ITTech Pulse Exclusive Interview with Mark Wojtasiak is SVP of Product Research and Strategy at Vectra AI

In this discussion with ITTech Pulse, Mark Wojtasiak of Vectra AI explores AI strategy, attack signal intelligence, and reducing cyber defense complexity.

Can you walk us through your career and highlight the pivotal moments that shaped your path in cybersecurity?

I’ve spent my career trying to make cybersecurity make sense – not just technically, but practically. My lane has always been research, product strategy, and messaging. I’m not the person reverse-engineering malware; I’m the person asking: Does this actually help the people defending the business?

In my career journey, three moments really shaped me:

During COVID, I co-authored a book on insider risk while at Code42. Writing a book forces you to slow down and pushes you to articulate what you think you know. That experience taught me to balance confidence with humility, and to have the confidence to share a point of view, while staying humble enough to know none of us have it all figured out. Cybersecurity changes daily, and we’re all learning in public.

When I joined Vectra AI, I moved from insider risk, a focused, human-centered problem, into the broader world of external threats – a bigger stage and even louder vendors. That transition forced me to listen more than I talked. I spent time understanding what security analysts deal with at 2 a.m., and I started looking at problems upstream like network visibility, identity behavior, hybrid cloud complexity instead of just downstream symptoms.

Lastly, I started the Hunt Club podcast, a platform where we explore candid conversations with CISOs, Security Operations Center (SOC) leaders, and peers. Podcasting reminds me that the best insights come from real stories, not slideware. Every episode, I walk away having learned something, which is immensely grounding.

How has your experience in AI-driven threat detection shaped your approach to product strategy?

It made me allergic to AI hype; if AI doesn’t reduce uncertainty for the defender, it’s just math with a logo. A sophisticated model that still requires manual dot-connecting hasn’t solved the problem. My approach is simple:

• Behavior over buzzwords.
• Context over isolated alerts.
• Speed to clarity over pretty dashboards.

AI should shrink decision time and remove friction. It should help people move from “Is this real?” to “Here’s what we do next.” If it doesn’t, it’s just hype.

Read More: ITTech Pulse Exclusive Interview with Jason Baker, Managing Security Consultant, at GuidePoint Security

How are you advancing Attack Signal Intelligence to combat tool sprawl and enable hybrid cloud threat hunting?

Tool sprawl isn’t just too many products; it’s about having too many disconnected truths. The analyst becomes the integration layer, copying, pasting, pivoting and guessing, which isn’t scalable. What Vectra AI is pushing toward is straightforward and intentional:

• Attackers think one giant attack surface, so should we as defenders.
• Connect detections into the attacker’s story instead of attacker soundbites (i.e. alerts).
• Use AI to do the boring work, so humans can do the real work.

Attack Signal Intelligence, to me, is what defenders keep asking for, but no one has been listening.

What challenges excite you most right now?

Non-human identities and AI agents are now operating on behalf of humans, with scripts making decisions and agents interacting directly with other agents. The lines between “insider” and “external” start to blur, fundamentally changing how we define risk and trust. Second, defender latency: attackers move quickly and quietly, while many security workflows don’t. Closing that gap, reducing the time between signal and action is a challenge I find energizing. It’s not about catching everything, it’s about responding with confidence when it matters.

Vectra AI’s 2026 State of Threat Detection Report reveals 63% unaddressed alerts despite AI SOC adoption. What key factors drive this cyber resilience lag, and how can teams start fixing it?

The uncomfortable truth is adding AI doesn’t automatically fix workflow. If AI gets layered onto an already fragmented stack, you just get an AI-flavored backlog. The patterns I keep seeing are:

• Defenders keep getting attacker soundbites (i.e. alerts) and not the complete attack story.
• Soundbites: putting all the pieces together will never scale, so why do we keep forcing defenders to do it?
• AI is not a magic bullet; it’s a tool to move from soundbite to story. Why are we not investing in AI that does that?

Resilience lags when confidence lags. If analysts don’t trust what they’re seeing, they hesitate, or they ignore it. So, how do teams start fixing it? Here are my recommendations:

• Start with the small stuff – automate alert triage and validation before automating response.
• Leverage AI tooling to establish a source of investigative truth that maximizes human talent.
• Free up human talent to focus on 80% of their day on proactive exposure reduction versus reactive alert management.

Help not hype. That’s the mindset shift.

Read More: ITTech Pulse Exclusive Interview with Michael Jacobs, Head of Social Innovation at IBM

How is Vectra AI tackling SOC alert fatigue and fragmented visibility in 2026 hybrid attacks per your research? What practical steps show the biggest wins for overworked teams?

The biggest wins are rarely flashy. Overworked teams don’t need more dashboards; they need fewer clicks to clarity. Here are the practical steps that actually address alert fatigue and fragmented visibility:

• Stop the soundbite madness. Reduce false urgency: detecting everything gives a false sense of security especially when not every detection deserves human attention.
• Auto-stitch soundbites together with deep context so analysts can see the real story emerging. The faster we do this, the faster the attack is stopped.
• Make hunting repeatable, something defenders, no matter their skill level, do daily to unlock proactive defense.

 What 2026 cybersecurity predictions on NDR/XDR consolidation and AI triage trends should security pros search for now to future-proof defenses against evolving attacker tactics?

• Consolidation will continue, but not as one magic platform. There’ll be fewer core systems with deeper integration.
• AI will shift from detection novelty to triage muscle. The value will be in shrinking decision cycles.
• Network observability will remain foundational in hybrid environments. You can’t defend what you can’t see moving.

One piece of advice for IT Tech Pulse readers would you love to give on prioritizing AI investments to bridge 2026 cyber resilience gaps based on Vectra AI’s findings and your frontline experience?

When evaluating AI products, make sure you’re investing in systems that eliminate human bottlenecks rather than disguise them. Ask vendors:

• Does this reduce validation time? Prove it.
• Does this connect activity into a coherent story? Prove it.
• Does it shift defender time from reactive alert management to proactive defense? Prove it.

If the answer is “It’s cutting-edge AI,” but the proof says otherwise, that’s not resilience. That’s marketing. For me, it always comes back to three core principles:

1. AI not B.S.
2. Help not Hype.
3. Speed not Friction.

That’s how I think about research, strategy, product, messaging – everything. If we stick to that, we’ll build things that help the people on the front lines.

Thank you, Mr. Mark, for taking the time to share your insights with us.

Write to us [⁠wasim.a@demandmediaagency.com] to learn more about our exclusive editorial packages and programmes.