Agentic AI isn’t theoretical anymore. It’s creeping into day-to-day security ops - triaging alerts, surfacing risks, automating grunt work. But here’s the catch: most organizations still haven’t figured out how to actually use it. They’re stuck running isolated pilots or bolting AI onto legacy systems without a clear plan.That’s where Deloitte is stepping in. Last month, the firm rolled out a new set of cyber AI blueprints and tech services designed to help companies stop dabbling and start operationalizing. The idea isn’t just to plug in AI - it’s to rebuild the cyber function with AI at the core. These blueprints are already wired into Deloitte’s own platforms like Zora AI and Converge, and they’re aimed at giving clients a practical way to move fast, stay compliant, and drive actual results.In a Q&A with ChannelE2E, Naresh Persaud, a principal in Deloitte’s US Cyber practice, outlines how clients are putting the blueprints to work, why cybersecurity is often the first function to benefit from enterprise AI, and how agentic systems like Zora are helping organizations shift from reaction to real-time response.For partners, advisors, and managed service providers, this blueprint-led approach may offer clues about what the next wave of enterprise security modernization looks like - and where channel opportunities could emerge.
ChannelE2E: What differentiates Deloitte’s cyber AI blueprints from other AI-driven cybersecurity offerings in the market, especially with many vendors now embedding generative and agentic AI into their platforms?
Naresh Persaud: Deloitte's cyber AI blueprints focus on helping clients define a clear path to AI, enabling the cyber function and creating a security foundation for organizations adopting AI across the business. With every vendor embedding AI agents into their offerings, clients need a blueprint to rationalize and curate the rapidly evolving capabilities on the market. Deloitte's solution is about reimagining the cyber function to support modernization and make organizations future-ready.The cyber AI blueprints and technology services ensure AI is not just added on top of an organization’s systems but designed to be a core part of them. The blueprint provides a map for enterprises across sectors to address specific needs, offering guidance on how leaders can evolve people, processes, technology, and data together to stay ahead of threats in a rapidly changing landscape.ChannelE2E: What role does the Zora AI agent platform play in delivering real-world outcomes for cyber leaders, and how mature is it in terms of actual deployments beyond proofs of concept?
Naresh Persaud: Deloitte has been at the forefront of AI and technology innovation for over a decade, including with the Zora AI agentic platform. Zora AI agents are intelligent digital workers with domain-specific knowledge that autonomously collaborate to perform a variety of complex business functions. Zora AI is backed by Deloitte's extensive business knowledge, engineering expertise, global scale, and deep experience in domains like cybersecurity.One of the most compelling aspects of agentic AI in cybersecurity is its broad applicability - virtually any large business or organization can benefit. Agentic AI enables smarter, faster decision-making across complex, high-stakes workflows where speed, accuracy, and compliance are critical.Deloitte’s cyber AI blueprints include AI agents deployed through Zora AI to scale delivery to clients. These include Digital Analysts to triage security events, Threat Hunting agents to identify malicious activity, Cyber Risk Assessment agents to manage exposure, Identity Access Certification agents for compliance, and more.ChannelE2E: How are clients responding to the shift from cybersecurity as a cost center to a strategic growth enabler, and what kinds of business outcomes are early adopters seeing?
Naresh Persaud: As technology evolves, organizations need to ensure their systems keep pace. The minute a system falls behind, it becomes more vulnerable to unnecessary risk. Many companies understand the need to transform their cybersecurity function - but don’t know where to begin. That’s where the cyber AI blueprint comes in. It provides a roadmap to drive adoption and help achieve business outcomes.There’s also growing evidence that cybersecurity is the right starting point for AI implementation. Deloitte’s State of Generative AI in the Enterprise report found that respondents focused on cybersecurity are significantly more likely to exceed their ROI expectations - 44% of cybersecurity initiatives delivered ROI somewhat or significantly above expectations, compared to just 17% that fell short.ChannelE2E: With organizations still navigating legacy systems and fragmented cyber operations, what are the most common roadblocks in operationalizing AI-enabled cyber functions, and how do Deloitte’s services overcome them?
Naresh Persaud: Legacy systems and fragmented operations often result in AI being treated as an afterthought rather than fully integrated. This reactive approach leads to higher costs and slower response times. Many cyber leaders also don’t know where to begin when modernizing these systems.Deloitte’s cyber AI blueprints and technology services offer a clear roadmap to guide that transformation. They provide tools to align AI initiatives with business and mission objectives, define governance standards, and evolve each area of the organization. The goal is to help clients move beyond proof-of-concept and drive meaningful outcomes.ChannelE2E: How is Deloitte addressing emerging risks from agentic AI, such as rogue behavior or over-permissioned access, and what governance or identity safeguards are built into the blueprints?
Naresh Persaud: Deloitte's cyber AI identity blueprint provides a roadmap for securing agentic AI. It leverages Identity Access Management (IAM) tools to secure the agent lifecycle and runtime activity, while generating audit evidence to ensure agents operate as intended. Some of the key controls include:Deloitte also reinforces the importance of a “human in the loop” through its Trustworthy AI framework. Deloitte's State of Generative AI in the Enterprise report found that 30% of respondents cited risk management as a top barrier to adoption, while 29% cited a lack of a governance model. Combining human oversight with AI helps reduce errors and build trust in the system.ChannelE2E: Zora AI is expected to increase productivity and reduce costs in finance functions. How might similar agentic AI benefits translate to measurable improvements in cyber defense, such as incident response speed or breach containment?
Naresh Persaud: When applied to cybersecurity, agentic AI enables organizations to detect and respond to threats in real time - automating many tasks that used to require manual input. Zora AI’s ability to perceive, reason, and act in real time helps agents identify anomalies or threats and respond either automatically or by alerting a human analyst. These systems also continuously learn and adapt, improving threat detection, reducing false positives, and fine-tuning defenses as new risks emerge.The result: faster, more effective, and more resilient security operations. Agents also contribute to better governance and risk management. For example: generating audit queries for internal and external reviews, automating user access fulfillment to reduce administrative burden, or identifying vulnerabilities in development environments and addressing them before they turn into incidents.
Naresh Persaud: Deloitte's cyber AI blueprints focus on helping clients define a clear path to AI, enabling the cyber function and creating a security foundation for organizations adopting AI across the business. With every vendor embedding AI agents into their offerings, clients need a blueprint to rationalize and curate the rapidly evolving capabilities on the market. Deloitte's solution is about reimagining the cyber function to support modernization and make organizations future-ready.The cyber AI blueprints and technology services ensure AI is not just added on top of an organization’s systems but designed to be a core part of them. The blueprint provides a map for enterprises across sectors to address specific needs, offering guidance on how leaders can evolve people, processes, technology, and data together to stay ahead of threats in a rapidly changing landscape.ChannelE2E: What role does the Zora AI agent platform play in delivering real-world outcomes for cyber leaders, and how mature is it in terms of actual deployments beyond proofs of concept?
Naresh Persaud: Deloitte has been at the forefront of AI and technology innovation for over a decade, including with the Zora AI agentic platform. Zora AI agents are intelligent digital workers with domain-specific knowledge that autonomously collaborate to perform a variety of complex business functions. Zora AI is backed by Deloitte's extensive business knowledge, engineering expertise, global scale, and deep experience in domains like cybersecurity.One of the most compelling aspects of agentic AI in cybersecurity is its broad applicability - virtually any large business or organization can benefit. Agentic AI enables smarter, faster decision-making across complex, high-stakes workflows where speed, accuracy, and compliance are critical.Deloitte’s cyber AI blueprints include AI agents deployed through Zora AI to scale delivery to clients. These include Digital Analysts to triage security events, Threat Hunting agents to identify malicious activity, Cyber Risk Assessment agents to manage exposure, Identity Access Certification agents for compliance, and more.ChannelE2E: How are clients responding to the shift from cybersecurity as a cost center to a strategic growth enabler, and what kinds of business outcomes are early adopters seeing?
Naresh Persaud: As technology evolves, organizations need to ensure their systems keep pace. The minute a system falls behind, it becomes more vulnerable to unnecessary risk. Many companies understand the need to transform their cybersecurity function - but don’t know where to begin. That’s where the cyber AI blueprint comes in. It provides a roadmap to drive adoption and help achieve business outcomes.There’s also growing evidence that cybersecurity is the right starting point for AI implementation. Deloitte’s State of Generative AI in the Enterprise report found that respondents focused on cybersecurity are significantly more likely to exceed their ROI expectations - 44% of cybersecurity initiatives delivered ROI somewhat or significantly above expectations, compared to just 17% that fell short.ChannelE2E: With organizations still navigating legacy systems and fragmented cyber operations, what are the most common roadblocks in operationalizing AI-enabled cyber functions, and how do Deloitte’s services overcome them?
Naresh Persaud: Legacy systems and fragmented operations often result in AI being treated as an afterthought rather than fully integrated. This reactive approach leads to higher costs and slower response times. Many cyber leaders also don’t know where to begin when modernizing these systems.Deloitte’s cyber AI blueprints and technology services offer a clear roadmap to guide that transformation. They provide tools to align AI initiatives with business and mission objectives, define governance standards, and evolve each area of the organization. The goal is to help clients move beyond proof-of-concept and drive meaningful outcomes.ChannelE2E: How is Deloitte addressing emerging risks from agentic AI, such as rogue behavior or over-permissioned access, and what governance or identity safeguards are built into the blueprints?
Naresh Persaud: Deloitte's cyber AI identity blueprint provides a roadmap for securing agentic AI. It leverages Identity Access Management (IAM) tools to secure the agent lifecycle and runtime activity, while generating audit evidence to ensure agents operate as intended. Some of the key controls include:
- Secure, efficient onboarding to ensure new agents are authenticated, authorized, and properly configured from the start.
- Role-based access to ensure agents are granted only the minimum privileges needed, reducing risk of privilege escalation.
- Regular access reviews to keep permissions aligned with operational needs and avoid privilege creep. Agent modality is also considered, as it can change over time.
- A centralized agent registry for tracking agent identities, roles, and permissions - critical for auditing, accountability, and risk management.
Naresh Persaud: When applied to cybersecurity, agentic AI enables organizations to detect and respond to threats in real time - automating many tasks that used to require manual input. Zora AI’s ability to perceive, reason, and act in real time helps agents identify anomalies or threats and respond either automatically or by alerting a human analyst. These systems also continuously learn and adapt, improving threat detection, reducing false positives, and fine-tuning defenses as new risks emerge.The result: faster, more effective, and more resilient security operations. Agents also contribute to better governance and risk management. For example: generating audit queries for internal and external reviews, automating user access fulfillment to reduce administrative burden, or identifying vulnerabilities in development environments and addressing them before they turn into incidents.
