#212 - Repeatable, Attestable, and Defensible AI (with AWS's Former Deputy CISO Merritt Baer)

Dec 23, 2024

Merritt Baer, former Deputy CISO at AWS and Harvard Law graduate, offers expert insights on the future of cybersecurity. She discusses the complexities of cloud security and the critical shared responsibility model. AI's dual role as both a tool and a threat is explored, including the risks of AI-generated fraud. Baer emphasizes the importance of sustainable practices in security and predicts key trends for 2025, urging CISOs to adopt robust security measures amid evolving challenges and regulatory scrutiny.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Shared Responsibility in Cloud Security

Many misunderstand the shared responsibility model in cloud security.
Customers must secure their data in the cloud, while providers secure the underlying infrastructure.

INSIGHT

AI Shared Responsibility Model

An AI Shared Responsibility Model is needed to clarify security obligations.
It must delineate responsibilities between hosting companies, AI model providers, and end-users.

ADVICE

Framework for Secure AI Use

Develop a repeatable, attestable, and defensible framework for AI use.
Don't ban AI entirely; guide employees with policies and guardrails, focusing on risk reduction.

Get the Snipd Podcast app to discover more snips from this episode

Get the app