Already feeling like you might be behind the AI Eight Ball? Here’s your guide to getting the answers you need to get out ahead.
If you felt like cyber security and AI dominated the news last year, you’re certainly not wrong!
Almost daily we read reports on the ongoing fall-out from Medibank, Optus, MGM and other high-profile data breaches, and the role cyber actors are increasingly playing in disrupting infrastructure, hampering our ability to do business, and complicating geopolitical conflicts. Add to this slew of tech industry announcements of readily accessible generative AI and automation tools, is it any wonder Australian organisations are feeling alert, alarmed and overwhelmed!
Here’s the conundrum – We have already produced more data than any time in human history, and now Generative AI and automation advancements have delivered into our hands the ability to access, process and action all those digital bits and bytes even faster, more accurately and on a previously unimaginable scale, in turn generating … even more data! And then slowly but surely we came to realise that if we can do this, then the bad guys must be able to do it too. But wait! They already are, and many of us have already fallen victim to their new tactics! Now we want to dive into Generative AI to speed up our own work in ever more creative ways, generating more and more data and connections that we’re not sure how to contain or protect…
Are we behind the Eight Ball before we’ve even begun?
Scale vs Skills – The Macro Picture
Microsoft, in establishing their Secure Future Initiative, has disclosed that they alone receive more than 65 trillion signals from devices and services around the world every single day. Put into context, this means that even if all 8 billion people on the planet were employed together to look for evidence of cyber-attacks, we still couldn’t keep up! And given that apparently, we currently have global shortage of more than 3 million cybersecurity professionals, clearly, we need to start leveraging the speed, scale and sophistication AI-powered tools can bring to our organisations to fight fire with fire.
Scale vs Skills – The Micro Picture
Many business and board leaders are feeling a complicated mix of excited, alarmed and overwhelmed by the scale and complexity of security and AI challenges and decisions they are being asked to navigate right now. Whilst noone actually expects your CEO or your board to become cyber or AI experts overnight, smart leaders are acknowledging they don’t know what they don’t know and are leverage a variety of outside expertise to fill their skills and capabilities gaps.
The challenge when you’re flying a blind into the headwinds of extreme change, however, is being able to ask to the right questions and apply the answers to your organisation’s unique context. And in the case of exercising some form of governance over emerging cyber security and AI trends, there are two things we know for sure.
- Boards and execs WILL inevitably be expected to navigate and lead their organisations through an actual or suspected cyber incident, and
- Boards and execs NOW have a very human role to play in assessing and planning for the positive and negative potential of Generative AI on their organisation, their people and data.
The Top 10 Questions to Ask (and Get the Answers to) in 2024
If you’re heading into 2024 not sure about what it is you don’t know, here’s our guide to the Top 10 Critical Questions right now. The answers to these questions are what will need to define your IT security and governance priorities and direction for 2024 and beyond.
- What are some recent examples of cyberattacks on similar organisations to ours and how did they affect victims?
- What are today’s cyber attackers? Where do they come from and what tools do they use?
- What decisions will the management team and the board need to make in the event of a cyber incident? Who will you call? When will you go public? Are you prepared to negotiate/pay a ransom?
- Can you describe the cyber risks that might be unique to your organisation? Are they quantifiable in some way?
- Do you know of your most vulnerable areas and the gaps in your security capabilities?
- Do you know what Generative AI does? How does it find and produce data and content?
- How is it that AI has amplified security complexity but also enhanced cyber threat detect and response capabilities?
- Have you examined potential roles, tasks or use cases where AI might be used beneficially in your business?
- What risks do sanctioned and unsanctioned use of Generative AI pose to your organisation?
- Have you set or communicated any “ground rules” around ChatGPT or other generative AI tool use in your organisation?