New Episode: Meet Shadow AI, the Rising New Threat
There’s a big danger to big (and small) business these days: uninformed employees wielding outside AI tools. NeuEon CISO Candy Alexander offers her take – and tips on taming the threat – in the second of Let’s Converge’s two-part interview.
Here’s a taste of the episode:
A lot of organizations will say they don’t use AI. And that just makes Candy Alexander snicker. Of course employees are using “shadow” AI tools (that is, those not approved by the company). They’re using these tools to do all kinds of things – brainstorm presentation ideas, write memos, create charts – and without realizing it, they may be exposing company data.
Any business that doesn’t have an AI strategy needs to get a clue and act fast. “My advice to them is, you better hurry up and do that now and set parameters,” Alexander says. “It needs to start with something as simple as your acceptable-use policy. Put those parameters, those guardrails, that directional control as to what is acceptable and what isn’t.”
In this 20-minute discussion with Stephanie Aceves, a senior director of product management at Tanium, Alexander suggests that we need to think about AI in the same way we consider supply chain security. What AI do we use directly, and what is used indirectly? Enterprise leaders need to consider both the tools approved for enterprise use, and those they don’t know about but are there just the same, in employees’ grasp.
If data does leak, regulation may be able to stop unauthorized entities from using it, says Alexander, but you want to prevent it from leaking in the first place. The key there is making employees aware of why shadow AI, despite its compelling use cases, is potentially dangerous. “It’s truly a revolutionary era that we’re coming into with AI, and it can go multiple ways,” says Alexander. “I have confidence it will go well, but I think there’s going to be some scary bumps in the night.”
[LISTEN TO THE FULL EPISODE: Ep. 19 – Meet Shadow AI, the Rising New Threat]
It’s truly a revolutionary era that we’re coming into with AI… but I think there’s going to be some scary bumps in the night.
FOR MORE EPISODES
By tuning in to Let’s Converge, you’re joining a community of like-minded individuals who are passionate about cybersecurity. Each episode lasts about 20 minutes, so it’s easy to stay informed without having to commit to hours of listening.
- Ep. 18: Shining a Light on Shadow IT | Tanium
- Ep. 17: Copilot AI and the Steps to Transform Your Enterprise | Tanium
- Ep. 16: We Need to Get Proactive About Vulnerability Management | Tanium
- Ep. 15: It’s Tough Than Ever to Be a CISO – And It’s Time to Admit It | Tanium
- Ep. 14: How to Lead a Threat Intelligence Team | Tanium
- Ep. 13: Do You Need to Hire a Chief AI Officer? | Tanium
- Or check out our gallery of earlier episodes here – Informative and provocative discussions about data privacy (why it pays to take it seriously), ChatGPT (the hype and the hope), automation (security’s best kept secret), ransomware negotiation (to pay or not to pay), and much, much more.