Is your org’s AI policy integrated into the IT security policy, or does it exist as its own separate policy?

Security Strategy & Roadmap Machine Learning (ML)

AI policy is integrated into IT security policy19%

We have a separate AI policy, but IT security policy includes section on AI security53%

AI policy and IT security policy are completely separate26%

Something else (explain in a comment)1%

77 PARTICIPANTS

523 views1 Comment

Sort by:

Fractional CIO in Services (non-Government)4 months ago

There's a 3rd angle in here and that's data classification and handling, which is often a policy distinct from IT Security.

Data classification has an impact on AI as there are certain types of informaiton or data you don't want/can't have an AI accessing.

To this end, the 3 policies should be seperate but cross referencing each other where appropriate.

Content you might like

Have you modified your phishing tests to reflect AI-enabled phishing campaigns that are more targeted & harder to identify?

Yes, for all employees33%

Yes, for some employees (high-risk roles/executives) 44%

No 22%

Other (explain in a comment)

View Results

How is AI implementation impacting your organization’s cyber insurance premium or coverage so far?

What's the biggest reason products fail?

No clear goal19%

Lack of internal alignment50%

Unrealistic expectations22%

Other (Please share below)6%

View Results

We are on the cusp of conducting a pilot of AI tooling - we intend to use Gemini & CoPilot, providing training, guidance & policy to our user group. Before we start we should conduct a risk assessment - my question is: can you recommend a tool or template?

I am interested in people who have tried generative AI coding projects. In your experience, are there project attributes that make generative AI coding capabilities a "good fit"? Are there project attributes that are likely indicators that generative AI will not result in something useful? I would think complexity of requirements is a big factor. If the complexity of the project or its requirements is low - I assume genAI coding can get you within the ballpark. For instance, logic stores: if your project has critical business logic spread out all over the place and not centralized I think that generative AI would not be able to make sufficient sense of that.

Is your org’s AI policy integrated into the IT security policy, or does it exist as its own separate policy?

Sort by:

Content you might like

Have you modified your phishing tests to reflect AI-enabled phishing campaigns that are more targeted & harder to identify?

How is AI implementation impacting your organization’s cyber insurance premium or coverage so far?

What's the biggest reason products fail?

We are on the cusp of conducting a pilot of AI tooling - we intend to use Gemini & CoPilot, providing training, guidance & policy to our user group. Before we start we should conduct a risk assessment - my question is: can you recommend a tool or template?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

GenAI Training Methodologies: Insights for Marketing Teams

2024 Cloud Spending: IT Balances Costs with GenAI Innovations

Generative AI Training for IT Organizations

Navigating the Future: The Evolution of GenAI in Legal

Take Your Insights On-the-Go