What are the guardrails we can have in AI era to ensure we have the right policies in place for example, DNS filtering policies

26 September, 2024 12:06

One of the key issues around AI is recognising that preventative capabilities aren't just technology. They need to be people and process AND tech to ensure the organisation is building the right abilities to protect and defend.

26 September, 2024 12:09

If your CEO/CTO wants to allow copilot in your organization, what would you as cyber security expert put in place to reduce exposure? How would the processes change and what culture change is required if we already follow DevSecOps using SAST and DAST in CI/CD pipeline

26 September, 2024 12:12

bringing the rigour we typically in other aspects of cyber I think is a great starting point - start with the asset identification (including/especially data assets that the models will have access to) then profile the threat and risks associated with each AI asset

26 September, 2024 12:17

AI provide cyber professionals a great opportunity - how often are we faced with a true green field - so the risk cyber teams been seen as a blocker of AI initiatives is real - we should look to educate and support - be the enablers

26 September, 2024 12:19

at EY we have been developing models/frameworks to do exactly this support of businesses in their exploration of AI

26 September, 2024 12:20

there is the need to also factor ethical considerations beyond DevSecOps etc

26 September, 2024 12:24

Thanks RickIs there a standard/framework as of today that organizations can adopt.

26 September, 2024 12:24