Recently, Guy Podjarny, President of Snyk & I talked through an investor’s view of AI’s impact on security & data.

What’s changed with AI?

A reckless data security leak threatens the career of a head of data, just as much as a mismanaged security incident ends a CISO (chief information security officer)’s. Clorox, Uber, SolarWinds, Target, JPMorgan, Facebook, Equifax, & CapitalOne : All these CISOs have been fired in the last ten years for security issues.

Data has emerged from the shadows of internal-use-only to a critical ingredient in marketing, sales, customer support, & product - external roles.

For example :

• An account executive might paste in some data about a customer’s usage of a product to create a line chart for a pitch.
• A marketer may combine internal growth metrics with industry growth rates to show the company’s increasing market share.
• A product manager may build a chatbot using internal knowledge base articles & customer support conversations from the last few months.

In 2024, we’ll see data and security professionals collaborating to avoid disaster in use cases like these because AI increases the security surface area markedly :

Data loss prevention (preventing sensitive data from leaving a company), compliance with regulation, explainability - why a model produced a calculation - top the list.

But there’s more that matters : model drift or degradation over time, observability, and misuse. Models respond to human input : malicious user input induces toxic answers from models. In fact, there are now two kinds of models : censored & uncensored.

Uniting the domain expertise of the security leader with that of the data leader will be critical to ensure the successful use of AI.