In this post-RSAC 2025 Brand Story, Marco Ciappelli catches up with Steve Schlarman, Senior Director of Product Management at Archer, to discuss the evolving intersection of GRC, AI, and business value. From regulatory overload to AI-enhanced policy generation, this conversation explores how meaningful innovation—grounded in real customer needs—is shaping the future of risk and compliance.
In this post-RSAC 2025 Brand Story, Marco Ciappelli catches up with Steve Schlarman, Senior Director of Product Management at Archer, to discuss the evolving intersection of GRC, AI, and business value. From regulatory overload to AI-enhanced policy generation, this conversation explores how meaningful innovation—grounded in real customer needs—is shaping the future of risk and compliance.
Not All AI Is Created Equal: The Archer Approach
RSAC 2025 was buzzing with innovation, but for Steve Schlarman and the Archer team, it wasn’t about showing off shiny new toys—it was about proving that AI, when used with purpose and context, can truly enhance the risk and compliance function.
Steve, Senior Director of Product Management at Archer, breaks down how Archer Evolve and the recent integration of Compliance.ai are helping organizations address regulatory change in a more holistic, automated, and scalable way. With silos still slowing down many companies, the need for tools that actually do something is more urgent than ever.
From Policy Generation to Risk Narratives
One of the most practical applications discussed? Using AI not just to detect risk, but to help write better risk statements, control documentation, and even policy language that actually communicates clearly. Steve explains how Archer is focused on closing the loop between data and business impact—translating technical risk outputs into narratives the business can actually act on.
AI with a Human Touch
As Marco notes, AI in cybersecurity has moved from hype to hesitation to strategy. Steve is candid: some customers are still on the fence. But when AI is delivered in a contextual way, backed by customer-driven innovation, it becomes a bridge—not a wedge—between people and process. The key is not AI for the sake of AI, but for solving real, grounded problems.
What’s Next in Risk? Better Conversations
Looking ahead, Schlarman sees a shift from “no, we can’t” to “yes, and here’s how.” With a better grasp on loss exposure and control costs, the business conversation is changing. AI-powered storytelling and smart interfaces might just help risk teams have their most effective conversations yet.
From regulatory change to real-time translation of risk data, this is where tech meets trust.
⸻
Guest:
Steve Schlarman, Senior Director, Product Management, Archert | https://www.linkedin.com/in/steveschlarman/
Resources
Learn more and catch more stories from Archer: https://www.itspmagazine.com/directory/archer
Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25
______________________
Keywords:
steve schlarman, marco ciappelli, rsac2025, archer evolve, compliance.ai, regulatory change, grc, risk management, ai storytelling, cybersecurity, compliance, brand story, rsa conference, cybersecurity strategy, risk communication, ai in compliance, automation, contextual ai, integrated risk management, business risk narrative, itspmagazine
______________________
Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage
Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf
Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us
Post-Event Booth Conversation | Archer @ RSAC 2025
Featuring: Steve Schlarman, Archer | Hosted by Marco Ciappelli, ITSPmagazine
Marco Ciappelli:
Yeah. All right, we’re rolling.
Steve, it seems like just a few hours ago… just like yesterday, right?
Well, anyway — always a pleasure. We’re all running around like crazy at this event, and I hear again — more than 40,000 people at RSA Conference. Or RSAC Conference… they changed the name.
Steve Schlarman:
They changed the name, yeah. 2025 — believe it or not.
Marco Ciappelli:
So, how has it been so far?
Steve Schlarman:
It’s been great. We’ve had a lot of traffic. Attendance seems to be back to the numbers we saw years ago.
It’s very exciting — I think it’s a good indicator for the overall security industry. Plus, there’s so much innovation — just walking the floor and seeing all the new products and technologies being built.
We’ve had a great show. A lot of existing clients came by asking, “Hey, what’s new?”
And of course, many prospects as well. So many people know about Archer, but as we’ve talked about — we’re a bit different now. With Archer Evolve, we’ve really pushed the envelope on the technology side. And this show has given us the perfect platform to showcase it.
Marco Ciappelli:
Right — this is the place to look at the future. It’s kind of like CES or NAMM if you want to know what’s coming in tech or music.
And like you said, even if you saw a company at RSA last year, one year is a long time in this space.
So what’s the news you’re sharing with existing or new customers?
Steve Schlarman:
Yeah — last year, our acquisition of Compliance.ai was brand new.
Over the past year, we’ve really integrated their capabilities to tackle regulatory change.
We’ve expanded their AI models — all the things they were innovating in the GRC space — and merged them into a broader end-to-end compliance strategy.
We’ve showcased that here. A lot of clients are struggling with regulatory change — it’s a lot to take in, and still involves too many manual processes.
I just came out of a meeting where that was a big topic: many companies are still siloed and need automation to free up resources and break those silos down.
What we’ve built on the regulatory side really helps with that.
Marco Ciappelli:
I know you really listen to your customers. They’re your ears, your eyes — they’re the ones living through these challenges.
Has their feedback directly shaped the evolution of your platform?
Steve Schlarman:
Absolutely. AI is obviously top of mind for everyone — but for us, it’s about using it in a meaningful way.
We’re not just slapping an “AI-powered” label on things.
For example, we’re using AI to generate control and risk content — helping customers write better risk statements, policies, and standards that are more complete and communicate better.
On the risk side, we’re bridging the gap between risk data and what it actually means to the business.
Too often, a risk analyst has to sit down and translate the output into business terms.
We’re looking at how AI can help build those narratives — helping business leaders understand exposure and operational impact.
Marco Ciappelli:
Yeah, when AI started to go mainstream, everything suddenly had “AI inside” — and people got nervous.
Now we’re talking about agentic AI. But I imagine some folks are still hesitant.
Steve Schlarman:
For sure. But when it’s delivered in context and backed by experience, it makes a difference.
As you mentioned, we pride ourselves on listening to customers and building solutions to their real-world challenges.
We always consider the people side of risk and compliance. It’s not just about the tech — it’s about building good processes and making sure people have the tools they need.
That’s what drives our AI strategy: using it where it actually matters for our clients.
Marco Ciappelli:
So… what’s next?
Steve Schlarman:
What’s next in risk? Well, risk isn’t going away.
But what is next is getting a better handle on quantifying your loss exposure.
As companies start to understand the cost of controls and risks, the business conversation changes.
It’s no longer, “No, we can’t do that.” It becomes, “Yes, we can — here are the guardrails, here’s what we need to spend to reduce exposure.”
That creates much more strategic alignment.
Whether it’s through analytics, AI-generated narratives, or improved chat interfaces, AI can help risk teams cut through ambiguity and be more effective.
Marco Ciappelli:
Very cool.
Well, we love talking with you guys. You know we’re big fans.
Glad we could meet here at the booth — lots of action going on right behind us.
Steve Schlarman:
That’s the joy of RSA Conference!
Marco Ciappelli:
All right, Steve — thank you so much.
Steve Schlarman:
Thank you! Take care.