Skip to content

New Episode: Meet Shadow AI, the Rising New Threat

There’s a big danger to big (and small) business these days: uninformed employees wielding outside AI tools. NeuEon CISO Candy Alexander offers her take – and tips on taming the threat – in the second of Let’s Converge’s two-part interview.

Perspective

Here’s a taste of the episode:

A lot of organizations will say they don’t use AI. And that just makes Candy Alexander snicker. Of course employees are using “shadow” AI tools (that is, those not approved by the company). They’re using these tools to do all kinds of things – brainstorm presentation ideas, write memos, create charts – and without realizing it, they may be exposing company data.

Any business that doesn’t have an AI strategy needs to get a clue and act fast. “My advice to them is, you better hurry up and do that now and set parameters,” Alexander says. “It needs to start with something as simple as your acceptable-use policy. Put those parameters, those guardrails, that directional control as to what is acceptable and what isn’t.”

Step into your autonomous endpoint management (AEM) journey. Join thousands of global IT and security experts for vital keynotes, curated breakout sessions, hands-on labs, and certifications. TANIUM CONVERGE 2024, Nov. 18 – 21

In this 20-minute discussion with Stephanie Aceves, a senior director of product management at Tanium, Alexander suggests that we need to think about AI in the same way we consider supply chain security. What AI do we use directly, and what is used indirectly? Enterprise leaders need to consider both the tools approved for enterprise use, and those they don’t know about but are there just the same, in employees’ grasp.

If data does leak, regulation may be able to stop unauthorized entities from using it, says Alexander, but you want to prevent it from leaking in the first place. The key there is making employees aware of why shadow AI, despite its compelling use cases, is potentially dangerous. “It’s truly a revolutionary era that we’re coming into with AI, and it can go multiple ways,” says Alexander. “I have confidence it will go well, but I think there’s going to be some scary bumps in the night.”

[LISTEN TO THE FULL EPISODE: Ep. 19 – Meet Shadow AI, the Rising New Threat]

It’s truly a revolutionary era that we’re coming into with AI… but I think there’s going to be some scary bumps in the night.

Candy Alexander, CISO and cyber practic lead, NeuEon Inc.

FOR MORE EPISODES

By tuning in to Let’s Converge, you’re joining a community of like-minded individuals who are passionate about cybersecurity. Each episode lasts about 20 minutes, so it’s easy to stay informed without having to commit to hours of listening.

Anne Torpey

Anne Torpey is a veteran writer, editor, and word-wrangler who's worked for a bevy of world-class media outlets and legendary brands, including Vice Media, Rolling Stone, W, New York Magazine, Adweek, Porsche, The Ad Council, and McKinsey & Co. Her dad taught her the power of words, and she tries to use the best ones every day.

Tanium Subscription Center

Get Tanium digests straight to your inbox, including the latest thought leadership, industry news and best practices for IT security and operations.

SUBSCRIBE NOW