AI - It's a hot topic!
People are increasingly going to be using generative artificial intelligence (AI) systems at work and home with a view to increasing productivity, being more creative and make better data driven decisions. However, managing the risks of using generative AI is a hot topic and should be front of mind for organisations. Some steps worth taking to manage the risk are:
- Establish clear policy guidance regarding the organisations use of generative AI. As it is a rapidly developing technology, ensure you regularly update and review the policy guidance.
- Understand how different teams in your organisation intend to use AI, as the use cases will also help shape the policy guidance you provide to your users.
- Build and maintain a list of the generative AI tools your organisation is “allowed” to use. Review the terms of usage for those generative AI tools so aspects such as licensing, restrictions and IP terms are clearly understood.
For organisations that are planning to use and interact with generative AI we have drafted a guidelines document that covers some considerations on the use of that technology. Contact us to obtain a copy.
For our Policy Management as a Service customers the guidelines along with additional policy and best practice statement detail will be published in the first week of July via their Essentials or Premium version of PMaaS.
Considered a Cybersecurity Development Workshop?
A well-developed cybersecurity strategy, based on sound risk management practices, is critical to the defence of an organisation’s assets. The strategy and associated implementation plan will identify the steps necessary to ensure that resources are allocated across the organisation as effectively as possible. It is a crucial step in a roadmap that translates these priorities into actions in order to protect the organisation’s valuable assets.
Our Cybersecurity Development Workshop is a comprehensive assessment that will critique your organisations cyber security governance, risk management, and compliance programs against the ISO 27001 framework.
The workshop activity will take into account current your cybersecurity maturity, strategy and plan, and will result in a validated revised or new strategy with a prioritised roadmap for improvement.
- Project Kick off meeting, 2 x workshops (up to 4-hours per session) engaging with business owner(s), HR, IT, Risk and Governance etc
- Document findings from the workshops and a review of existing documentation.
- Follow up meetings with key stakeholders and subject matter experts to validate findings and deliver a draft of the revised or new strategy
An optional extension we provide on completion of the workshop sees Kaon Security providing advisory assistance in the form of a virtual CISO (vCISO) resource to help to maintain the currency and validity of the revised strategy and prioritised roadmap.
Contact us to discuss this workshop.
Policy Management as a Service V23 released
In our February newsletter we discussed the release of PCI-DSS version 4.0.
Our policy editors have recently concluded their work to review and upgrade policy content and associated mappings within Policy Management as a Service to align with the PCI-DSS version 4.0 standard.
The “new” content comprises of several new additional best practice statements and modifications to 51 of the existing best practice statements, to cater for the new requirements. Monitoring and Logging Guidelines have also been updated, and there are in total now over 630 mappings of the PCI standard to our library of best practice statements. If you have a requirement to adhere to and comply with the PCI standard then give us a call.
Trinity College Melbourne implement Policy Management as a Service
On determining Trinity College’s existing policies were outdated and needed a major overhaul, their Director of Information Technology realised there were a number of factors to consider, including costs, the need for specialised expertise and, the time required to create a set of comprehensive and effective policies. Click Here to read about how Policy Management as a Service helped the college complete their overhaul in a timely and cost effective manner.
Contact us to discuss how Policy Management as a Service can assist you put the foundations in place for a secure computing environment.
Breathe easy >