Field notes · July 2026

The five questions CISOs actually ask before buying an AI platform

Our partners have spent years on the vendor side of enterprise security due-diligence — the seat across from the CISO when an AI platform is being evaluated for a Fortune-500 deployment. The questionnaires vary; the five questions underneath them never do.

1. "Walk me through what happens to my data, end to end."

Not a checklist item — a live test. The CISO watches whether the person answering actually knows the pipeline or is reciting a slide. If the vendor's answer needs a follow-up call "with our engineers", the review just got three weeks longer. What passes: a diagram-level narrative — ingress, processing, storage, model interaction, egress, deletion — delivered by someone who can be interrupted at any step and go deeper.

2. "Which parts of this are you, and which parts are someone else?"

Every AI product is partly other people's infrastructure — model providers, vector stores, cloud services. CISOs know this; what they are testing is whether you know it precisely, and whether your contracts downstream match the promises you make upstream. The vendors who fail here are the ones whose zero-retention promise rests on a subprocessor default they never actually configured.

3. "Show me, don't tell me."

Claims are free; evidence is the currency. The strongest 30 minutes in any security review is the one where the vendor shares actual artifacts: the pen-test summary, the access-review log, the incident-response plan with real names in it, the guardrail documentation. A modest control with evidence beats an impressive control without it — because in a review, an undocumented control does not exist.

4. "What happens at 2 a.m. when it goes wrong?"

Incident questions are not about whether incidents happen — CISOs assume they do. They are about whether the vendor's plan survives contact with a real Tuesday night: who is paged, who decides severity, when does the customer hear, who signs the post-incident report. The tell they listen for: a plan with named roles versus a plan with the word "team".

5. "Why should this pass my board's AI-risk review?"

The newest question, and the one deciding the most deals in 2026. The CISO increasingly has to defend AI purchases to a risk committee, so what they need from the vendor is not reassurance — it is material: a one-page AI governance summary they can attach to their own internal filing. Vendors who arrive with that page ready shorten their reviews by weeks, because they have done the CISO's homework for them.

The pattern

All five questions test the same thing: whether security is something the vendor did, or something the vendor knows. Products with decent controls and excellent evidence beat products with excellent controls and no evidence — a strange truth, and a genuinely fixable one for a small vendor.

Making AI companies pass these five questions is what we do. Start with the free 12-point self-check, or bring us a live stuck deal via the Enterprise-Readiness Audit.