Navigating the AI Landscape: Insights from a CISO

By Eric Freeman, CISO, Leidos QTC Health Services · April 18, 2024

As a CISO, I’m always thinking about risk.  In our positions and in our line of work we’re always in a bit of a paranoid state. It’s a common trope that we lose sleep at night because we’re worried about who and what might be lurking in our systems, undetected.

What’s on everybody’s mind right now is AI. I find myself, probably like many CISOs, grappling with the challenges posed by the rapid evolution of AI in cyber threats.

Reports show bad actors using AI to launch sophisticated attacks, underscoring how important it is for us in cyber to get ahead of these complex risks.

Recently, I had the opportunity to chat with Trellix CISO Harold Rivas on this issue and discuss vital strategies for integrating AI into our defensive strategies.

Understand the impact of AI

The conversation around AI often oscillates between skepticism and fear, but we need to recognize its potential as a tool for both adversaries and defenders. Personally, I like to remain somewhere in the middle.

For me,  it's crucial to acknowledge AI's transformative potential. AI isn't just a cybersecurity issue; it's a business opportunity.

AI presents a significant opportunity to enhance our security posture. AI's ability to analyze immense amounts of data and identify patterns can significantly improve threat detection and response times. Beyond its implications for cybersecurity, AI promises significant business benefits, such as enhanced efficiencies and automation.

By championing responsible AI adoption within the leadership team, CISOs can ensure its use aligns with strategic objectives and minimizes the risk of shadow AI (unauthorized AI projects). This proactive approach empowers CISOs to shape the conversation around AI and mitigate potential risks.

Establish a governance framework

The best way I can think of to start is by establishing a robust governance framework. You need to delineate how AI technologies are utilized within the organization and address key considerations such as data handling, classification, and usage policies.

• Data Management:  Define clear terms of use for data classification, access controls, and use of AI development and deployment. Pay particular attention to sensitive Personally Identifiable Information (PII).
• Open Source vs. Proprietary Solutions: Decide whether to develop custom AI tools or leverage pre-built solutions. Consider factors such as cost, expertise, and security posture.
• Ethical Considerations: AI solutions raise important ethical questions. The governance framework should address bias and fairness in AI algorithms.
• AI Usage Guidelines: Establish clear rules for AI deployment within the organization. This includes employee training on critically evaluating AI outputs (given the potential for AI to generate inaccurate data), data sharing protocols, and data tracking techniques (e.g., watermarking).

A well-defined governance framework not only mitigates risk but also addresses ethical considerations surrounding AI use. Remember, the human element remains critical in any security system, and a robust framework helps address potential human vulnerabilities.

Embrace collaborative defense

Let's face it: none of us can always be the smartest person in the room. Being a CISO means I've had to shed my engineer hat and embrace the broader view. Here's the thing: you don't have to go it alone.
Collaboration with other cybersecurity leaders allows us to swap ideas, share best practices, and gain fresh perspectives on tackling evolving threats. Connect with other CISOs and cybersecurity leaders. Ask them: "What are you doing with AI in your organization?" Become a knowledge sponge, soaking up the latest models and trends. Attend industry conferences – everyone tackles challenges a little differently, and those key differences can be invaluable in building your own AI strategy.
This collaborative approach can involve:

• Knowledge Sharing: Discuss with other CISOs to understand how they leverage AI within their organizations.
• Staying Current: Participate in industry conferences to keep up-to-date on emerging trends and best practices in AI-powered cybersecurity solutions.
• Collaborative Defense: Sharing learnings and experiences with fellow security professionals strengthens the overall cybersecurity posture of the industry.

Collaboration and knowledge sharing means we can empower our organizations to adapt and thrive in a complex threat landscape.

AI is transforming the cybersecurity landscape, presenting both challenges and opportunities. By embracing AI strategically, establishing a sound governance framework, and fostering collaboration within the cybersecurity community, CISOs can leverage this powerful technology to build a more secure future for their organizations.

Watch my entire conversation with Trellix CISO Harold Rivas for further insights and catch up on Trellix's The New Frontier of Cybersecurity: AI's Risks and Opportunities Virtual Summit on-demand.