2023-11-04 –, TRACK 1
AI appears to be the buzzword for the year, and the rapid improvements associated with AI models have seen a surge in use in a short space of time. Many businesses are jumping into AI for a variety of use cases, but can security professionals even hope to keep up with the rapidly changing features and capabilities to provide advice and guidance for the uninitiated? With the aim of sharing tried and tested wisdom from secure software engineering, this talk will show the overlap of risks with AI and any other business application, while highlighting some of the unique risks inherent with AI models. Sorting through these differences, professionals can start to apply secure design principles through sensible analysis of new and emerging technologies. This talk will go through existing operational and technical controls through an AI lens, using notable public examples of good and bad uses of AI to propose key principles for securing these projects. This will include guidance for understanding AI model limitations and suitability for projects, as it is not always the magic wand businesses hope for. Attendees will be able to use these principles to offer robust advice and guidance on the use (and potential misuse) of AI models, without having to reinvent the wheel.
Sarah is a Lead Cyber Security Specialist working in Bristol, with a background in operational risk management. They are currently a member of ISC2 (Certified Secure Software Lifecycle Professional) and have a specific interest in secure software engineering and web application security. In conferences, they can be found at the sticker table or in the vicinity of snacks.