Framework Failings: Addressing the Lack of Responsible Deployment Guidance in Existing AI Frameworks
About This Session
Most AI governance frameworks provide extensive guidance on ethical AI development, aiming to ensure that companies building AI do so responsibly. However, most organizations – public and private – are not developing AI models. Instead, they purchase commercial AI tools to enhance some component of their workflow. This begs a critical question: how can organizations be expected to responsibly and securely deploy AI when this topic isn’t emphasized in any of the major AI frameworks?
This talk argues that they can’t – and that lack of emphasis on responsible deployment is an extremely concerning risk in today’s technology environment. First, this talk will showcase the shortcomings of existing frameworks, including the NIST AI Risk Management Framework (NIST AI 100-1, 600-1), OECD AI Principles, and the UNESCO AI Ethics Recommendations. We’ll then unpack cybersecurity, data privacy, and productivity use cases to showcase how a lack of responsible deployment leads to tangible business risk. Finally, we’ll discuss concrete components of responsible AI deployment that should be incorporated not only into AI governance practices by companies buying AI tools, but into the AI governance frameworks themselves.
Attendees will leave with a deeper understanding of the limitations in existing AI governance frameworks, how a lack of responsible “deployment” guidance leads to risk, and practical considerations to use in lieu of existing framework guidance for AI deployment.
This talk argues that they can’t – and that lack of emphasis on responsible deployment is an extremely concerning risk in today’s technology environment. First, this talk will showcase the shortcomings of existing frameworks, including the NIST AI Risk Management Framework (NIST AI 100-1, 600-1), OECD AI Principles, and the UNESCO AI Ethics Recommendations. We’ll then unpack cybersecurity, data privacy, and productivity use cases to showcase how a lack of responsible deployment leads to tangible business risk. Finally, we’ll discuss concrete components of responsible AI deployment that should be incorporated not only into AI governance practices by companies buying AI tools, but into the AI governance frameworks themselves.
Attendees will leave with a deeper understanding of the limitations in existing AI governance frameworks, how a lack of responsible “deployment” guidance leads to risk, and practical considerations to use in lieu of existing framework guidance for AI deployment.
Speaker
Celina Stewart
Director of Cyber Risk Management - Neuvik
Celina Stewart is the Director of Cyber & AI Risk Management at Neuvik, a cybersecurity services company. Celina specializes in designing and optimizing cybersecurity programs, taking a risk-based approach to cyber strategy, cybersecurity program development, and alignment of technical controls to reduce business risk, including risks from Artificial Intelligence (AI).
Celina is a recognized thought leader in risks associated with Generative Artificial Intelligence (GenAI) and Generative Adversarial Networks (GAN). She has been a featured speaker at high profile events such as SecurityWeek’s AI Risk Summit, CloudX, Blue Team Con and more. Her research focuses on the intersection of AI and cybersecurity, exploring topics such as emerging risks, AI and Insider Threat, and AI Governance.
Celina is a recognized thought leader in risks associated with Generative Artificial Intelligence (GenAI) and Generative Adversarial Networks (GAN). She has been a featured speaker at high profile events such as SecurityWeek’s AI Risk Summit, CloudX, Blue Team Con and more. Her research focuses on the intersection of AI and cybersecurity, exploring topics such as emerging risks, AI and Insider Threat, and AI Governance.