AI is shaping Bayer’s approach to security as the life sciences firm aims to become one of Europe’s leading agentic deployment organizations in the pharmaceutical industry.
At Infosecurity Europe 2026, Kevin Jones, Bayer’s CISO, told attendees that the company has fundamentally changed how its workforce is prepared for AI-driven threats, moving away from checklist-style technical guidance toward psychology-first security awareness.
“We scrapped everything to do with technical in our awareness training,” Jones said, explaining that conventional advice, such as looking for spelling mistakes, suspicious URLs or odd attachments no longer works when attackers “have learnt to spell, in five different languages, all in real time, and it’s all generated with AI at scale.”
He argued that the human element must be reframed: that employees are taught to recognize psychological manipulation, ask whether someone is applying undue pressure or posing as an authority and to “stop and pause and think” before breaking process.
Jones described the training as mandatory and behavior-focused. “Towards the end of last year, our CFO in the Europe, Middle East and Africa region received a very accurate sounding phone call from our global CFO, who asked them to quickly transfer them money over the weekend,” he explained.
He said that because staff followed the new guidance, “everyone reported it” and there was zero loss.
That story, Jones said, proved that reframing security awareness around adversary psychology can turn employees into an effective early defense against increasingly realistic social engineering.
AI Access Tied to Training Completion
Jones also explained that AI competence within Bayer’s staff is now tied to controlled access: small, role-based training modules are prerequisites for accessing internal AI platforms like myGenAssist, Bayer’s homemade response to commercial generative AI platforms like OpenAI’s ChatGPT, and additional ones for building agents within the platform.
In practice, the life sciences company has created a tiered access model that gates who can develop and run agentic workflows.
Jones said this system entices staff members to complete training and allows the security team to “track our data.”
Towards a Human-On-the-Loop Approach for the SOC
This AI-savvy approach is also applied to Bayer’s security operations. Jones said he would like security operations center (SOC) analysts to evolve from manual triage to supervised automation.
“We are assuming they will not be able to work at the speed of agents,” he said.
Jones expects SOC teams to move “from human in the loop to human on the loop within two to three years” as agent-assisted processes scale and he emphasized new operational playbooks and training to support that shift.
“It means that analysts need to start thinking about using and managing AI agents themselves, not only AI co-pilots or assistants anymore,” he said.
“I would encourage you to think of SOCs less as security operations centers and more as cyber resilience centers, because in the future, they will need to be able to change things in your environments, in a controlled way, to keep it resilient,” he added.
AI Use Clauses in Third-Party Contracts
Jones made clear that workforce requirements are paired with stricter third-party obligations, with suppliers also required to complete AI training before receiving tiered access to myGenAssist.
Additionally, Bayer has established an internal AI Governance Council that defines every strategic move for using and deploying AI – standards that suppliers that integrate with Bayer’s AI ecosystem are expected to meet.
Procurement contracts have also been updated with AI-specific security annexes that require suppliers to disclose how they use Bayer data, which AI tools they employ, and to report incidents. These contract changes are being rolled out to major partners now and will be deployed across the supplier base over the next 18 months.
“Suppliers must inform us how they’re using our data,” Jones said, underscoring that transparency and contractual controls are non-negotiable.
Image credits: brunocoelho / Taljat David / Shutterstock.com
