In a discussion at the RSAC 2025 Conference, Jonathan Trull, CISO at Qualys, stressed the necessity for organizations to revamp their security governance and risk management strategies in light of AI's growing prevalence. As firms adopt generative AI, they often overlook critical security considerations. Trull highlighted that while much of the conversation centers on securing sensitive data in AI-enabled products, essential questions about architectural security during LLM model development need addressing. Balancing innovation with cybersecurity risks is vital for organizations moving forward.
According to Trull, many conversations tend to focus on one thing when it comes to securing AI. "Everyone tends to focus on how to prevent sensitive data going into SaaS, AI-enabled products... But what about when you're building your own LLM models?"
At the end of the day, cybersecurity is about creating a balance between innovation and cybersecurity, and the risks that organizations are willing to take.
Collection
[
|
...
]