AI in check

August 2024 AI & Data Analytics, IoT & Automation


Ryan Boyes.

Artificial Intelligence (AI) is rapidly becoming embedded in our everyday lives, from the apps we use, to search engines, facial recognition, smart devices in our homes, and more. However, while AI has many applications and benefits, and businesses are exploring its use in various ways, there is also a level of risk involved, particularly when it comes to the data that AI uses. Risk management around AI is critical for any business, whether you have an AI strategy or not, because AI, simply put, is everywhere.

Global standardisation

Having an international standard in place to manage the long-term risk of AI is critical, especially because of companies like OpenAI recently disbanding their long-term risk team. The need for this is highlighted by the introduction of the International Standards Organisation (ISO) 42001 standard in December 2023. ISO 42001 provides organisations with best practices for governing AI effectively, with formalised standards around AI management systems and a focus on understanding the risk of AI. It offers a comprehensive approach to managing AI systems throughout their lifecycle.

While ISO 42001 is a separate standard and certification, it is also intrinsically linked to ISO 27001, the standard for information security, because AI relies on data to perform its functions. It is, therefore, impossible to effectively manage AI without also addressing information management systems. Every time anyone makes use of any AI system, whether this is part of corporate strategy or not, information is used and processed. It has become imperative that this is better understood and better managed; otherwise, organisations run the risk of information leaks, compliance breaches, and other issues around data security.

Intelligence requires information

The reality is that AI and automation are frequently applied to information in today’s world, often without our noticing or being fully aware. For example, if you use an AI platform like ChatGPT to build a document or help construct an email, which is something many people do without thinking, what information are you inputting to do this? If there is sensitive data like client names or company intellectual property, there is a risk of compliance breaches, as this information is now no longer under your control and could be stored, processed, and used in a way that goes against local legislation.

Even storing information in SharePoint, and then using Microsoft Copilot, could potentially be problematic, as the AI servers may be located outside of your jurisdiction, and this may breach laws that your company is required to adhere to. If there is an information breach, the potential implications could be dire. Organisations today need to be aware of how to manage the risks around AI when it comes to their information, and this needs to form an intrinsic part of both compliance and cybersecurity strategy.

Not just an IT problem

Information and information security are no longer just an IT problem; everyone uses information, and it must be managed and protected effectively. From an organisational perspective, this means businesses need to be aware of what AI tools are out there and freely available, what is being used in the company, how to manage potential risk, and, importantly, where it fits in with their overall security strategy. The borders between roles and responsibilities are blurring, and both information and compliance officers need to understand how AI is being used and ensure appropriate security controls are in place.

While becoming certified on ISO standards is not a legal requirement, they provide excellent frameworks to guide the risk mitigation process and ensure that effective, holistic information and cybersecurity strategies are in place. An experienced third-party security and risk provider can be an invaluable partner on this journey, helping businesses to understand risks and their impact, how to manage, mitigate, or accept risk, and implement the systems and controls to manage information security effectively as part of a holistic, overarching cybersecurity and cyber resilience strategy.

For more information contact Galix, 086 124 2549, [email protected], www.galix.com




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Can AI improve intruder detection?
DeepAlert AI & Data Analytics
Traditional surveillance methods are increasingly inadequate in today’s security landscape. For security companies, integrating AI-powered CCTV with cloud computing offers a transformative solution that enhances security and delivers significant cost savings.

Read more...
Workforce Consortium to reskill 95 million people
Editor's Choice News & Events AI & Data Analytics
ICT Workforce Consortium of global leaders has come together, committing to train and upskill 95 million people over the next 10 years, as 92% of jobs analysed are expected to undergo either high or moderate transformation due to advancements in AI.

Read more...
What is the level of safety and integrity of the software supply chain?
Information Security IoT & Automation
Organisations are embracing AppSec practices and focusing on their software security posture. However, they highlight that insufficient funding and security resources, plus a disconnect between developers and security teams, remain major roadblocks.

Read more...
Cellular IoT connectivity revenues reached € 12,4 billion in 2023
IoT & Automation AI & Data Analytics
A new report from Berg Insight says that global IoT connectivity revenues increased 16% to reach €12,4 billion in 2023 as the industry's advancement drives a shift towards a greater focus on reliability, security, and support for international deployments.

Read more...
Panasonic Industry offers multi-tier Matter Certificate Service
Smart Home Automation IoT & Automation
Panasonic Industry Europe is now offering PAN-MaX, a multi-tier Matter Certificate Service designed for device manufacturers selling in the smart home market, to simplify Matter enablement for smart home devices.

Read more...
SMART Estate Security returns to KZN
Nemtek Electric Fencing Products Technews Publishing Axis Communications SA OneSpace Technologies Editor's Choice News & Events Integrated Solutions IoT & Automation
The second SMART Estate Security Conference of 2024 was held in May in KwaZulu-Natal at the Mount Edgecombe Estate Conference Centre, which is located on the Estate’s pristine golf course.

Read more...
Latest AI solution to manage guards
DeepAlert Products & Solutions Surveillance AI & Data Analytics
No guard at the guardhouse? Guard under duress? Guard asleep? DeepAlert’s AI technology delivers real-time alerts to mobile phones and video management systems, helping you manage your guards more effectively.

Read more...
The critical role of data quality KPIs in driving business success
Editor's Choice Security Services & Risk Management AI & Data Analytics
Data is gold in our increasingly digitised world and needs to be refined to unlock its real value. Unrefined data can damage businesses, their competitiveness, and their ability to capitalise on opportunities.

Read more...
Zimbabwe's police nail criminal syndicate with facial recognition
NEC XON Editor's Choice Access Control & Identity Management News & Events AI & Data Analytics
NEC XON shared that its NeoFace Watch facial recognition system was successfully used by the Zimbabwe Republic Police (ZRP) to identify and apprehend a Chinese syndicate attempting to enter the country using fraudulent travel documents.

Read more...
Responsible AI in security
DeepAlert AI & Data Analytics
As AI continues to revolutionise the field of video surveillance, it is crucial to carefully weigh its benefits against the ethical and legal considerations that have been raised by individuals and organisations around the world.

Read more...