Valorem Visions 3.4 - Securing AI Environments

Transcript

Steve Lazzara - Hello my name is Steve Lazzara I'm a Security Architect here at Valorem Reply and my Valorem Vision for 2025 is securing environment for AI. 

The biggest thing around AI is, it's not whether we going to use it because people are going to use it whether you do or not, but it's how are we going to use it, what should we do with it and how do we best utilize it within our company and our environment without putting anything at risk or jeopardizing the security of the firm before, you know, we turn this on and give it to everybody.

My vision for last year did come true. It was more and more people leveraging AI and the reason that I think that I would say that it came true is because AI adoption really has caught on in companies but not necessarily that the company caught on. It's simply that, for example, between 75 to 80% of company employees are leveraging AI, their company might not have it integrated in their environment but it is in use globally by users.

I expect to see that trend increasing as AI functionality becomes more prolific as it begins to infiltrate the mainstream even more and as it matures in its functionality and utilization. Which actually is the problem from a CSO or security perspective because you want to be certain that it is controlled and managed. When it's in your environment, you don't want people coming in, you want to know what they're using. Right now, it's just kind of a wild wild west out there and it really needs to be reigned and controlled and secured. So people are going to try to play catchup as companies are going to try to lock this down and either protect the data or protect their systems and protect their environment by trying to figure out how to limit AI's utilization within their company.

Here at Valorem Reply we have a couple different programs. Number one, is we really focus on the leveraging of Microsoft's purview for protecting the data functionality and protecting data and your intellectual property as a whole from exposure. This includes all of the different AIs not just Microsoft's Copilot but also looking at how to ensure that as users are bringing in other AI products that it does not necessarily allow them to do DLP or leakage of data outside of the environment even if it's accidental of the product trying to infiltrate and pick up that data due to nefarious actors. Additionally, we're leveraging the Microsoft's Defender for Cloud apps and the functionality of what is called sanctioning applications which has been around for a while just not a lot of companies who have been putting in the effort in order to sanction and de-sanction applications and then enforce that but with the infiltration of AI this is really something that's getting another hard look by companies to say we want to use AI but we really want to manage what it is that is being used for AI and so they're beginning to invest in that Defender for cloud apps sanctioning aspect and doing the work of limiting and controlling what is or is not now allowed in their environment. 

Learn more about our security offerings.