Understanding AI Security and Privacy: Key Insights from Walter Haycock of StackAware

Picture of GAI Insights Team GAI Insights Team : Aug 19, 2024

Understanding AI Security and Privacy_ Key Insights from Walter Haycock of StackAwareBusinesses want to integrate artificial intelligence (AI) into their operations. But they may have concerns about security and privacy.

Walter Haycock of StackAware helps us to think about these concerns by providing answers to ten common security questions. These are things that executives and employees are asking during Generative AI (GenAI) trainings, or at trade shows or events. Check out some of his key points, which are crucial for any firm or company that is bent on using AI technologies and trying to find a road map for implementation when the path ahead looks dark.


Critical Questions CEOs Should Be Asking About AI Security and Privacy

  1. What Are Our Business Requirements for AI? The surge in corporate interest in AI hasn’t always been accompanied by clear use cases. It’s easy to fan out about ChatGPT, but before embarking on an AI project, you have to define your goals and make sure you know where you’re headed.
  2. For example, say a business is creating a chatbot to answer public questions. How does this work? Confidentiality might not be a major concern, but execs or leaders might be worried about the risk of reputational damage due to inappropriate results or machine hallucinations. In contrast, using AI for medical diagnoses requires strict confidentiality and accuracy due to the sensitive nature of the data involved.
  3. What Are Our Regulatory and Compliance Obligations Related to AI? Companies operating across multiple jurisdictions have to understand how to comply with complex regulations that have been set up in recent years. There’s the EU's GDPR and the California Consumer Privacy Act (CCPA). The Securities and Exchange Commission or SEC is becoming more vigilant in enforcing cybersecurity requirements. Staying compliant with these regulations is important when a business is trying to get AI solutions into the fold in a safe and legal way.
  4. What Is Our Risk Appetite and Tolerance? Many organizations fail to explicitly define their risk appetite. That can create confusion among employees about acceptable practices, especially if they don’t have access to clear requirements, with something like a handbook. When a business really outlines its cybersecurity risk tolerance, that will streamline development and deployment decisions, ensuring that the organization remains focused and compliant.

Immediate Actions for Enhancing AI Security and Privacy

Create Good Policy Guidance

Policy guidance should include elements of AI governance and the use of AI tools. When you want a balanced approach, you have to look at clarity and continuity, and guidelines, and how to train people on appropriate use.

Maintaining an Inventory

It’s also important to keep a log of AI tools and how they are used. That helps you to prevent a phenomenon called shadow AI, where you have abstracted processes running in the background. A clear inventory helps with cybersecurity and more.

Communicating Clearly About AI

It’s also important that people at all levels know how you’re using AI tools. When you don’t properly  explain your strategies, that can lead to certain liability situations. Clear communication is critical for good AI usage.

Is AI using my company to train GPT?

Some versions of ChatGPT may be using training data, although the consumer version has a non-data approach as a default. You can also get more control by choosing the versions of that make more sense for business.

Should we be worried about AI-powered cyberattacks?

Yes, absolutely. AI can help fraudsters to generate different kinds of spearphishing attacks or certain types of digital fraud. Because so many of these are built on false credentials and misinformation, AI ability to generate deep, fakes and other false data set is powerful to hackers.

Prompt Injection

There are also problems with people manipulating an AI model with prompts. This can leave sensitive data at risk.

Conclusion

As AI technologies continue to evolve, the complexity of securing these systems will only increase. Organizations must stay vigilant, continually updating their policies, training, and practices to manage the risks associated with AI. By addressing the critical questions and actions outlined by Walter Haycock, businesses can better navigate the challenges of AI security and privacy.
Walter Haydock on Security and Compliance: Be Prepared

Walter Haydock on Security and Compliance: Be Prepared

At the Generative AI World conference, Walter Haydock, Founder and CEO of StackAware, talked to us about security and compliance for programs. If...

Shikhar Ghosh’s Predictions on AI: Termites, not Tornadoes

Shikhar Ghosh’s Predictions on AI: Termites, not Tornadoes

At the Generative AI World conference September 12-13, we heard from serial entrepreneur and HBS Professor Shikhar Ghosh about AI, and his...

Jerry Case Study for Customer Service Saving over $4M A Year

Jerry Case Study for Customer Service Saving over $4M  A Year

Trusted by AI leaders and vendors around the globe - we help you cut through the noise and stay informed so you can unlock the transformative power of GenAI .

Subscribe to Our Daily Briefing

Generative AI
World 2024

October 7-8, Boston MA

Join us at this year's Generative AI World! Hear from enterprise AI leaders who are achieving meaningful ROI with their GenAI initiatives and connect in-person with the GAI Insights members community including C-suite executives, enterprise AI leaders, investors, and startup founders around the world

GAI Insights is an industry analyst firm helping AI Leaders and investors achieve business results with GenAl.
Catch up with our AI Analysts
Adam rappaport
The Festival of AI + Robotics 17-18 September | Melbourne, AUS