"My experience in cybersecurity spans the gamut of Blue Team, Red Team, Threat Intelligence, and leadership. Before Resilience, I led the Security Orchestration, Automation, and Response (SOAR) program and the Cyber Incident Response Team (CIRT) Senior Analyst Team at Morgan Stanley. After getting my degree in computer science and information technology, I served in the United States Navy at sea and in the US Intelligence Community, before moving into the cybersecurity startup world, including a much earlier version of Resilience."
"This year, CISOs are tasked with communicating a mix of emerging risks and the long-tail risk of AI adoption. I recently presented on how we built our own employee generative AI policy. Some of the central audience questions were where the data ended up when employees used free versions of these tools. Could the data be stolen or exposed? Another practitioner rightfully pressed me on whether this has caused insurance claims or breaches. Boards will be asking the same questions of their CISOs this budgeting season."
Cybersecurity budgets have reached a five-year low in growth, forcing security leaders to stretch smaller budgets while seeking more flexibility for the upcoming year. CISOs must communicate a mix of emerging risks and the long-tail risk of AI adoption to boards and stakeholders. A cybersecurity leader's experience can span Blue Team, Red Team, Threat Intelligence, SOAR and CIRT leadership, military and intelligence service, and startup roles. Employee generative AI policies are essential because central concerns include where data goes when free tools are used, potential exposure, and whether AI incidents generate insurance claims. Organizations have already seen AI-related breaches in claims, making quantification and planning for AI risks a budgeting priority.
Read at Securitymagazine
Unable to calculate read time
Collection
[
|
...
]