The same features that make AI useful also make it exploitable. In fact, the speed of progress in emerging technologies is That unpleasant reality is growing stronger by the minute.
While professionals may not want to expose their organizations to new threats, they also recognize the risk of falling behind. Other companies are also looking to gain a competitive edge by implementing AI.
So what to do about this difficult challenge? Five business leaders share five ways professionals can ensure better security in the age of AI.
read more:
AI’s biggest threat comes from within – 12 ways to protect your organization
1. Share knowledge
Barry Panay, group chief data officer at insurance broking group Howden, said one of the big benefits of working for his organization was that many staff were aware of the cyber risks associated with AI.
“We offer cyber insurance as a business, so we have people who understand this space,” he said. “So it’s not just technical people who can understand security, it’s not just data or AI experts.”
As the executive responsible for ensuring the secure implementation of AI, Mr. Panay encouraged professionals in all organizations to enhance their cyber qualifications. “I think people need to know more about security in their roles.”
Panay said the multifaceted nature of AI cybersecurity means professionals should expect new roles and responsibilities to emerge as people share and exchange knowledge across teams to create more powerful approaches.
“I know that the best security experts are the ones who talk to my AI team and ask, ‘How does this work? How does that work?'” he said.
“And conversely, the AI team speaks with information security experts to ensure that their processes do not get in the way of making systems more secure.”
read more:
Why encrypted backups can fail in the age of AI-driven ransomware
2. Back to basics
Nick Pearson, CIO of technology specialist Ricoh Europe, said managing cybersecurity in the AI era requires a multi-dimensional approach, with new dimensions being discovered almost every day.
Pearson told ZDNET that experts can be overwhelmed by the wide range of threats associated with emerging technologies.
But his conversations with other experts, including Ricoh Europe’s CISO, suggest that it’s important to place AI cyber threats in context.
“Good security still goes back to the basics of good practice,” he said. “So we are secure by design, we have standards and capabilities, and we have teams to analyze, check and balance.”
Mr Pearson said professionals needed to ensure data was effectively managed and governed. Rather than reinventing the wheel, find ways to absorb AI into existing frameworks.
“Otherwise, it could be something other than good practices around data breaches, for example, which in our case has been around for 15 years,” he said.
3. Recognize the power of help
Martin Hardy, director of cyber portfolio and architecture at Royal Mail, said one of the key elements to the company’s cyber approach was its internal AI governance forum.
“We’re not stopping people from using AI, but we’re making sure that there’s some governance around it when it comes to building it into applications,” he said.
“Understanding where our data is and what data goes into those AI solutions is key to success, as is understanding what we require of those solutions.”
Hardy told ZDNET that while he doesn’t want to underestimate the potential power of emerging technologies, it’s important for experts to view AI as a tool rather than an end in itself.
To leverage AI effectively and securely, you need to manage your data and decipher potential use cases.
“There will be instances where people use AI and get it wrong,” he says. “Success is changing your mindset to ‘This is not an answer, this is a help.'”
4. Raise awareness of jaywalking
John-David Lovelock, chief forecaster and distinguished deputy analyst at Gartner, says digital leaders and business professionals need to consider cyber threats when investing in AI through 2026..
Lovelock told ZDNET that one key issue is that organizations are not yet able to benefit from access to measurable, definable, and certifiable AI safety, which means end-user security requirements are unlikely to be met by many providers.
“We’re not at the point where we can say with AI, ‘Are there seatbelts? Can it survive a collision at 40km/h?'” he said.
Lovelock likened the current state of AI safety to the rise of pedestrian crossings in the 1920s, when the emerging auto industry lobbied government agencies to pass new laws..
“We shifted the blame from the person who expressed the right of way and was the victim of the accident to the person who should have known better and actually caused the accident,” he said.
“AI Jaywalking is an attempt to do the same thing: to ensure that the jays are responsible for whatever happens and happens as a result of the use of AI.”
This means that current vendor contracts are likely to place the responsibility for AI safety on end users rather than technology providers, and professionals need to be aware of that position.
“It is extremely important that we accept this situation,” he said. “We’ve seen this trend with other technologies. In some ways it’s not new, but it’s a reality with AI, so at least be careful.”
This means that current vendor contracts are likely to place the responsibility for AI safety on end users rather than technology providers, and professionals need to be aware of that position.
“It is extremely important that we accept this situation,” he said. “We’ve seen this trend with other technologies. In some ways it’s not new, but it’s a reality with AI, so at least be careful.”
“AI is better at that than humans because it considers the complete picture. We’re just so specialized in one area that we don’t always see the big picture.”
Love said AI can also help teams consider issues they might have ignored.
“I’m always checking to see if there are any security risks, and sometimes when I release code, people say, ‘Hey, this could be a little better,'” he said. “In today’s world, we need to be concerned about security risks.”
This article was originally published on our sister site ZDNET.
