Key Insights for CISOs: Securing AI in Your Organization

This is a recording of the "MLSecOps Connect: Ask the Experts" session we held on March 12, 2025 with Diana Kelley.

Explore with us:

-AI's popping up everywhere from hospitals to factories. Are there any industries that seem behind on AI security and need to catch up? (02:17)

-For organizations that are just starting to adopt AI, what’s a rookie mistake to avoid when it comes to security? (04:11)

-Protecting data without encryption—especially live data. Some data analytics people talk about stochastic masking, etc…is encryption is the go-to for sensitive info or are there other options security teams should be exploring? (06:38)

-In industries like finance and healthcare, compliance talk around AI is starting to feel pretty intense. How can CISOs try to keep up and preserve their sanity at the same time? (09:53)

-Noticing any red flags in AI compliance that it seems most companies aren’t even looking at yet? (13:40)

-AI regulations and their rapid changeover over time: do they hinder innovation? (17:19)

-Security risks of large language models (LLMs). Are there any threats here that security teams are sleeping on? (19:20)

-Data poisoning attacks on AI—are those real problems right now, or is that just hype? (24:18)

-Any real-world stories about worrisome AI security breaches? What went wrong, and could it have been avoided? (26:56) -How much of AI security is really about getting people to stop doing dumb stuff versus just fixing the tech itself? (29:05)

-"Worried about insider threats to my AI ecosystem, but I don’t even know WHAT to be worried about." What are the biggest insider threats to AI? (31:13)

-What AI security aspects does Protect AI focus on? (34:19)

-What are the top 3 measures to build an MLSecOps program? (39:10)

-Are ML/AI-BOMs now in practice in the industry? How could this be brought more into companies? (41:42)

-Security considerations for Agentic AI systems (43:40)