FAIRCON23 Session: Restoring the CISOs’ Superpower to Work on Generative AI

CISOs have a challenging role. If they say no to the business, they are perceived as not team players and putting the enterprise first. If they say yes to the business when they want to do something risky, they are perceived to be callous. Not only do CISOs need to keep up with the business’ appetite for growth, diversification and experimentation, but somehow they have to keep up with the explosion of technologies promising to revolutionize their business.

Author Omar Khawaja leads sessions on risk analysis for artificial intelligence at the 2023 FAIR Conference.  See the FAIRCON23 agenda and register now!

Generative AI is one of those promising technologies that will likely end up actually being impactful, even after the hype dies down. In talking to dozens of CISOs about Generative AI, there are four CISO profiles that most fall into:

1. GenAI is like any other application. We don’t need to treat it differently.
2. I realize GenAI may be different from traditional applications. Still, I don’t have the mind space, budget or resources to learn something new, but when there is a major AI incident, we will put a program in place to manage GenAI risks.
3. I want to learn GenAI so I can be a better partner to my business and shepherd the AI journey securely.
4. I already have a program in place to manage GenAI risks, and we are actively using AI to power various parts of our cyber program.

If you identify most with CISO profile #3 above, we have designed a workshop just for you, covering the following topics:

• How Generative AI models work and underlying concepts
• Top technical risks associated with Generative AI
• Top non-technical risks associated with Generative AI
• Essential controls to mitigate AI risks
• Approaches to assessing the risk of AI in your environment

CISOs are instinctive assessors of risk. However, this superpower fails most CISOs when it comes to AI. The primary reason is that CISOs don’t have a simple mental model of an AI system that they can readily visualize to synthesize assets, threats, impact and controls. This is the ultimate goal of this workshop - to render CISOs’ instinctive superpower of assessing risk to be operable and effective when it comes to AI.

If you’re interested in the GenAI workshop for CISOs, join me, Brandon Sloane, Risk Management Lead for AI Governance at Meta, and Kurt John, Global CISO at Expedia, at the workshop we are hosting at FAIR Conference 2023 on Day 1, Tuesday, October 17, from 2-5 PM. Register today!