Lessons on AI and Cybersecurity for Regulatory Approaches
Explore insights from experts on integrating AI and cybersecurity in major corporations, understand the risks, and tackle challenges to defend against cyber threats effectively.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
A Few Lessons on AI and Cybersecurity for Regulatory Approaches Peter Swire JZ Liang Chair, College of Computing, Georgia Tech Rome Conference on State of AI March 14, 2025
Swire background EU/US data protection for a long time 1998 book: None of Your Business: World Data Flows, Electronic Commerce, and the European Privacy Directive 2000 WH official during Safe Harbor negotiations Today, lead the Cross-Border Data Forum
Project for My Cybersecurity Class this Month This month 3 major global corporations, active in Europe 2 in Fortune 100 Senior Vice President level how to integrate AI/Cybersecurity in their company These slides report what they said Cybersecurity for AI AI for cybersecurity How much to test AI before using for cybersecurity? Conclusions
Cybersecurity for AI Task how to defend against attacks on AI development Data and model poisoning risk 3d party risk is biggest libraries, tools, services New paradigm for cybersecurity risks Before access controls, limit access to network, cloud service, etc. For AI: Defend this: data -> model -> output Different attack surface
AI for Cybersecurity Phishing and deepfakes Quantity and quality of fake attacks much higher Need automation (AI) to counter Next generation for anti-spam, anti-phishing MUST use AI for defense given speed and scale of attacks
How much should we test and get certainty before deploying? Cybersecurity demands speed: Attacks and threats change so fast To defend the AI models and the organization Adopt/deploy defenses before fully tested Iterate/update often It is riskier if we don t deploy Business/competitive pressures demand speed Business leaders say the company must compete If not, customers won t use our services If our good cybersecurity slows us down, users will shift to services offering worse cybersecurity
Concluding thoughts These slides summarize what AI/cybersecurity business leaders are facing They try to fix the airplane while it is flying The pressures they face to move quickly To meet cybersecurity goals To meet business goals They see risks if don t deploy quickly Limits of or pressure on ex ante impact analysis I don t know what to recommend for European regulatory approach Here, a report on what AI development looks like to leading global technology companies
