Generative AI has raised a number of security concerns as companies adopt different platforms. A guide for Chief Information Security Officers (CISOs) was released to manage risks associated with generative AI. 

Some of the risks evaluated include data privacy, copyright and confidentiality, behavioral responsibilities of AI, misinformation and threat actor evolution.

The guide identifies key questions that CISO should be asking to create a Generative AI policy within their organization:

  • Who is using the technology in their organization, and for what purpose?
  • How can they protect enterprise information while employees are interacting with Generative AI?
  • How can they manage the security risks of the underlying technology?
  • How can they balance security tradeoffs with the value the technology offers?