Rob T. Lee

Globally recognized authority on cybersecurity and AI strategy. Chief of Research & Chief AI Officer at SANS Institute.

100K+
Professionals Trained
20+
Years Leading Security Innovation
Global
Speaking Authority
Rob T. Lee professional headshot
SANS Institute Leadership

Chief of Research and Chief AI Officer

Defined how modern incident response works, shaped national security policy, and trained the teams defending the world's most critical systems.

Shadow AI Research

Developing methodologies for discovering and managing unauthorized AI deployments

AI Governance Frameworks

Creating comprehensive frameworks for responsible AI implementation and compliance

Adversarial AI Defense

Researching attack vectors and defense strategies for AI system security

AI Risk Management

Advancing risk assessment methodologies for enterprise AI deployments

SANS Institute AI Security Programs

The world's most trusted AI security training and research, developed by practitioners for practitioners.

Approach: Protect, Utilize, and Govern AI

Every executive is prioritizing AI, but confusion and uncertainty still dominate its adoption. I believe success depends on owning AI securely, which means addressing all three dimensions at once.

Why all three matter:

Protecting AI without utilizing it leaves capability on the table. Utilizing AI without governance risks chaos. Governance without technical protections creates a false sense of security. My work and SANS programs bring these together so organizations can move forward with clarity.

Protect AI

SECURING AI SYSTEMS

Defend models, applications, and data pipelines from tampering, poisoning, prompt injection, and other adversarial techniques. This track focuses on the technical security of AI assets from development through deployment.

Utilize AI in Cybersecurity

ENHANCING DEFENSE WITH AI

Leverage AI and ML to improve detection, response, and resilience. This means integrating AI into SOC workflows, threat hunting, and incident analysis to match attacker speed and scale.

Govern AI

REGULATION, COMPLIANCE, AND EXECUTIVE OVERSIGHT

Translate complex AI regulations into actionable governance frameworks that boards and leadership teams can implement. This includes establishing clear structures, ensuring regulatory compliance, and aligning AI initiatives with enterprise risk management and IT transformation goals.

Articles & Insights

ARTICLE

The Framework of No: Why Your Security Team is Killing Your AI Momentum

How traditional security approaches drive shadow AI adoption and what to do instead

View
ARTICLE

Sunlight AI: A Governance Framework That Works in 30 Days

Practical steps to move from shadow AI chaos to working governance without 18-month frameworks

View
OP-ED

AI Chat Data: History's Most Thorough Record of Enterprise Secrets

Why AI conversation logs represent an unprecedented security challenge for organizations

View

Featured In

Featured in major media outlets including CNN, Forbes, Wall Street Journal, Wired, and more

Invite Rob to Speak

Rob T. Lee speaking at conference

Topics Include

Boards Can't Pretend to Understand AI. They Have to Learn.

What boardrooms need isn't another jargon-heavy AI strategy session. They need someone who's built the programs, advised the agencies, and seen the breach reports. Rob gives directors a clear language and structure for AI literacy and board engagement.

The Workforce You Need Is Already Behind.

Everyone talks about AI transformation. Few are building teams who can use it, secure it, and respond to it. Rob draws from decades building the global cyber workforce to show what readiness actually looks like, from SOCs to C-suites to startups, and how to lead toward it.

AI Moves Fast. Your Governance Can't Lag.

A sharp, operationally grounded session for executives and boards on what AI adoption looks like in the wild, when tools get ahead of policy, when teams go rogue, and when 'pilot projects' turn into attack surfaces. Rob breaks down how to set the right guardrails early, ask better questions, and reduce real exposure without killing momentum.

Attackers Don't Wait for Your Next Planning Cycle.

Drawing from his work in national security and incident response, Rob shows how adversaries are already using AI systems to scale attacks, break defenses, and shift speed in ways most leaders haven't prepared for. A critical briefing for anyone responsible for protecting systems or investing in them.

About Rob T. Lee

Rob T. Lee has defined how modern incident response works. As Chief AI Officer and Chief of Research at SANS Institute, he's pioneering practical frameworks for secure AI adoption—including the Sunlight AI approach featured in this site.

Known as the "Godfather of DFIR," Rob coined the terms digital forensics and incident response (DFIR) and cyber threat intelligence (CTI), pioneered timeline analysis, and created the SIFT Workstation—the open-source forensic platform relied on globally in critical investigations.

His career spans the U.S. Air Force, NSA, CIA, and Mandiant, where he served as Director of Threat Intelligence. He's authored flagship SANS courses, co-developed GIAC certifications used worldwide, and trained over 100,000 security professionals. Rob advises as a FISA Court Technical Advisor, speaks at global conferences, and appears in major outlets including The Wall Street Journal, CNN, Forbes, and Rolling Stone.

Media & Speaking Inquiries

For interviews, podcast appearances, and speaking engagements on AI security, cybersecurity leadership, and digital forensics.