top of page
Search

Gartner Says CISOs Need to Champion AI TRiSM to Improve AI Results

Writer: Inno-Thought TeamInno-Thought Team
Sep 28, 2023

Gartner Analysts Discuss the Management of AI Risks at Gartner Security & Risk Management Summit 2023, 26-28 September, in London, UK


By 2026, organisations that operationalise artificial intelligence (AI) transparency, trust and security will see their AI models achieve a 50% improvement in terms of adoption, business goals and user acceptance, according to Gartner, Inc.


Speaking at the Gartner Security & Risk Management Summit in London, Mark Horvath, VP Analyst at Gartner said, “CISOs can’t let AI control their organization. AI requires new forms of trust, risk and security management (TRiSM) that conventional controls don’t provide. Chief information security officers (CISOs) need to champion AI TRiSM to improve AI results, by, for example, increasing the speed of AI model-to-production, enabling better governance or rationalizing AI model portfolio, which can eliminate up to 80% of faulty and illegitimate information."

Not only does AI pose considerable data risks as sensitive datasets are often used to train AI models, but the accuracy of model outputs and the quality of the data sets might vary over time, which can cause adverse consequences.


The implementation of AI TRiSM enables organisations to understand what their AI models are doing, how well they align with the original intentions and what can be expected in terms of performance and business value.


Gartner analyst Mark Horvath is on stage at the Gartner Security & Risk Management Summit in London. Source: Gartner (September 2023)


AI TRiSM Is a Team Sport


AI TRiSM cannot be led by a single business unit. “It calls for education and cross-team collaboration,” Jeremy D’Hoinne, VP Analyst at Gartner. “CISOs must have a clear understanding of their AI responsibilities within the broader dedicated AI teams, which can include staff from the legal, compliance and IT and data analytics teams.”


Without a robust AI TRiSM programme, AI models can work against the business introducing unexpected risks, which causes adverse model outcomes, privacy violations, substantial reputational damage and other negative consequences.


AI Risk Management Priorities


Since AI may be seen as any other application, CISOs might need to recalibrate expectations within and outside of the team. Once the expectations are set, the CISO and their teams need to take the following five AI risk management actions:

  1. Capture the extent of exposure by inventorying AI used in the organization and ensure the right level of explainability.

  2. Drive staff awareness across the organisation by leading a formal AI risk education campaign.

  3. Support model reliability, trustworthiness and security by incorporating risk management into model operations.

  4. Eliminate exposures of internal and shared AI data by adopting data protection and privacy programs.

  5. Adopt specific AI security measures against adversarial attacks to ensure resistance and resilience.

 
 

Comments

connexion_panel_edited.jpg
CXO_8-in-1.png
subscribe_button.png

 

Disclaimer:

The information contained in this site is for reference only. While we have made every attempt to ensure that the information contained in this site has been obtained from reliable sources, we are not responsible for any errors or omissions, or for the results obtained from the use of this information. All information in this site is provided "as is", with no guarantee of completeness, accuracy, timeliness or of the results obtained from the use of this information, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, merchantability and fitness for a particular purpose. In no event will Ho Hon Asia Limited, its related partnerships or corporations, or the partners, agents or employees thereof be liable to you or anyone else for any decision made or action taken in reliance on the information in this site or for any consequential, special or similar damages, even if advised of the possibility of such damages.
Certain links in this site connect to other websites maintained by third parties over whom we have no control. We make no representations as to the accuracy or any other aspect of information contained in other websites.

2025 @ Inno-Thought and its affiliates. All rights reserved.

bottom of page