- This event has passed so registration is closed.
Overview
Existing risk management policies, and the related business processes, which may have been appropriate for the traditional information technology environment, will not be workable in the AI environment. In this presentation, we’ll discuss what’s markedly different between the traditional information technology risk management environment, and the new AI risk management environment. For example, there is a risk of model stealing with publicly facing AI systems, but no such risk is found in traditional publicly facing systems. Likewise, the result provided by a certain query submitted to a Generative Artificial Intelligence (GAI) system may not be the same from day to day, but no such phenomenon is present with traditional information systems. Similarly, the great power of AI systems can be used to overcome traditional privacy-protection mechanisms such as anonymization, and this has not been previously encountered with traditional information systems. Also covered in this presentation will be suggested managerial and technical responses to these differences, such as an AI Acceptable Use Policy and an AI Life Cycle Process. Some recent legal developments in the AI risk management area will also be briefly covered.
Moderator
Alex Grohmann – Founder, Sicher Consulting
Alex Grohmann has over two decades of experience in technology-related information security, risk management and data privacy. During his career, he has worked at both the state and Federal level, and his private sector involvement has spanned from energy to financial services. He is the founder and operator of Sicher Consulting, LLC. Mr. Grohmann holds industry certifications of CISSP, CISA, CISM and CIPT. He holds two undergraduate degrees from Florida State University as well as an MBA from UMUC.
Mr. Grohmann is a Fellow at the Information Systems Security Association (ISSA), an international organization of information security professionals. He is the recipient of their international ‘Honor Roll’ for his lifetime contributions to the information security community. He has served on the board of directors for the Northern Virginia chapter of ISSA for over ten years, including as president for three. During his time, the chapter won the Chapter of Year.
He is a graduate of the FBI’s Citizens’ Academy and served on the board of directors for the Washington DC chapter of InfraGard for four years. Currently Mr. Grohmann serves on the board directors of Northern Virginia Community College’s Workforce Development taskforce, NOVA Cybersecurity Advisory Board and is a mentor at MACH 37, the Virginia cyber security accelerator. He also sits on the IT sector coordinating council (IT-SCC).
Speaker/s
Charles Cresson Wood, Esq.
Charles Cresson Wood, Esq., JD, MBA, MSE, CISM, CISSP, CGEIT, CIPP/US, CISA, is a risk management attorney and management consultant. His most recent book is entitled “Internal Policies for Artificial Intelligence Risk Management.” That book provides a compendium of already-written policies which can be adapted to any user organization’s environment, approved, and internally published at licensee organizations. Charles is best known for his book entitled “Information Security Policies Made Easy,” which has been purchased by 70%+ of the Fortune 500 companies. Charles is also the author of the recent book entitled “Corporate Directors’ & Officers’ Legal Duties for Information Security & Privacy.” He has over 40 years in the information systems risk management field, and can be reached through his web site www.internalpolicies.com.
ISSA Webinars and Conference series cover all the continuing education credits to maintain your cyber security certifications. (CPEs, CEUs, ECE, etc). Each hour is equal to one continuing education credit. Certificates of completion are available upon request after completion. For instructions, click here.