OWASP LLM AI Security & Governance Checklist: Practical Steps To Harness the Benefits of Large Language Models While Minimizing Potential Security Risks | A Conversation with Sandy Dunn | Redefining CyberSecurity Podcast with Sean Martin

Guest: Sandy Dunn, Consultant Artificial Intelligence & Cybersecurity, Adjunct Professor Institute for Pervasive Security Boise State university [@BoiseState]

On Linkedin | https://www.linkedin.com/in/sandydunnciso/

____________________________

Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin

____________________________

This Episode’s Sponsors

Imperva | https://itspm.ag/imperva277117988

Pentera | https://itspm.ag/penteri67a

___________________________

Episode Notes

In this episode of Redefining CyberSecurity, host Sean Martin and cybersecurity expert, Sandy Dunn, navigate the intricate landscape of AI applications and large language models (LLMs). They explore the potential benefits and pitfalls, emphasizing the need for strategic balance and caution in implementation.

Sandy shares insights from her extensive experience, including her role in creating a comprehensive checklist to help organizations effectively integrate AI without expanding their attack surface. This checklist, a product of her involvement with the OWASP TOP 10 LLM project, serves as a valuable resource for cybersecurity teams and developers alike.

The conversation also explores the legal implications of AI, underscoring the recent surge in privacy laws across several states and countries. Sandy and Sean highlight the importance of understanding these laws and the potential repercussions of non-compliance.

Ethics also play a central role in their discussion, with both agreeing on the necessity of ethical considerations when implementing AI. They caution against the hasty integration of large language models without adequate preparation and understanding of the business case.

The duo also examine the potential for AI to be manipulated and the importance of maintaining good cybersecurity hygiene. They encourage listeners to use AI as an opportunity to improve their entire environment, while also being mindful of the potential risks.

While the use of AI and large language models presents a host of benefits to organizations, it is crucial to consider the potential security risks. By understanding the business case, recognizing legal implications, considering ethical aspects, utilizing comprehensive checklists, and maintaining robust cybersecurity, organizations can safely navigate the complex landscape of AI.

___________________________

Watch this and other videos on ITSPmagazine's YouTube Channel

Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq

ITSPmagazine YouTube Channel:

📺 https://www.youtube.com/@itspmagazine

Be sure to share and subscribe!

___________________________

Resources

Announcing the OWASP LLM AI Security & Governance Checklist v.05: https://www.linkedin.com/pulse/announcing-owasp-llm-ai-security-governance-checklist-sandy-dunn-jeksc/

OWASP Top 10 for Large Language Model Applications: https://owasp.org/www-project-top-10-for-large-language-model-applications/

___________________________

To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:

https://www.itspmagazine.com/redefining-cybersecurity-podcast

Are you interested in sponsoring an ITSPmagazine Channel?

👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network