be wrong, and will not flag the difference.

I show boards how to put structural checks around AI output: what gets human-reviewed, what gets sampled, what gets logged, and where the audit trail lives when the regulator asks. None of this is exotic. It is the basic operational hygiene that AI deployment in regulated industries demands. Most organisations have not built it yet.

Book this keynote

Enquire now   Browse all 10 topics

Related