Generative AI and ChatGPT Enterprise Risks

Channel:
United States SANS Institute
Subscribers:
64,200
Published on ● Video Link: https://www.youtube.com/watch?v=AhBD9kogz1A


Category:
Guide
Duration: 20:27
418 views
5

SANS AI Cybersecurity Summit 2023

Speaker: David B. Cross, CISO, Oracle Cloud
Gadi Evron, CISO-in-Residence, Team8

With Generative AI, and ChatGPT specifically, our industry finds itself behind the technology adoption curve, while employees and business units rapidly adopting the technology.

Key questions CISOs are asking: Who is using the technology in my organization, and for what purpose? How can I protect enterprise information (data) when employees are interacting with GenAI? How can I manage the security risks of the underlying technology? How do I balance the security tradeoffs with the value the technology offers?

In this talk, we will deep-dive into enterprise security risks, threats, and impacts stemming from GenAI, examine how these can be effectively managed, walk through considerations in developing enterprise policy on the topic, and provide examples to that end.

We'll also touch on threat modeling GenAI, discuss how to hold a conversation with product teams and other stakeholders, and raise non-security risks such as legal and regulatory concerns. Lastly, we will provide a sample policy, along with a paper by the same name written with 80 CISOs, released on April 20th.

Takeaways:
- Understanding GenAI enterprise security risks, threats, and impacts.
- Considerations in building a GenAI policy, where it is and isn't necessary, and Risk Exceptions based on Risk Appetite.
- What a threat model for GenAI looks like.
- An understanding of some non-security risks, such as legal and regulatory.
- Heys to having productive conversations with product teams and other stakeholders.

View upcoming Summits: http://www.sans.org/u/DuS



Other Videos By SANS Institute


2023-07-18Demystifying the NIST AI Risk Management Framework
2023-07-18Preserving Creativity and the Ethical Implications of AI Art Generators
2023-07-18Navigating the Impact of Emerging Tech on Education: A Teen's Perspective on AI and Cybersecurity
2023-07-18The Ethics of AI and ML: Ensuring Cybersecurity and Privacy in Automated Decision Making
2023-07-18Unraveling the AI and ML Potential: Boosting OSINT and OPSEC Capabilities and Effectiveness
2023-07-18AI for Red Team & Malware Development
2023-07-18AI and Its Impact on Cybersecurity
2023-07-18How to Hack an AI
2023-07-18Deepfake It Til You Make It: How IO Actors are Leveraging Generative AI Avatars
2023-07-18Zero Hype Real-World Applied AI/ML in Cybersecurity
2023-07-18Generative AI and ChatGPT Enterprise Risks
2023-07-18Generative AI in Cybersecurity: Rise of the Machines?
2023-07-18New to Cyber: AI-Powered Careers
2023-07-18Addressing Practical and Ethical Issues in AI-Assisted Threat Intelligence Analysis
2023-07-11Skill vs. Background: The Great Cyber Hiring Debate | July 11, 2023
2023-07-05Understand Vulnerability Management Maturity with a Self-Assessment Tool
2023-06-29How CISOs Can Better Connect with Their Boards and Make the Case for Cybersecurity
2023-06-29Panel | How Artificial Intelligence (AI) Will Change Cybersecurity Leadership
2023-06-29Keynote | Demonstrating CISO ROI with the C-Suite
2023-06-29Panel | The Intersection of Cybersecurity and Law
2023-06-29Cybersecurity Charisma: Unlocking Security Culture and Leadership


Tags:
sans institute
information security
cyber security
cybersecurity
information security training
cybersecurity training
cyber security training