Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
ColumnsCybersecurityCyber Tactics ColumnSecurity Enterprise ServicesSecurity Leadership and ManagementLogical Security

Cyber Tactics

AI security risks: Separating hype from reality

By investing in AI training and providing teams with the necessary tools, security professionals can harness the power of AI to enhance their capabilities and address the associated risks effectively.

By Pam Nigro, Contributing Writer
AI Security Risks

Just_Super / iStock / Getty Images Plus via Getty Images

Cyber Tactics - Pam Nigro
AI Security Risks
Cyber Tactics - Pam Nigro
December 14, 2023

The security community — along with its collaborators in fields such as risk, audit and governance — is actively grappling with the implications of generative artificial intelligence (AI). A recent ISACA survey on AI found that the majority of organizations do not provide training on the authorized use of generative AI, and three out of 10 organizations have established policies governing the use of AI technology. It is undeniable that AI poses substantive risks to enterprises, including security and privacy risks, but it is important to understand which threats are most serious and which are likely drawing too much attention. This will help enterprise leaders decide which measures can be implemented to guide their organizations to responsibly navigate this rapidly evolving landscape.

As someone who was part of the healthcare industry during a time when the idea of transitioning to cloud platforms caused significant apprehension, I can draw parallels to the current concerns surrounding AI adoption in the corporate world. Looking back, many of the anxieties related to the cloud turned out to be somewhat overstated. At a high level, the concerns regarding cloud computing were security, data privacy, compliance, access and legal issues. Today, cloud platforms are a common fixture across the corporate landscape, demonstrating their effectiveness and security. Just as the shift from traditional on-premises security to cloud-based security necessitated security professionals to adapt their expertise, the rapid adoption of generative AI presents a great opportunity for security professionals to pivot. By investing in AI training and providing teams with the necessary tools, security professionals can harness the power of AI to enhance their capabilities and address the associated risks effectively.

As with the cloud there are two deployment models for generative AI: there is public (such as ChatGPT) and private generative AI. The main distinction lies in accessibility and control. Public generative AI is available for a wide range of users and offers limited customization, while private generative AI is tailored to specific organizational needs, allowing for a higher degree of control over its usage, data handling and behavior. This difference in accessibility and customization makes private generative AI ideal for addressing unique business or industry-specific requirements, while ChatGPT, for example, is designed for general, public use. Security risks faced by companies are heightened when utilizing public generative AI platforms, as they introduce more potential for the compromise of sensitive information. This has led several companies to impose bans or restrictions on widely recognized generative AI platforms like ChatGPT. In contrast, well-resourced organizations have the option to invest in proprietary AI platforms, affording them greater control over data storage and protection. For many companies, a pragmatic middle-ground approach involves turning to third-party services, which are expected to become increasingly prevalent.



Just as the shift from traditional on-premises security to cloud-based security necessitated security professionals to adapt their expertise, the rapid adoption of generative AI presents a great opportunity for security professionals to pivot.”


To drive toward responsible usage of generative AI, the security, risk and IT functions all have important parts to play. IT teams will be responsible for restricting access to specific generative AI models. The risk function is involved in identifying, assessing and mitigating risks associated with generative AI to ensure responsible and ethical use, and must effectively define the organization’s risk appetite and tolerance. Security teams must ensure that data used to train and fine-tune generative AI models is handled with strict privacy and security measures. This includes anonymizing data, encrypting sensitive information and complying with data protection regulations. Security teams also work in tandem with legal and compliance teams to mitigate ethical and legal risks associated with generative AI, including issues like intellectual property infringement or generating deceptive content. The security team will monitor the use of generative AI for malicious purposes, such as creating deepfakes, spam or other harmful content.

As much as the inevitable hype cycle inflates some of the concerns around AI, there is no doubt there are significant risks, and there are not yet sufficient answers to some of the legitimate questions that exist. For example, what can be done about the advance of deepfake technology? Instances of AI effectively emulating individuals’ voice and speech patterns, potentially weaponized in deepfake calls, are deeply worrisome, particularly in the absence of well-established countermeasures. There are also evolving concerns related to AI in the context of creative fields such as art and music, as it impacts how people can protect their work and sustain their livelihoods. From a workforce standpoint, there are questions about some roles that could be replaced by AI, but there is no doubt that some areas, such as cyber threat hunting, can be enhanced by AI to augment human capabilities.

Whether you’re attending a security conference, scrolling LinkedIn or just bantering with industry colleagues, there is no escaping the intense discussion around AI’s impact on the security community. That conversation has been amplified throughout 2023 with ChatGPT and other generative AI platforms gaining mindshare, both inside and outside the enterprise. There is a lot of noise out there, so it is especially important for security professionals to focus on the real risks AI will present and not on every headline. By making informed choices such as minimizing reliance on public generative AI tools, investing in ongoing AI training and credentialing for personnel, and routinely updating organizational policies to address bias and fairness, ethical use, malicious use, and the most pertinent threats, enterprises can navigate the complex AI risk landscape with confidence and purpose.

KEYWORDS: artificial intelligence (AI) Artificial Intelligence (AI) Security risk assessment security program

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Nigro headshot

Pam Nigro is the Vice President of Security and Security Officer at Medecision. She also is an ISACA Board Director and was the 2022-23 ISACA Board Chair. Image courtesy of Nigro

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Columns
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Half closed laptop

Sudo Vulnerability Discovered, May Exposes Linux Systems

Person holding cellphone

Millions of Android, iPhone Users Could Be Sending Data to China

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • woman accessing a network with security protocols

    Counteracting heightened security risks for travelers, remote workers

    See More
  • Cyber and artificial intelligence

    Concerted push needed for AI training in security community

    See More
  • AI-powered phishing

    Combating the rising threat of AI-powered phishing attacks

    See More

Related Products

See More Products
  • 9780367221942.jpg

    From Visual Surveillance to Internet of Things: Technology and Applications

  • Whitepaper-Social-Media-3.gif

    Optimizing Social Media from a B2B Perspective

See More Products

Events

View AllSubmit An Event
  • December 12, 2024

    AI-Powered Security: Empowering Teams and Protecting Your Future

    ON DEMAND: Discover how artificial intelligence is revolutionizing modern security practices in this webinar “AI-Powered Security: Empowering Your Team, Protecting Your Future.”
View AllSubmit An Event
×
Just_Super / iStock / Getty Images Plus via Getty Images

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!