Security Leaders Share Their Thoughts on Generative AI

Danielle Ruderman (00:03):
Security and AI is a very broad topic, and we found that our CISOs are concerned in a couple of different areas, one obviously being ChatGPT, large language models. Their teams want to use them, their coders want to use them, so we have to talk about, as a CISO responsible for securing your organization, what policies and procedures do you put into place? How do you think about your teams using this?

I think what’s interesting is that many CISOs want their teams to use it. They really see the potential of these tools, so we talk about what kind of guardrails you need to have in place, how to use them responsibly. Those are very important discussions.

Aman Sirohi (00:34):
What I think we are going to run into pretty quick is going to be around the AI risk. What is this risk exposure to your company, to your customers?

Every contract that I know about says third-party data cannot leave your environment and go to a third-party source. Now whether it’s whichever AI model you want to use, that data is now leaving your environment, going to a third-party source and coming back and giving you some answer. So I think there’s going to be a lot of change in how legal looks at it, how risk is assumed by the customer, by the company. I think there’s going to be a lot of innovation in the space.