FAIR Institute Blog

FAIRCON23 Session: Restoring the CISOs’ Superpower to Work on Generative AI

[fa icon="calendar"] Sep 18, 2023 8:00:00 AM / by Omar Khawaja

Omar Khawaja

Omar Khawaja Highmark Health FAIRCON 2018 2

CISOs have a challenging role. If they say no to the business, they are perceived as not team players and putting the enterprise first. If they say yes to the business when they want to do something risky, they are perceived to be callous. Not only do CISOs need to keep up with the business’ appetite for growth, diversification and experimentation, but somehow they have to keep up with the explosion of technologies promising to revolutionize their business.

Author Omar Khawaja leads sessions on risk analysis for artificial intelligence at the 2023 FAIR Conference.  See the FAIRCON23 agenda and register now!

Generative AI is one of those promising technologies that will likely end up actually being

impactful, even after the hype dies down. In talking to dozens of CISOs about Generative AI,

there are four CISO profiles that most fall into:

  1. GenAI is like any other application. We don’t need to treat it differently.
  2. I realize GenAI may be different from traditional applications. Still, I don’t have the mind space, budget or resources to learn something new, but when there is a major AI incident, we will put a program in place to manage GenAI risks.
  3. I want to learn GenAI so I can be a better partner to my business and shepherd the AI journey securely.
  4. I already have a program in place to manage GenAI risks, and we are actively using AI to power various parts of our cyber program.

If you identify most with CISO profile #3 above, we have designed a workshop just for you,

covering the following topics:

  • How Generative AI models work and underlying concepts
  • Top technical risks associated with Generative AI
  • Top non-technical risks associated with Generative AI
  • Essential controls to mitigate AI risks
  • Approaches to assessing the risk of AI in your environment

CISOs are instinctive assessors of risk. However, this superpower fails most CISOs when it comes to AI. The primary reason is that CISOs don’t have a simple mental model of an AI system that they can readily visualize to synthesize assets, threats, impact and controls. This is the ultimate goal of this workshop - to render CISOs’ instinctive superpower of assessing risk to be operable and effective when it comes to AI.

If you’re interested in the GenAI workshop for CISOs, join me and Brandon Sloane,Information Security Risk Management Lead for AI Governance at Meta, at the workshop we are hosting at FAIR Conference 2023 on Day 1, Tuesday, October 17 from 2-5 PM. Register today!

Topics: FAIR Conference 2023

Omar Khawaja

Written by Omar Khawaja

Omar Khawaja is Board Member, FAIR Institute; Field CISO, Databricks; Faculty Member, Carnegie Mellon University


Subscribe to Email Updates

Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts