On the 41st episode of Enterprise AI Defenders, hosts Evan Reiser (CEO and co-founder, Abnormal AI) and Mike Britton (CIO, Abnormal AI) are joined by Matt Bunch, VP & Global CISO at Tyson Foods, to talk about what it takes to defend a $54 billion food-supply operation, and why Matt thinks treating AI as an entirely new threat category is the wrong frame.
Tyson Foods supplies protein to roughly 23% of the US. On the poultry side alone, more than 11,000 independent farmers depend on Tyson's operations to get their product to market. A security failure at that scale doesn't mean a password reset; it means disrupted operations, livelihoods at risk, and food availability problems across the country. That reality shapes everything about how Matt approaches security: the posture has to extend beyond Tyson's own walls. Protein providers, ingredient suppliers, cold-storage companies, and transportation partners all carry risk that ultimately flows back to Tyson. His goal isn't just to secure Tyson's environment; it's to use Tyson's scale to raise the collective security posture of the ecosystem it depends on.
The most concrete change this past year was a full SOC platform overhaul. The team migrated to an AI-enabled SIEM that synthesizes external threat intelligence, open vulnerabilities, and active alerts into a daily actionable digest. The result is faster mean time to detection and faster mean time to response. Teams reach alerts more quickly, with more context, and can push actionable intelligence directly to the business and technology teams who need to act. Matt describes the shift as moving from legacy SOC technologies "to the next generation of AI-enabled SIEM platforms," a change that took significant data-quality work to make possible but one that now delivers insights the team couldn't generate manually.
Getting the team there required more than a platform swap. Matt runs "all in on AI" across every role: developer, incident responder, managed services. But some team members, especially those who've spent years doing things a particular way, aren't naturally quick to change. His approach isn't mandated from the top. He walks the floor, addresses concerns directly, and makes himself the visible example of someone whose daily work is better because of AI. He's also cultivated AI champions within the team; people closest to the work who demonstrate value in their own context. "I want them to be the example," he says, "because they're closest to the work. They're going to be able to show us where the true value is." The path to adoption runs through those people.
When it comes to AI-specific threats, Matt's position is deliberately calm. Prompt injection is a data validation problem. The same class of issue application teams have managed for years. AI configuration vulnerabilities are configuration problems. Data access issues in AI systems are access control problems. None are fundamentally new. What's changed is the speed at which attackers can chain vulnerabilities together and find novel exploit paths. Matt has challenged his team to be honest about whether risks they're flagging are truly new, or risks that have long been accepted without anyone formally signing off. That distinction drives prioritization. When a team member brings him a new AI use case, the conversation always comes back to business value: is this manual today? How much time does it take? What data does it touch? Can we deploy now, or do we need to clean up data quality first?
The principle Matt keeps returning to, for AI agents inside Tyson's SOC and for the supply chain beyond its perimeter, is trust with verification. In 12 to 24 months, he expects security operations to trust AI tools to act more autonomously. But autonomy requires governance: observability, guardrails, the ability to see what models and agents are doing without creating friction that slows the work down. "If you trust, you've got to verify." The same logic applies outward. Tyson can't mandate that its suppliers improve their security posture, but it can influence and partner with them. The food supply chain is interdependent at a level most people don't see from outside the industry, and the security of everyone in it is collective work.
