If you aren’t investing in AI, you’re going to get left behind. Today, Phillip and Alistair welcome Ray Ellis, Head of AI Security at Philip Morris International (PMI). Ray, an AI enthusiast with a background in information security, discusses his journey from the Royal Tank Regiment to leading AI security initiatives at PMI. He shares insights on AI-driven security strategies, the importance of gamifying training, and the challenges of integrating AI securely. Ray highlights PMI's approach to AI adoption, including decentralized assessments, third-party risk management, and future-proofing against emerging technologies like quantum computing. The episode also delves into the successes and obstacles faced in AI security, offering valuable advice for those looking to enter the field.

Takeaways:

• Educational Gamification: Explore innovative training methods, such as gamification, to enhance engagement and learning. Consider creating interactive, game-based training modules for your team to learn about AI security risks and compliance.
• Understand AI Risks: Develop a comprehensive understanding of AI-related risks, such as prompt injection and data hallucination. Identify these risks early and design controls to mitigate them effectively.
• Maturity Models: Use maturity models to assess and improve the security readiness of AI solutions within your organization. Track your progress and update your strategy as your organization matures.
• Strategic Risk Management: Implement a risk management framework to evaluate AI initiatives based on their impact on productivity and information security value.
• Security by Design: When developing AI solutions, integrate security measures from the outset rather than as an afterthought. Ensure that all stages from ideation to deployment consider security implications.
• Regular Audits: Conduct regular audits of AI systems and their security frameworks to identify and rectify any potential vulnerabilities. This could include both internal audits and third-party assessments to ensure a comprehensive review.

Quote of the Show:

• “The only thing stopping you is you.” - Ray Ellis

Links:

• LinkedIn: https://www.linkedin.com/in/ray-ellis-/
• Website: https://www.pmi.com/
• AI Cyber Hunter 1: A New Risk: https://ray51773.github.io/AI-Hunter_1/ (This introduces the New Risk of AI, and you need to speak to the SOC and CTI to understand the risks)
• AI Hunter 2: Agents Strike Back: https://ray51773.github.io/AI-Hunter_2/ (This is focused on Agents and the new types of risk that they bring)
• AI Hunter 3: Return of the Governance: https://ray51773.github.io/AI-Hunter_3/ (This is focused about AI governance and what the types of checks will be carried out and why)

Ways to Tune In:

• Transistor: https://agenticinsider.show/
• Spotify: https://open.spotify.com/show/2fCCuVl6tL5p2kEAwFCQNJ
• Apple Podcasts: https://podcasts.apple.com/us/podcast/the-agentic-insider/id1807346381
• Amazon Music: https://music.amazon.com/podcasts/9fe0482d-d798-4420-a93a-fc6653bce437
• Podchaser: https://www.podchaser.com/podcasts/the-agentic-insider-6057241
• YouTube: https://www.youtube.com/@iridiusAI