Rohan Kanungo’s Post

Google's SAIF Risk Assessment helps create an actionable checklist for practitioners responsible for securing their AI systems. #artificialintelligence #AI #dataprivacy #riskmanagement

Read “The AI Risk Matrix: A Strategy for Risk Mitigation“ by David Campbell on Medium:

This course covers legal issues, risk management, and various ways AI can be integrated into our environment. It also covers topics to think about before accepting an AI program's terms and conditions. Just finished the course “Leveraging AI for Governance, Risk, and Compliance” by Terra Cooke! Check it out: https://lnkd.in/dNafSVke #artificialintelligenceforbusiness #governanceriskmanagementandcompliance #AI #Compliance #Risk

To create a competitive advantage with AI, governance and risk management are more critical than ever. Our recent webinar tackled tough questions on this, such as: “How can companies balance innovation with risk mitigation, especially with LLMs?” Our experts' advice? Effective governance starts with registering models, documenting goals and limitations and continually monitoring performance. Tune into the on-demand webinar “Mitigating AI Risks: Governance Strategies for AI’s New Threats” to hear more top questions data science and IT professionals are asking about achieving fully governed AI without losing momentum. https://lnkd.in/gJDEjuUY

#GenAI presents a dual challenge for risk management, offering transformative opportunities while introducing new risks like bias and security vulnerabilities. EY's Sinclair Schuller, Samta Kapoor, and Kapish Vanvaria emphasize the need for a robust, adaptive risk framework leveraging #AI to enhance risk mitigation and ensure responsible deployment.

Advancing Generative AI Risk Management: Understanding Risks, AI Actors, and Mitigations Across the AI Value Chain.

Does OpenAI's release of GPT-4o increase the risk of emotional entanglement? Maybe. In this post I take a look at the National Institute of Standards and Technology (NIST) "Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile" and what it has to say about this risk.

Great points on needing to think & refactor your risk management on multiple fronts as you adopt AI at scale. Sinclair, Samta & Kapish are driving some amazing next-gen work in this space. Well done! Take a read...

There are different #AI #riskmanagement frameworks available, sometimes could be a little difficult to understand which is the most suitable for your case. AI risk management frameworks could be categorized in few keys areas: 𝐅𝐨𝐜𝐮𝐬 𝐚𝐧𝐝 𝐒𝐜𝐨𝐩𝐞: ► 𝐒𝐭𝐚𝐧𝐝𝐚𝐫𝐝𝐢𝐳𝐚𝐭𝐢𝐨𝐧 𝐯𝐬. 𝐀𝐝𝐚𝐩𝐭𝐚𝐛𝐢𝐥𝐢𝐭𝐲: ● 𝑰𝑺𝑶/𝑰𝑬𝑪 23894: Aims for international consistency, providing a standardized approach to AI risk assessment, treatment, and transparency. https://lnkd.in/dF3nThkw ● 𝑵𝑰𝑺𝑻 𝑨𝑰 𝑹𝒊𝒔𝒌 𝑴𝒂𝒏𝒂𝒈𝒆𝒎𝒆𝒏𝒕 𝑭𝒓𝒂𝒎𝒆𝒘𝒐𝒓𝒌 (AI RMF): Emphasizes flexibility and adapts to the specific needs of an organization throughout the AI lifecycle. https://lnkd.in/dnpHptGA ► 𝐓𝐞𝐜𝐡𝐧𝐢𝐜𝐚𝐥 𝐯𝐬. 𝐄𝐭𝐡𝐢𝐜𝐚𝐥: ● 𝑳𝒂𝒌𝒆𝒓𝒂'𝒔 𝑨𝒑𝒑𝒓𝒐𝒂𝒄𝒉: Focuses on the specific security challenges of Large Language Models (LLMs). https://lnkd.in/d8YCPmYk ● 𝑬𝑼 𝑨𝑰 𝑨𝒄𝒕: A legal framework prioritizing ethical considerations and human rights alongside risk management. https://lnkd.in/dhmqqxFB ► 𝐏𝐫𝐞𝐬𝐜𝐫𝐢𝐩𝐭𝐢𝐯𝐞 𝐯𝐬. 𝐎𝐮𝐭𝐜𝐨𝐦𝐞-𝐛𝐚𝐬𝐞𝐝: ● 𝑴𝒄𝑲𝒊𝒏𝒔𝒆𝒚'𝒔 𝑭𝒓𝒂𝒎𝒆𝒘𝒐𝒓𝒌: Offers a more prescriptive approach, outlining specific steps for business risk management in AI development. https://lnkd.in/dVPfKbC2 ● 𝑴𝒐𝒔𝒕 𝑭𝒓𝒂𝒎𝒆𝒘𝒐𝒓𝒌𝒔 (NIST AI RMF, ISO/IEC 23894): Provide an outcome-based structure with core functions and categories for risk management but leave room for specific implementation. ► 𝐄𝐧𝐟𝐨𝐫𝐜𝐞𝐦𝐞𝐧𝐭: 𝐑𝐞𝐜𝐨𝐦𝐦𝐞𝐧𝐝𝐚𝐭𝐢𝐨𝐧 𝐯𝐬. 𝐑𝐞𝐠𝐮𝐥𝐚𝐭𝐢𝐨𝐧: ● 𝑴𝒐𝒔𝒕 𝑭𝒓𝒂𝒎𝒆𝒘𝒐𝒓𝒌𝒔: Serve as recommendations or best practices for organizations. ● 𝑬𝑼 𝑨𝑰 𝑨𝒄𝒕: A legally binding regulation with varying levels of compliance required depending on the risk level of the AI system. ► 𝐂𝐡𝐨𝐨𝐬𝐢𝐧𝐠 𝐭𝐡𝐞 𝐫𝐢𝐠𝐡𝐭 𝐟𝐫𝐚𝐦𝐞𝐰𝐨𝐫𝐤: The best framework for your organization depends on your specific needs and priorities. Consider factors like: ● The type of AI system you're developing. ● The level of risk associated with your AI system. ● Your organization's size and risk management culture. In the most of the cases, furthermore regulatory requirements, it could be beneficial to use a combination of frameworks to address different aspects of AI risk management. #infosec #informationsecurity #cybersecurity #risk #regulatory #cybersec #cybersecurity #ciso #iso #cso https://lnkd.in/dCSu7RVN

National Institute of Standards and Technology (NIST) has recently published a draft publication "AI Risk Management Framework (AI RMF) Generative AI Profile" to specifically address the risks associated with GenAI. Under the broader context of NIST AI RMF, GenAI is one key use case to address from risk perspective. Why the targeted risk management? 👉 Identify and manage the unique risks, provided Generative models are the new and unknown horizons with unlimited possibilities and complex LLMs. What are the key risks associated with GenAI? 👉 Bias, Accuracy, security vulnerabilities, potential misuse Does NIST provide actionable guidance? 👉 While it is still in draft stage, NIST proposes over 400 potential actions that organizations can take to mitigate and manage these risks. These actions are customizable to organization's context and risk tolerances. Its not one size fits all, what's the best approach? 👉 Align the AI Security strategy with overall business strategy, goals and objectives. This profiling by NIST is being done through a collaborative process involving a public working group ensuring diverse range of perspectives and expertise. What other use cases can you think of? #NISTGenAI #NISTRMF #AIRiskManagement #RiskManagementFramework