Leading the Charge - Security's Role in the AI Revolution

At the always excellent SF Engineering Leadership Community annual event, one of the speakers repeatedly indicated that security teams will be  the largest impediment to the rollout of Generative AI (GenAI) tools within the workplace. As the audience smiled and nodded along, it  highlighted to me that we still have work to do to move away from the perception of being the “Department of No” rather than strategic business enablers.

When it comes to GenAI, I’m very excited about our role in  delivering what will be one of the biggest productivity improvements in recent history. Through a series of upcoming posts, I hope to explore  some of the challenges and benefits of the technology to ensure those responsible for digital security don’t miss the most important “yes”  moments that move our organizations forward.

Organizational security is never about reducing risk in isolation -  it requires informed, forward-thinking decisions with broad context and  I’m looking forward to diving into the details that enable this.

In particular, I’m referring to this first generation of tools  backed by Large Language Models (LLMs) such as ChatGPT, Bing and Google Bard in the general workplace, Github Copilot for your developers or Jasper for your marketing team.

Business impact that touches all departments

First, let’s consider some of the basic use cases available now or in the near future:

• Business users will be able to generate complex  queries and manipulate data directly in natural language (vs a domain  specific language like R), democratizing access to insights from  internal business data. Iterating on those queries becomes as simple as a  follow up question and will let employees make faster, more informed decisions built on the fundamental underpinnings of their business. Similarly, they will gain the ability to automate repeatable tasks  formerly reserved for those wielding an IDE, freeing up time on more  value-added activities.
• Finance teams will be able to automate manual work around data entry and queries from customers, vendors and  employees. This will compound on the gains from new tools that make deep analysis on financial and business data trends faster and easier, giving them more time and better predictive analytics to make the strongest possible business decisions.
• Legal teams will reclaim  huge swaths of time delegating pattern driven work to AI based tools -  contract reviews, document drafting and case law / regulation research. This shift will enable lawyers to focus on leading complex negotiations, crafting innovative legal solutions, and providing strategic legal advice, amplifying their value and impact in the organization.
• Customer  service will be completely rethought. Chatbots will no longer be lifeless automatons you curse at but resourceful agents with access to the entire support knowledge base of a given company. This will elevate the role of customer service representatives, allowing them to act as  relationship managers, brand ambassadors, and problem-solving experts by  focusing on complex issues requiring empathy, judgment, and a deeper  understanding of customer needs.

This list is a tiny sample of what becomes possible. The rate of  innovation in both software and hardware all but guarantee that we’ll  continue to see huge improvements far beyond what we can imagine today. It’s both difficult to overstate the impact to every aspect of life coming this decade and impossible to imagine the possibilities about to open up.

Everyone, regardless of their field, needs to be  thinking about AI from the perspective of where the ball will be, not  where it is today.

In this case, AI will be in the hands of every single person  delivering immense productivity and functionality gains across every  department. For those in the security realm, there’s a huge opportunity to bring massive value to our organizations by enabling this technology  in a considered manner.

This moves security closer to where we should be - strategic  enablers informing balanced and thoughtful risk based plans that push  our businesses to stay ahead of the ever accelerating competition.

We all need to educate ourselves on not only the challenges, but  the innovation and efficiencies that AI enables. We can use the insights our unique position in the organization allows for to collaborate  across the business and deliver the tools that will allow us to rethink how we work.

I’ll be writing more posts on the intersection of security and AI  in the enterprise over the coming weeks and would love to hear from  colleagues about what you see as the largest unsolved challenges with adopting these tools!