Forrester senior analyst Tope Olufon discusses how CISOs face the challenge of shadow IT with generative AI. CISOs need to approach AI as they would any other technology, he says. "Create a threat model, not just based on best practices, but for your organization, and then build security for that."
In the latest weekly update, ISMG editors discussed the upcoming North America Midwest Cybersecurity Summit, challenges and solutions regarding AI training data, and the implications of the new European Union Artificial Intelligence Act for CISOs.
Privacy, AI governance and data governance are interconnected because they all rely on effective data management practices. Ojas Rege, general manager, privacy and data governance, OneTrust, shared insights on the challenges, risks and opportunities arising from the convergence of these domains.
As companies adopt generative AI tools, exfiltration of sensitive data remains a persistent challenge. Andres Andreu, deputy CISO, Hearst, shares insights into the limitations of relying on policies and the crucial role of collaboration with AI providers to mitigate potential data breaches.
AI offers significant business benefits but also introduces data privacy risks. According to Harmonic Security's CEO Alastair Paterson, CISOs worry about sensitive data shared with third-party applications. "Our approach is certainly security for AI," he said.
Mandiant's Nader Zaveri explores how AI is revolutionizing cybersecurity. He discusses the advancements in blue team capabilities, the evolving role of generative AI in threat detection and the importance of intercepting threats before they reach end users.
Ray Ellis, head of AI security at Philip Morris International, emphasized the necessity of capturing requirements for securing AI capabilities, protecting privacy, understanding legal implications and ensuring enterprise architecture that prevents shadow AI.
Javvad Malik, lead security awareness advocate at KnowBe4, emphasized the increasing risk posed by threat actors during election cycles - exploiting social media, posting deepfake content and disseminating misinformation. "Be skeptical of everything you see," he said.
Vinit Tople of Amazon outlined three key areas for implementing large language models - identifying use cases, deciding between building in-house capabilities versus buying off-the-shelf solutions, and mitigating the inherent risks associated with LLMs.
In the latest "Proof of Concept," Troy Leach of CSA and Avani Desai of Schellman discussed integrating AI into organizational frameworks. They highlighted the evolving roles of compliance and leadership and the importance of regulatory frameworks in ensuring robust and trustworthy AI deployment.
Jake Gillen, principal solutions architect at Expel, discusses the crucial role of artificial intelligence and machine learning technology in transforming security operations centers or SOCs, using automation to mitigate rapidly evolving cyberthreats and accelerate incident response.
To platform or not to platform? That is the question facing many CISOs when it comes to managing cybersecurity vendors, and the answers are changing thanks to artificial intelligence and machine learning, said Brian Essex, executive director, U.S. software equity research, JPMorgan Chase & Co.
Mark Ryland, director of Amazon Security, discusses the need for memory-safe programming languages and formal verification techniques to address security vulnerabilities and comply with emerging regulations. He emphasized the shift toward using Rust, a high-performance language for bug elimination.
JC Raby, managing director, head of emerging technology, JP Morgan Investment Banking, shares his insights on how historical trends inform current practices and future innovations in the dynamic field of cybersecurity - from early penetration testing to advanced AI solutions.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing aitoday.io, you agree to our use of cookies.