CISOs need to be very aware of all the issues and risks related to their business and the entire corporate and personal ecosystems. With this awareness, they need to provide ongoing guidance and leadership in addressing these new opportunities and their risks. Many CISOs are including AI-based issues in their weekly staff meetings and giving initial guidance as well as updates to Executive Staff. For example: Chat GPT and other AI-based tools are lowering the bar for hackers to create very targeted phishing emails based on previous hack info combined with social media information that are fooling many end users. Staff members in Security, IT, Network and Development, as well as Marketing and Sales, are all using ChatGPT and that must be shared and discussed during CISO-led meetings! CISOs need to review and embrace the significant amount of good guidance that has recently been released. NIST just released the “AI Risk Management Framework” The AI Risk Management Framework (AI RMF) is intended for voluntary use and to improve the ability to incorporate trustworthiness considerations into the design, development, use, and evaluation of AI products, services, and systems. CISOs need to give good guidance to other executives that are needing to leverage AI tools to ensure their business innovates and beats the competition! We’ll discuss all the appropriate steps that CISOs can use: Framing the Risk, your Audience, AI Risks and Trustworthiness, Effectiveness of the Benefits, the Risk Management Core that describes “Govern, Map, Measure, and Manage” and describes the Risk Management Profiles.
Speaker: Peter Nicoletti, Field CISO, Check Point