3rd Party Risk Management , AI-Based Attacks , Business Continuity Management / Disaster Recovery
Forrester's 2024 Predictions for Security, Risk and Privacy
Alla Valente of Forrester Discusses Governance and Accountability for AIForrester's "Predictions 2024: Cybersecurity, Risk and Privacy" report outlines five predictions to help security, risk and privacy leaders prepare for the coming year. Forrester senior analyst Alla Valente discussed these points.
See Also: Critical Condition: How Qilin Ransomware Endangers Healthcare
The predictions in the report are: More resources will be allocated to zero trust; vulnerabilities in AI-generated code will be actively exploited; the management of PII will face increased regulatory scrutiny; cyber insurers will exercise greater selectivity; and organizations will acknowledge the limitations of solely relying on training to prevent breaches.
With increased regulatory scrutiny on AI over the coming year, organizations using applications such as ChatGPT must effectively manage third-party risk. "So many applications today leverage aspects of generative AI in their applications, and some of the customers using those applications don't even realize that the generative AI is already embedded," said Valente.
She encouraged organizations to consider the following questions: "Do you know if you're leveraging AI that is from a third party? Do you know where that data came from? Do you know how that data was trained? Do you know how they've been able to test and continue to optimize that?"
In a video interview with Information Security Media Group, Valente discussed:
- The significance of governance and accountability in the use of AI usage to achieve ethical and regulatory compliance;
- Measures organizations can take to proactively scan and secure AI-generated code to prevent potential breaches;
- How organizations can use applications such as ChatGPT to effectively manage third-party risk.
Valente is a senior analyst for security and risk professionals. She covers governance, risk and compliance, third-party risk management, contract life cycle management, and supply chain risk with a special focus on risk management frameworks. She helps Forrester clients establish strategy, adopt best practices, define a governance framework, and select technology to manage risk, improve business resilience, and add strategic value. Her research also includes ethics and trust in digital transformation, enterprise risk management, and protecting the organization's brand.